[dundee] Are Users Right In Rejecting Security Advice?
Rick Moynihan
rick.moynihan at gmail.com
Thu Mar 18 13:46:43 UTC 2010
On 18 March 2010 13:28, Kris Davidson <davidson.kris at gmail.com> wrote:
> I'd like to make the point that these are the same users who complain
> bitterly at companies like Paypal, Google, their bank and their ISP
> when information is lost, identity stolen etc due to personal
> negligence.
Some of these criticisms are doubtless unfounded, but many are
relevant... The systems built by such companies (e.g. credit cards
with their notions of identity) are completely inadequate... Users
are largely forced into adopting these systems regardless and either
aren't really informed or don't fully understand where the divisions
of responsibilty lies.
So I disagree with the attitude that users are the problem. The
problem and responsibility lies with the systems themselves.
Punishing users might work and might lead to marginly less security
incidents but it's completely the wrong attitude to solve the problem.
R.
More information about the dundee
mailing list