But I would give my bank credentials to Zuckerberg (say we meet at a restaurant in Palo Alto and he asks for it). The asymmetry of the situation means that he will lose much more than the meager amount in my account if he steals the money. So that questions is rather silly.
I understand that the question really means "give you credentials to Facebook", where Facebook is proxy to any big company. This is a harder question, but one that I face often in practice, giving out bank account info, SSID number, credit card numbers, etc. The answer, evidently (since I and millions of other people do give this information out) is yes. The above answer still applies, these companies still stand to lose more than me if this information leaks or they mismanage it.
In summary, the richer and visible an entity (real or corporate) is the better I feel about providing sensitive information, if it should be provided. This means that teh sort of main message used here ("would you give your account info to") is irrelevant. Being open source is a huge step up, but for the general public either it doesn't mean much or else is a detriment, since the thinking is that, if it's open, "hackers" can also see the code and find ways to exploit it.
So how can a small startup ever compete with large established companies, since this creates a chicken and egg problem?
I spent the better part of a year and a half on the premise that consumers care about data ownership. Spoiler alert, they don't. It's a similar concept in terms of what hackers tend to value.
There is a (small) niche of people that care about this stuff. But I can't help but feel that we, as hackers, try to communicate why others should care. Perhaps they should, I don't know. But what I do know is that they don't.
We end up wasting precious time and energy trying to convince someone who blatantly trusts Facebook that they should not. And we use phrases like "a company that's business is to sell your data".
I agree completely with you and after having worked at a large company (Yahoo!) on their security team I can confidently say that your data is safer with a large company than on some small or even self hosted software.
I'm not trying to convince hackers not to hack. I'm saying to not waste time convincing the general population. Scratch your itch and find the niche that actually cares about what you're building and talk their language.
The problem is that he will have an always more accurate profile of you. Your incomes/expenses tell a lot about you, some info that interest a lot of people...
The consequence is that FB will sell your always more accurate profile (or give it to the NSA :-)
I understand that the question really means "give you credentials to Facebook", where Facebook is proxy to any big company. This is a harder question, but one that I face often in practice, giving out bank account info, SSID number, credit card numbers, etc. The answer, evidently (since I and millions of other people do give this information out) is yes. The above answer still applies, these companies still stand to lose more than me if this information leaks or they mismanage it.
In summary, the richer and visible an entity (real or corporate) is the better I feel about providing sensitive information, if it should be provided. This means that teh sort of main message used here ("would you give your account info to") is irrelevant. Being open source is a huge step up, but for the general public either it doesn't mean much or else is a detriment, since the thinking is that, if it's open, "hackers" can also see the code and find ways to exploit it.
So how can a small startup ever compete with large established companies, since this creates a chicken and egg problem?