The security dilemma
Will we ever be able to achieve good security on the Internet and elsewhere? One big obstacle is that more security means less convenience. And people tend to prefer convenience. Professor Don Norman of Northwestern University has written an essay, When Security Gets in the Way, where he discusses the tendency to sacrifice security for usability and what can be done about it:
The numerous incidents of defeating security measures prompts my cynical slogan: The more secure you make something, the less secure it becomes. Why? Because when security gets in the way, sensible, well-meaning, dedicated people develop hacks and workarounds that defeat the security. Hence the prevalence of doors propped open by bricks and wastebaskets, of passwords pasted on the fronts of monitors or hidden under the keyboard or in the drawer, of home keys hidden under the mat or above the doorframe or under fake rocks that can be purchased for this purpose.
He goes on to say that the situation is not hopeless:
Does added security make things more difficult to use? Will people always resent the extra steps? The answer to both questions is the same: Not necessarily. Consider the physical world of doors and locks. Locks on houses, cars, and private records get in the way of easy access, but are tolerated because they seem necessary and the amount of effort required to open them usually seems reasonable. Note the two different components: the understanding of the necessity for protection and the reasonableness of the effort required. Both are design issues. And both require at their base, a coherent, understandable conceptual model of both the need for security or privacy and the workings of the mechanisms that enforce them.
Via Bruce Schneier
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Sorry, the comment form is closed at this time.