OK, so here I am trying to educate students (and Internet) users of the need for better security practices, and then I see a paper that argues that "rejection of security advice is entirely rational". Humm, this should be an interesting read. The paper is available on Cormac Herley's site:
So Long, and No Thanks for the Externalities: the Rational Rejection of Security Advice by Users
published at NSPW 2009.
I haven't read the paper carefully, as yet -- but in general I do agree (with some reservations) with the author, unless you are the victim, of course!. IT security these days is hard, especially since the number of users and the usage patterns are growing everyday...probably a reason (among several others) that the cost-benefit is poor when it comes to security advice. Until I read this article, I used to think security advice and awareness is a 2-wall problem.
wall 1: I don't know why this is a security problem
wall 2: ah, I know what the security problem is -- but I don't know how to solve it
Are we breaking these walls down now?
Friday, April 16, 2010
Friday, March 5, 2010
Cyber crime -- will it ever stop?
An interesting article in today's news ..after the arrest of a ring of hackers who created "Mariposa" ..a botnet network to steal personal information. There seems to be a debate on whether it is better to go after the bad-guys? ..or protect ourselves in the long run by education/awareness? You decide :)
Click here for the complete article on CNN Tech
Click here for the complete article on CNN Tech
Subscribe to:
Posts (Atom)
