The security bond idea is interesting, like a public bug bounty program. But I expect it wouldn't accomplish its intended purpose for the same reason IoT security is so lackluster now: the vast majority of consumers don't care.
Maybe put it the other way, a company can apply for a security investment, if they can show their security is reasonable and working for a certain time they get to keep the money. If not then they have to pay it back and some of it goes to the person/group who demonstrated the flaws. This way a business is incentivized to pay attention to security, and can even use that to build public trust with their consumers.
On the post: Our First Greenhouse Topic: Privacy
Re: Space Rocket
The security bond idea is interesting, like a public bug bounty program. But I expect it wouldn't accomplish its intended purpose for the same reason IoT security is so lackluster now: the vast majority of consumers don't care.
Maybe put it the other way, a company can apply for a security investment, if they can show their security is reasonable and working for a certain time they get to keep the money. If not then they have to pay it back and some of it goes to the person/group who demonstrated the flaws. This way a business is incentivized to pay attention to security, and can even use that to build public trust with their consumers.
On the post: Introducing The Tech Policy Greenhouse: Let's Have Thoughtful Conversations About The Biggest Tech Policy Challenges
This sounds very cool. if the comments are going to span multiple posts, I'll have to make an account to keep track of them. :)
Hi everyone.
Next >>