Techlore Surveillance Report Q&A: Security Through Obscurity
Sep 25, 2024
Dive into the debate on whether 'security through obscurity' is a viable strategy or just a distraction. Discover what privacy regulations should look like to genuinely empower users against corporate data mishandling. The discussion highlights the manipulation of privacy laws by companies and the obstacles users face. Learn about the importance of robust regulations combined with education and technology to enhance user protection and privacy. It’s a call for comprehensive strategies in the evolving landscape of digital security.
AI Snips
Chapters
Transcript
Episode notes
Obscurity Helps But Can't Be The Only Defense
- Relying solely on security through obscurity is fragile and will eventually fail.
- Used as one layer in a defense-in-depth strategy, obscurity meaningfully raises attackers' costs.
Layer Your Defenses
- Practice defense in depth by combining obscurity with other measures like data removal and disinformation.
- Don't depend on a single technique because attackers only need one success.
Give Individuals The Right To Sue
- Include a private right of action in privacy laws so individuals can sue companies directly.
- Allow per-item damages (e.g., per photo used) to increase enforcement pressure on bad actors.