Humans Not Evolved for IT Security

Stony Stevenson writes to tell us that at the recent RSA Conference security expert Bruce Schneier told delegates that human beings are not evolved for security in the modern world, especially when it comes to IT. "He told delegates at the 2007 RSA Conference that there is a gap between the reality of security and the emotional feel of security due to the way our brains have evolved. This leads to people making bad choices. 'As a species we got really good at estimating risk in an East African village 100,000 years ago. But in 2007 London? Modern times are harder.'"

Ah.

[Estanislao+Mart�nez]

The only place where I think he's totally off base is calling the brain "a patchwork". It's not, in fact. It's extremely finely tuned to do what we need it to do...It makes us ferociously competitive animals, and that is proven rather than disproven, by all the security problems that we've been having. If we weren't competitive, we wouldn't have problems. The fact that not everyone works at the same level is irrelevant.

Ah. So, unlike Schneier, you are both an evolutionary biologist and a neuroscientist. Thanks for setting the record straight.

This article is trash and the author irresponsible

[j4ck50n]

"Risks that could be controlled - The DC sniper caused a few deaths but the response was way out of proportion."

What an ignorant, insensitive ass. Please, do tell, how could the response have been better managed? A shooter on the loose for weeks taking out random targets at will. Response out of proportion?

I think of the woman shot in the head standing next to her husband while loading their car after shopping. Ponder for a moment, the emotion involved in that single death. The intensity of that moment. A few deaths indeed.