Slashdot Mirror

← Back to Stories (view on slashdot.org)

Users Rejecting Security Advice Considered Rational

Posted by kdawson on from the no-thanks-for-the-externalities dept.

WeeBit writes "Researchers have different ideas as to why people fail to use security measures. Some feel that regardless of what happens, users will only do the minimum required. Others believe security tasks are rejected because users consider them to be a pain. A third group maintains user education is not working. [Microsoft Research's Cormac] Herley offers a different viewpoint. He contends that user rejection of security advice is based entirely on the economics of the process." Here is Dr. Herley's paper, So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users (PDF).

2 of 389 comments (clear)

  1. Re:Wasted time by AmberBlackCat · · Score: 1, Flamebait

    You're only "Insightful" cause you're on Slashdot. In the real world, they'd point out all the stuff you can't do on Linux, like print a photo. And somebody like me would point out that I've never had to reinstall Windows on this computer and the only security measure I took was getting rid of Norton and installing a real antivirus. And that alone is going to get me modded away again. But you know I'm right.

  2. Re:Interesting by BobMcD · · Score: 0, Flamebait

    We've done the experiment on a massive scale and the results continually come back (and are even repeated here on slashdot with depressing frequency, as it really shouldn't be news any more.) with high confidence:

    Bullshit! There's no way you gave one group a placebo, another the vaccine, and induced autism in a third group. There's no way, NO WAY, you have reached any kind of repeatable experimental certainty in human beings.

    You're lying already, either to prop yourself up or shore up a weak argument, but either way I'm done reading what you have to say.