Sirwin
Sirwin

A simple way to prove that a hack was not your fault


1. A very serious problem

We all know that crypto world is a "Wild West" where there are no legal protections. But, in the fiat world we expect at least some legal protections. For example, there are many laws to protect our bank and financial accounts, personal data, etc. What is happening now is very alarming. Banks and businesses are violating these laws and blame customers for cyber security hacks and data breaches. Here are some examples: https://www.bbc.com/news/business-55286037 https://www.cbc.ca/news/business/banks-deny-compensation-online-fraud-security-1.5322982 

https://calgaryherald.com/opinion/columnists/corbella-victim-of-fraud-says-his-bank-treated-him-like-a-criminal-and-wont-return-his-money

https://www.cp24.com/video?playlistId=1.6596608

There are so many such cases that authorities started punish banks and businesses for violations.

Here are some examples:

https://www.moneyworks4me.com/company/news/index/id/319307

https://www.bleepingcomputer.com/news/technology/citibank-sued-over-failure-to-defend-customers-against-hacks-fraud/

https://www.scmagazine.com/analysis/us-financial-firms-face-growing-regulatory-fines-for-poor-security-management

2. What arguments are used to blame victims?

Banks and businesses blame customers for these cyber hacks and data breaches. The most used arguments are the following:

a) a customer clicked on a phishing link and is responsible for the hack;

b) a customer uses weak or reused passwords and is responsible for the hack.

3. How to defend yourself in such cases?

To prove that you had not clicked on any phishing link you need to get certified records from your ISP (internet service provider) of all web sites you had visited. If in these records will not be the phishing link then you will prove that the hack is not your fault.

To prove that you do not use weak and reused passwords you can show:

a) a list of all your accounts, apps, devices, electronic locks, etc. for which passwords are required and

b) a record of a payment for a private dynamical passwords generator (DPG).

A private DPG, with a single click, generates 100 unique super-strong passwords for multiple accounts, devices, apps, electronic locks/doors, etc. These passwords do not exist in the real world, outside of a time interval on which they are generated and used. Can anyone hack something that does not exist in the real world?

The logic of defense is the following: if a person paid for and uses a tool to generate unique super strong passwords for ALL her/his accounts then this person can not be blamed for hacks due to weak or reused passwords.

If you will be asked to prove that the passwords are super-secure then copy-paste any password into the field on this passwords strength testing site https://www.passwordmonster.com/ 

p1 

How do you rate this article?

12


I_g_o_r
I_g_o_r

I am curious about science, technologies and their applications to solving real problems.


Simple solutions to complex problems
Simple solutions to complex problems

Each post is devoted to a simple solution to a complex problem.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.