| HN Mirror

> there's nothing special the attacker can do with your machine that they couldn't do with their own machines.

Any obtainable CPU power, memory, IP address or storage is an asset, so they could:

  Run processes such as password cracking on your machine while still
  having their own to use.

  Store sensitive or illegal data encrypted on your disks as a dropbox
  for themselves or others.

  Launch recon scans or attacks from your device, using your IP address
  while staying hidden and leading the authorities back to you.

  Set up your machine as a proxy for routing other traffic, leveraging
  your geographical location.

  Set up your machine as a node in a distributed compute farm for
  mining, cracking or other tasks.

  Sell access to your assets to other bad hackers.

  ... we could literally go on for hours with ideas about how using
  *your computer instead of their own* gives an advantage and thus
  presents a motive.

> So this is just fear-mongering.

Two points I'll make:

  Maybe you *should* be afraid of all the ways contemporary
  cybersecurity is an absolute shitshow. Fear is not the best motive,
  but *is* a motive for making changes. There's a reason we have that
  part of our brains and the emotion it provides.

  I'm sorry you feel worried about what I said. Even though the
  threats are real I don't believe in scaring people. I think a better
  way is through education and empowerment.  That's why I produce work
  like the Cybershow [0], where we try to make cybersecurity a little
  bit fun and irreverent. Come and listen to some shows if you care
  about computer security for yourself and people you love.

[0] https://cybershow.uk