(alexschapiro.com)

560 points bearsyankees | 1 comments | 12 May 25 16:39 UTC | HN request time: 0s | source

Show context

9283409232 ◴[12 May 25 17:16 UTC] No.43965328[source]▶

There's no penalty for failing at privacy and security so companies would rather play the odds that they will be fine than invest in proper practices. Alex says Cerca is being misleading when it comes to encryption but it seems to me they are outright lying and will likely face no consequences for it. In a more just world, this would trigger so many regulatory and compliance audits.

replies(3): >>43965421 #>>43965598 #>>43965867 #

MaKey ◴[12 May 25 17:41 UTC] No.43965598[source]▶

>>43965328 #

The GDPR allows for huge fines, so for companies operating in Europe there is an incentive to take privacy and security seriously.

replies(1): >>43965892 #

1. brazzy ◴[12 May 25 18:06 UTC] No.43965892[source]▶

>>43965598 #

Namely, up to 20 million EUR or 4% of the previous year's revenue, whichever is larger.

↑

I hacked a dating app (and how not to treat a security researcher)