Slashdot Mirror


Users Rejecting Security Advice Considered Rational

WeeBit writes "Researchers have different ideas as to why people fail to use security measures. Some feel that regardless of what happens, users will only do the minimum required. Others believe security tasks are rejected because users consider them to be a pain. A third group maintains user education is not working. [Microsoft Research's Cormac] Herley offers a different viewpoint. He contends that user rejection of security advice is based entirely on the economics of the process." Here is Dr. Herley's paper, So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users (PDF).

4 of 389 comments (clear)

  1. Simple answer by Anonymous Coward · · Score: -1, Troll

    "Experts" in so many fields have lied to normal people so often nobody believes anybody who calls themself an expert anymore.

    Look at the global warming scientists who lied to us, look at the large hardon collider scientists who lied to us, look at the autism doctors who lied to us. Is it any wonder why nobody believes "experts" anymore? Doesn't take an expert to tell you why!

  2. Re:This is not a "new" interpretation by luckyXIII · · Score: 0, Troll

    Not always. Sometimes they're dumber than you think they are.

    --
    Some people have it coming - I'm just the delivery system.
  3. Re:This is not a "new" interpretation by Anonymous Coward · · Score: -1, Troll

    They're dumber.

  4. Want security? Buy a Mac by WillAffleckUW · · Score: 1, Troll

    Want security? Buy a Mac.

    Want s/w that breaks? Buy Windows.

    Want to roll your own and get every ounce of power out - use a Linux distro.

    At one point I was the acting security officer for Pacific Region. If people can subvert security they will.

    Not much has changed in the security sphere for a long time, and difficult security just begs to be subverted.

    --
    -- Tigger warning: This post may contain tiggers! --