Don Marti

Thu, 15 Sep 2005

Why User Education is not the Answer

(updated 15 Sep 2005: added link, example)

Jakob Nielsen has a good point that User Education Is Not the Answer to Security Problems.

And "Educating Users" made the Six Dumbest Ideas in Computer Security.

End-user instructions for legitimate web sites and IT products are more counterintuitive than the instructions for being victimized by a phishing scam or the instructions for decrypting and installing a social engineering worm.

As long as the industry is willing to make users do complicated and incomprehensible things, attacks that depend on confusing the user will succeed.

/tips   #  

--
Don Marti <dmarti@zgp.org>

index

powered by blosxom

This banner is hidden from standards-compliant browsers. If you can see the banner, consider switching browsers.

photodropper DirectBuy Yahoo TMDA Lexmark Linux news from LinuxWorld.com Scientology AdTI SSH SCO CP2102 Linux Herbalife Jerry Reynolds VX30 PowerPoint Matt Harrison nutzwerk intelligent design Eaton Powerware