Can we make computers secure faster than scammers can exploit their flaws?
In his latest Alertbox column, Jakob Nielsen argues that User Education Is Not the Answer to Security Problems: When there is a mismatch between technology and people, the answer should not be to change the humans.
Hard to argue with that. His suggested solution: encrypt everything, digitally sign everything else, turn up the security to max, automate updates, and most of all polish the usability of security features. Oh, and “criminalize [sic] and hunt down spammers, phishers, virus writers, eBay fraudsters and others who violate users’ rights.”
I like Jakob: he’s an optimist for idealism, whose ideas on Web design have had a remarkable effect on many web designers (even if not their clients). I’d like to think he could be right here, but the problem is he’s not talking to a lot of individuals who can directly benefit from taking his advice; amidst others there’s a big company which generally puts features ahead of security.
Plus, people are very, very resourceful. Where there’s a scam to be done, they’ll do it. No program is perfect; ditto security.
- These posts might be related (the database thinks..):
- BT customers scammed by Trojan diallers still have to pay up.. while BT pays the scammers (7 October 2004; score: 67.08%)
- The problem with the "justifiable hacking" defence (16 July 2004; score: 45.74%)
- Is eBay fundamentally broken? Or is it just the users? (16 November 2004; score: 44.51%)
![[Valid RSS]](wp-includes/images/valid-rss.png "Validate my RSS feed"){kind=small}