- Dec 23, 2014
- 8,598
lol, the authors state nowhere in their paper that they are skeptical of the results of any study they reviewed.
So do I. I am skeptical about conclusions that can be derived from the review by the readers. The authors of the review are very cautious about conclusions. They often wrote that the particular surveys show or suggest something. They do not write that this is an accepted truth.
what they said is that they cannot make a broad statement of psychological theory based upon the limited studies, but they have no question whatsoever that users are a primary cause of their own unsafe behaviors.
They do not question it, but also they did not write it. Here is what is written in the review:
The home computer user is often said to be the weakest link in computer security.
...
Anecdotal evidence, surveys, and studies suggest that home computer users often do not adequately understand the threats, or have the time, desire and knowledge to be able to handle them.
It does not look like insisting that users are the primary cause of their own unsafe behaviors. Of course, in my opinion (not science) the above statements are most probably true.
please explain what needs to be confirmed through statistical studies when a computer user downloads a software crack, then installs it, infects their machine, and then self-reports "i did it because i wanted the software"? when you poll 100 people on the street and ask them questions about computer security and 70 of them state "i don't know" or "i don't care," what exactly needs to be confirmed? the participant statements are a matter-of-fact and the only conclusion is this... "70% of the participants either do not know or do not care."
The problem is that when you poll 100 random people in another place, then the result can be 30% and somewhere else 90%.
This is the statement of the authors in the conclusion of the study (they are not stating anything that is already not established fact and there is no expression of doubt by the authors):
"However, many studies suggest that users often do not understand the threats and sometimes are not willing or able to incur the costs to defend against them. At least three studies [24], [50], [32] found that users still want the benefits of potentially unsafe behavior."
Have you noticed the word "suggest"? For me, if the research only suggests something, then it is not scientifically confirmed. That is probably a difference in our meaning of science. Anyway, from my experience (not science), this suggestion is most probably true.
Edit.
It is your thread. But, I think that our discussion became out of topic and hardly understandable to the readers.
We cannot agree on the basics (what is science)! I have already said, that I can accept this difference. MalwareTips is not a scientific forum.
Last edited: