Humans Not Evolved for IT Security 302
Stony Stevenson writes to tell us that at the recent RSA Conference security expert Bruce Schneier told delegates that human beings are not evolved for security in the modern world, especially when it comes to IT. "He told delegates at the 2007 RSA Conference that there is a gap between the reality of security and the emotional feel of security due to the way our brains have evolved. This leads to people making bad choices. 'As a species we got really good at estimating risk in an East African village 100,000 years ago. But in 2007 London? Modern times are harder.'"
really (Score:5, Funny)
I wonder how many days would that guy last in an East African village 100,000 years ago.
Ms Abacha? (Score:5, Funny)
Humans Not Evolved for IT Security (Score:5, Funny)
Smith (Score:5, Funny)
--Agent Smith on IT security
Re:Humans Not Evolved for IT Security (Score:5, Funny)
Re:Humans Not Evolved for IT Security (Score:1, Funny)
Too bad Windows isn't.
Re:Ms Abacha? (Score:4, Funny)
Re:What a pile of carp (Score:4, Funny)
5.Building an insecure system from the ground up and expecting the users to fix it.
Re:really (Score:3, Funny)
Re:really (Score:5, Funny)
Us white, rich folk never had it so tough.
Also, you really ought to be awarded with some sort of "waste of a condom" trophy.
Re:His arguments are logical, but... (Score:3, Funny)
Then, it sounds like we need a lethal, compulsory video game with a computer security theme.
Re:so what? (Score:3, Funny)
Well, for any equations where the solution is "go fuck yourself!", "I got somethin' you can solve, sugah!", or "no seriously, go fuck yourself" the subjects in my test study pass with flying colors.
Re:really (Score:5, Funny)
Come on. Bruce Schneier is like the Chuck Norris of the IT industry. He'd outlast us all!
Remember. There are no prime numbers, only numbers that Bruce Schneier doesn't want you to factor [geekz.co.uk]!
Re:No I'm not (Score:4, Funny)
Open letter to God (Score:5, Funny)
Anyway you should only trust Humans V1.0 after SP1 has been released.
Re:Stupid Crap (Score:5, Funny)
IT GUY: Your PC is insecure.
CEO: It's your job to secure it, dumbfuck. Give me a secure computer.
IT GUY: Yes sir.
Re:Lets think about this. (Score:3, Funny)
Actually, sounds like what you can't see WILL in fact eat you.
Re:Probably (Score:2, Funny)
Re:Ms Abacha? (Score:3, Funny)
Re:because people want the easy way (Score:3, Funny)
The relation between beer/security can most properly be illustrated by this graph [imageshack.us]
Re:so what? (Score:3, Funny)
My goodness, this is simply untruth! While it may be so in the white halls of academia, where such things as "fair dice" and "independent events" are bandied about as though they actually exist in their perfect mathematical forms, it isn't so in the harsh reality of the craps table! Allow me to explain. You see, when you roll a die and it lands as a six, this means that the one side is facing down. While bouncing and rolling each side of the die will contact the table only momentarily, but just prior to stopping the die will have one side contacting the table and will move ever so slightly until friction eliminates its remaining kinetic energy. This friction creates heat on the one, which is held in by the felt table, while the six is facing up and exposed to the air currents and thus is cooled. As hot objects expand and cool objects contract, and a less dense object is more buoyant than a dense one, this creates a natural tendency for the subsequent roll to favor landing one-up rather than six-up. Successive rolls of six will only increase this heat differential. So you see, the gambler's intuition is correct that they are "due" for a one as the odds every increasingly push the die in that direction.
I have myself used this fact to acquire vast sums of money from casinos, to the point where I was able to purchase a casino myself. You should come and visit and play at my craps table. I'm sure with my the knowledge I've given you, you will soon be buying the casino from me!
Re:Smith (Score:1, Funny)
--Trinity on the ability of software security to defeat a determined human attacker
Re:Open letter to God (Score:2, Funny)