Big box retailers seem to be able to comply with regulations mandating physical safety. Digital security requirements could be enforced by a similar system.
Because "physical safety regulations" is something that the majority understands, so it's hard to argue against that in public. With digital security, most people lack the mental models to follow the discussion, so it's really easy for lobbyists to tell them flatout lies about how those damn dems are out to take their smart lightbulbs away from them.
I explicitly formulated very carefully that this is not an issue of "people are dumb", but an issue of lack of understanding. I wish I could downvote your strawman.
Are you claiming that most people do understand computer security? My experience is that even many computer-savvy people (already a small fraction of overall population) are completely baffled by its intricacies.
Is liable? AFAIK strict liability only applies in specific cases, in general cases negligence applies. The claimant would have to prove that there was a breach of duty and a reasonable person would have done something to prevent the damage.
> Cloudfront or similar should offer DDoS protection for free as a gesture of goodwill, it's good bragging rights for CF so everyone wins.
Well, it is still a lot of wasted resources (bandwidth, energy, compute) for everyone involved (ISP, CF, attacker, defender, compromised machines), so I wouldn't be so quick to say that "everyone wins".
I found that really informal comments cut less deep 'hey man this needs double checking, read up on $x and then reconsider this block' (gender aside) is far better received than 'This is missing fundamental concepts around $x read up on them then rewrite this block'
I still don't understand why services don't attempt to bundle more. All my media is pirated, which conveniently ends up in a single app.
I'd probably consider a $10-15/AUD streaming service if it included all the music, movies and party-music-video playlists I need /in one app/. It'd be a pretty tactical move to bundle that all into a decent internet plan, too.
But judging by the TV shows my sickchill server and automatically nabs and pushes to my plex server my tastes would require 4-5 separate services and be in the range of $40-60/month, so I guess I'll keep doing what I currently do.
I don't imagine $15 for all that is enough to keep producing content, they'll happily lose you to piracy in the hopes of keeping and retaining a larger audience who will pay.
There's lots of 'Do we need Kaspersky' type questions in here already. The more pertinent question is whether AV is actually effective, or if stronger countermeasures like application whitelisting are needed?
You would need a document whitelist since many programs can be hijacked using buffer overflow attacks or outright support execution of arbritrary scripts.
I'll also point out that defending against buffer overflows which are considered vulnerabilities is a far saner boundary than a blacklist of files which grows infinitely.
Or we could, you know, just stop using Microsoft Office and Adobe products which are a huge, if not the biggest culprit of that kind of crazy behaviour.
