|
|
|
|
|
|
by BeautifulSynch
929 days ago
|
|
|
I think the difference here is whether we're considering the plausibility that there aren't any security violations versus the overall frequency and severity. Centralization significantly increases the chance that all the systems involved will be safe; that's what makes it so useful for individual organizations, where centralizing their operations wouldn't attract significantly more bad actors to try breaking their security than decentralizing. But if we have centralization on the scale of a society, then anyone interested in any of the groups using that centralized source of secure data storage/transfer will be drawn to look for the flaws in that source. And there are always flaws, either technical, legal (as with the government spying mentioned elsewhere in the comments), or otherwise. And once any group manages to infiltrate that one source, they get access to everything dependent on it. Sure, decentralized security is harder to get together, meaning we have an initially-high violation rate that decreases over time (though this can be supplemented by security-conscious users taking their own steps to protect their data).
But centralized security at sufficiently large scales essentially guarantees a breach impacting everyone within its domain; and the kind of trust that would be required to sustain such centralization also anti-correlates with users independently adding additional layers of security to their systems. This seems like a much greater risk than just accepting that users who are "impervious to education" will be vulnerable to certain social-side exploits, while everyone else will be reasonably safe. |
|
|