| There are two things I want to respond to here. First, I agree with everything you just said about rising fear
and the total disconnect of actual risk from how it is presented. See my response above to sdwr viz emerging protection rackets in
computer security, and my later comment about Ross Anderson's
important paper after which I (and Edward Snowden) have found the
words "Insecurity Industry" rolls off the tongue - for example
Amazon's Ring Doorbell ecosystem which cynically preys on distorted
perceptions of suburban crimes. Other people have commented on that here, and I think they are
correct. But let's not allow that to distract us from the reality that
cybersecurity is in an appalling state and that the risks are very,
very real, and getting worse. The "insecurity industry" exploits that - while offing no substantial
solution, and indeed has no interest in fixing things (as a principal
agent problem) - but that's separate from the threat reality. A great way to understand this might come from reading some of Bruce
Schneier's wonderfully clear writing on security theatre and security
perception. They sell the problem and the solution. Fear and safety
often come in the same packaging, like those Taco kits or fruit and
yogurt combos. Anyway - not wishing to end argumentatively but "minimising" is
appropriate because sdwr makes aspersions to grandiosity. It is a
really strong characteristic to gaslight or undermine the other as
"over-dramatic" etc, not just downplaying the facts.
respects. |