pull down to refresh

This link was posted by bo0tzz 2 hours ago on HN. It received 60 points and 35 comments.
It certainly isn’t free to secure data. It takes engineering effort, among other things. But I agree that it should all be secured. I also agree that most businesses don’t view it as critical, unless they’ll get in serious trouble if they don’t do it.
This is one reason why I was eager to do the work on SN which removed the storage of email addresses in plaintext if you choose to login using one. It felt good to further secure stackers’ data in that way
reply
Storing client CC information should be illegal the business can only process it not to save it. We can do it and create the laws for it yet we don't because that's a business and we don't give $hit if your info is stolen... sad but true
reply
What about subscriptions? Don't they need to store them for that case?
reply
Especially for subscriptions. You know you need something long term get an annual one with renewal reminder. It means you are in control of you financial data not some third party vendor. For renewals store them in your browser or your favorite credential saving device. We need to shift that responsibility back to the owner. How many times they "renewed" something you forgot (how conveniently for them?) and you can't get a refund? They should ask for permission each time and store that vs your CC numbers. World would be a better place in my humble opinion.
reply
This is why you should never spend money without thinking about how much you need the product. If each purchase could lead to a security breech, you will buy only when you need to. Or maybe it is time to report your card as lost every year or so, so you can get new numbers that arent attached to anything.