[Sigia-l] Tagged: Malicious Social Network
Livia Labate
liv at livlab.com
Tue Apr 24 00:46:03 EDT 2007
Ziya Oz wrote:
> Livia Labate:
>> It's a tough world to be in when you have to reconcile the expectations
>> for being secure and safe versus minimal user effort.
>>
> At face value, this is a very sensible proposition.
>
> [...] there's a much bigger issue here that far transcends technology: the social contract. [...] So the meaning of 'minimal' above is critical. [...] It's impractical to demand users to
> become more actively involved in online security [...]
>
I couldn't agree more, which is why it's so tough. The reason we did
this research was precisely to help the business understand that
bombarding the user further with educational campaigns and constant
software updates is not what's going to make their lives more secure (or
even have them just /perceive/ it as more secure for that matter), but
instead, to invest in the more tedious/difficult//long-term/unglamorous
task of revisiting those system-level architectural and design decisions
made long time ago.
Did it work in terms of getting the point across successfully? Nope,
they decided to invest in some minor redesign focusing on the
educational campaigns and constant software updates. However, we planted
a seed about what we should really be doing. It's not going to happen
today or tomorrow, but doing our homework and bugging people about our
research findings goes a long way over time :)
More information about the Sigia-l
mailing list