[asiachick]

I believe users won't care until it's common for there to be repercussions from not caring. If not caring means my odds of having my savings account stolen are %20 a year then people would start caring. As it is there are few directly attributable repercussions. Just vague worries about future problems.

As it is what are the odds of any one user running into issues because of lack of security and privacy? It seems fairly low.

It seems like an opportunity for Apple (assuming they're actually better) to run some scare ads (99% of people scammed via there computer were running Windows/Android) if that's true. If it was true a good ad campaign could get people to care?

For internet stuff how about 98% of the people who got their bank accounts hacked were hacked by leaks of data on Facebook. (probably not true and not provable)

Maybe we need some security insurance who will then audit software and only insure customers that use certified software? They'd have an incentive for their audits to be good because they pay out if it turns out the software is not secure And if their market was big enough then software creators would want to be certified.

It's even possible some standard sandboxes could help make it easy to certify. Add this sandbox to your app and you're certified? Maybe some OSes that already have sandboxes would automatically get certified but server side you'd need audits?

Just throwing out ideas.