It is great that people are becoming more and more aware of this. But I genuinely don't think it's enough. I mean, I agree with A). I'm right here with you hoping for a better world. And slowly but steadily, more people seem to care about privacy and security. Just a few days ago the 300,000 signature milestone was reached for initiating a referendum about a new mass surveillance law. Public awareness is growing and I love that. But I don't think it is enough. Public awareness means that the low hanging fruit of insecurity is getting caught: I don't know anyone my age who isn't careful about their social media presence, and most people know not to connect to any WiFi network that looks free. The main reason I linked to that discussion and the core of my argument is that we're now seeing fuckups so massive, so far-reaching that there is nothing you or I can do about it. Awareness is futile against an entire WPA protocol being insecure. Similarly, there will be companies that have your data, and they will at some point fuck up royally, and there is no researching or 'adjusting your behaviour' or bear spray that can stop it. Take Equifax: it's an oligopoly of three credit agencies, so there isn't enough pressure on any of those to get them to change their behaviour. Especially not since their real customers are the companies that buy their data. Maybe the government manages to break the market up or sets strict rules, and I really hope they do for the sake of everyone involved, but I highly doubt it. I mean, it used to be just email / credit card data, like when Target or Adobe messed up. Now it's home addresses, SSNs, full names. Identity thefts are going to have a field day. What can normal people even do against that? Bear spray doesn't do shit against a tsunami.
It's gonna be truly dope when the biometrics get out. You can change a password but if Google or Apple leak your fingerprint... and I know that Google and Apple don't "have" your fingerprint. They have a hashed cipher of markers of your fingerprint. But nobody realized Sony was storing user data and passwords in plaintext until it got out and I've seen no reason to trust either organization implicitly. Eventually, there will come laws for improper data hoarding and breaches of secure information. There will be civil and criminal penalties for mishandling sensitive data - I mean, if you forced anyone that works with credit card or social security numbers to be HIPAA-compliant you'd see an instant sea change. But this will not happen until it is too late and there has been substantial damage done, and our legislators will fight it tooth and claw, democrat and republican. And the NSA will still get it, and the NSA will still leak it, and we'll be right back where we started except the lawyers will be rich.What can normal people even do against that? Bear spray doesn't do shit against a tsunami.