On 12/14/20 19:44, Laszlo Hanyecz wrote:
This stuff is definitely the most visible type of scamming but this is not any different from swindling people at a flea market. It isn't so much hacking as just using internet to communicate with people and then tricking them. I think this is a different skill set than gaining access to personal data though.
Gaining access to someone else's computer's files has historically not been a big deal, so I'm guessing it didn't become a huge problem because there was little to gain from doing it. It might be inconvenient for people, it might be used as part of a larger con against a victim, but it still requires a lot more steps to profit from it. We all know that we can't stop that from happening, but even going back to the early 90s we've had malware protection vendors making money off this fear, and the problem has now reached a point where the placebo security won't cut it and we'll have to start figuring this problem out.
The impact of these kinds of breaches has always been minor, but in the past 10 years we've placed more and more things into primary storage on a computer, including cryptographic secrets which only function if they're kept secret. Losing a wallet full of credit cards isn't as bad as losing a wallet full of cash. There wasn't any way to put money into computer files before, but now there is. Even if only a few people carry money, if it's easy to steal millions of wallets and costs nothing, it's worth doing it for the hope of eventually hitting a money holder.
There is value in hacking services in the cloud to gain user information. Right now, hacking credit rating clearing houses is big business, as an example, because almost every piece of single information of any economically-active member of society is on there. And there has been some success in obtaining that information, the effects of which we are not yet able to really quantify. Mark.