On Saturday 13 November 2004 09:43 am, Siri Amrit Kaur wrote:
> How do you explain the security risks of viruses, worms, spyware, etc. to
> people who need to take security seriously, but have NO technical
> background and don't want to believe that:
well, thats a very good question and, disappointingly, its also the hardest
one to answer. Security has to be "personalized". It cannot be thought of as
"someone elses problem".
>
> 1. Their home computers are vulnerable.
> ("When I bought it 3 years ago it had Norton on it. Have I updated it? I
> think it does that automatically. You mean I have to pay for Norton?")
ah yes. typical "end-user" mentality. they don't think of all that software
the same way they would think of "insurance" on the car, or gasoline (but it
is!).
>
> 2. They have anything on their computer that anybody would want.
seen that a few too many times
>
> 3. Bad guys would ever crack "their" computer
actually whitnessed this happen on a new install of win2k. infected in 4 hours
from install to infection, AND, I had to fight the script kiddie for control
every step of the way.
>
> 4. Having their computer used for Distributed Denial of Service attacks
> matters because they don't understand what a "server" is, therefor it can't
> be a big deal.
yeah, 'till their ISP cuts them off. THE it becomes a BIG DEAL.
>
> 5. Keystroke loggers really can trace their sensitive data.
> (I don't believe that happens, but even if it does, who cares if their bank
> account gets raided? You just log a fraud complaint with the bank! Identity
> theft? I don't really believe it would happen to me!)
I am living proof that it does happen (I was declared dead in 1995 due to
identity theft).
>
> 6. Their computer could be used as a porn server
> ("What's a 'server'? You're just paranoid. I don't believe it and I don't
> have time to go to the websites you recommend or read the stuff from CERT
> you printed up for me")
see reason #4
>
> I've tried to explain to them what can happen to compromised systems. No
> matter what I say, no matter how much I try to dumb-it-down for them, they
> don't "get" it, their eyes glaze over and they and ultimately respond with
> "But I don't care." Their level of denial and deliberate naivete is
> dumbfounding!
Welcome to the world of the Technomage (folks like us who have skills that
are, by all appearances, magic). There are very few people anymore who can
even understand the technology, let alone how to use it or even what to use
it for. Most humans don't like to think unless absolutely forced to. Its the
same with technology. they expect it to work, no more, no less. These
"appliance users" don't want to understand. its in their natures.
>
> So, "how do you solve a problem like Maria?"
well, the only way they can learn is through first hand experience. until
then, they discount everything you say (its a hard life, but then, nothing
worthwhile is ever easy, now is it?).
Technomage hawke
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)