Humans Not Evolved for IT Security

Stony Stevenson writes to tell us that at the recent RSA Conference security expert Bruce Schneier told delegates that human beings are not evolved for security in the modern world, especially when it comes to IT. "He told delegates at the 2007 RSA Conference that there is a gap between the reality of security and the emotional feel of security due to the way our brains have evolved. This leads to people making bad choices. 'As a species we got really good at estimating risk in an East African village 100,000 years ago. But in 2007 London? Modern times are harder.'"

Re:do you want to check my shoes?

[AndersOSU]

Heh after following your link, and a couple more, I got to this page where the TSA defends its current policy on liquids at check points.

This is a gem

We also paid close attention to the idea of terrorists combining multiple small bottles in a larger container or combining many small bottles together after going through the checkpoint. Due to the extreme volatility of liquid explosives, the international consensus was that those scenarios don't represent a significant threat.

So imagine, a terrorist is on a plane with seven three once bottles, and is prepared to blow up both the plane and himself. Fortunately, he wouldn't dare try to combine the liquids into a large container, because the chemicals are extremely volatile, and there might be some sort of explosion...