Users Rejecting Security Advice Considered Rational

Posted by kdawson on Tuesday March 16, 2010 @09:32AM from the no-thanks-for-the-externalities dept.

WeeBit writes "Researchers have different ideas as to why people fail to use security measures. Some feel that regardless of what happens, users will only do the minimum required. Others believe security tasks are rejected because users consider them to be a pain. A third group maintains user education is not working. [Microsoft Research's Cormac] Herley offers a different viewpoint. He contends that user rejection of security advice is based entirely on the economics of the process." Here is Dr. Herley's paper, So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users (PDF).

1 of 389 comments (clear)

Min score:

Reason:

Sort:

Re:Wasted time by dave562 · 2010-03-16 11:10 · Score: 0, Offtopic

Hassle comes down to perception. I torrent and my g/f and friends use my Windows 7 box and I don't have any problems with it. I setup Linux but it was too much of a headache. With Windows 7 and a standard user account, it's pretty hard for your average ignorant user to screw up the computer too badly. As soon as they try to do anything that involves installing software or changing system settings, they are prompted for credentials.
If you're ranting about XP, keep on keeping on. It is a PITA. That meme still works. Hell, even Windows 7 is a hassle because once again Microsoft moved everything around.