| > It’s telling that you don’t know how wrong this is, but feel qualified to redesign a mature industry anyway. Banks are highly regulated and spend billions on security — that’s why the major breaches which are routine in the cryptocurrency world don’t have an analog in the real financial system. I don’t want to get into some pissing match about my qualifications but I’ve seen the insides of a number of large financial institutions and their security first hand while working in the security industry. Your argument is that they’re regulated and have a large security spend which is sufficient, my counter argument is that they’re bloated and that large spend is largely security theater. Doing things like spending money and installing Carbon Black on a server in some closet to check the “endpoint protection” box to auditors is not the same as a competent team sitting down and building an infrastructure with effective defense in depth principals. Crypto is immutable which can be dangerous but that edge of it is also spurring novel research into things like hardware wallets, multi sig smart contracts, and multi party computation which are real tangible ways to alleviate some of these problems (and other, non-crypto space problems as well). You call it a bug, I call it a feature. Ultimately crypto’s immutability is a form of global free market Darwinism playing out where protocols that are well designed (and again, really really give a shit about their security) are the ones that continue to exist. Shitty protocols built by incompetent people get hacked and die. Darwinism is not a “design flaw”, it’s what allowed us to transcend living in caves and build society. Has it all been smooth and easy? Of course not, but evolution rarely is. E-commerce had its own rocky start too. > They know that there would be significant penalties if they lose customer resources or grant access to your account improperly, but they don’t spend it on the same things. Just because banks have reduced the tail end consequences of their ineptitude and crappy behavior doesn’t mean that it’s scalable globally and forever with no cost for those that use it or prop it up (U.S. banks largely rely on U.S. govt for this compensating control, as well as bailouts when they’re too big to fail), and I will point out that major financial institutions/networks have been getting hacked for decades at this point, but especially in the early days. There are tons of cases of theft, fraud, and abuse in the traditional banking sector (https://en.m.wikipedia.org/wiki/2015–2016_SWIFT_banking_hack). Fin firms tend to hire “crisis management” firms to spin media coverage and offset the negative PR when it happens though, which makes it ok in the public eye. I’m not sure what banks you’re referring to here but every major bank has been doing anti consumer and illegal stuff for a long time, whether it’s Wells Fargo (https://www.forbes.com/sites/jackkelly/2020/02/24/wells-farg...) or JPMC (https://www.justice.gov/opa/pr/jpmorgan-chase-co-agrees-pay-...). Just because they’ve offset the risks from this shitty behavior doesn’t suddenly make this behavior palatable or something we should accept IMO. The Equifax breach comes to mind as well, but don’t worry because they’re still around, and they were so nice as to offer everyone a year of identity protection (…offered through equifax) as compensation for their gross negligence. They definitely learned their lesson though right? |