Colorado State Computer Science: The Psychology of Security for the Home Computer User

Status
Not open for further replies.

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
lol, the authors state nowhere in their paper that they are skeptical of the results of any study they reviewed.

So do I. I am skeptical about conclusions that can be derived from the review by the readers. The authors of the review are very cautious about conclusions. They often wrote that the particular surveys show or suggest something. They do not write that this is an accepted truth.

what they said is that they cannot make a broad statement of psychological theory based upon the limited studies, but they have no question whatsoever that users are a primary cause of their own unsafe behaviors.

They do not question it, but also they did not write it. Here is what is written in the review:

The home computer user is often said to be the weakest link in computer security.
...
Anecdotal evidence, surveys, and studies suggest that home computer users often do not adequately understand the threats, or have the time, desire and knowledge to be able to handle them.

It does not look like insisting that users are the primary cause of their own unsafe behaviors. Of course, in my opinion (not science) the above statements are most probably true.

please explain what needs to be confirmed through statistical studies when a computer user downloads a software crack, then installs it, infects their machine, and then self-reports "i did it because i wanted the software"? when you poll 100 people on the street and ask them questions about computer security and 70 of them state "i don't know" or "i don't care," what exactly needs to be confirmed? the participant statements are a matter-of-fact and the only conclusion is this... "70% of the participants either do not know or do not care."

The problem is that when you poll 100 random people in another place, then the result can be 30% and somewhere else 90%.

This is the statement of the authors in the conclusion of the study (they are not stating anything that is already not established fact and there is no expression of doubt by the authors):

"However, many studies suggest that users often do not understand the threats and sometimes are not willing or able to incur the costs to defend against them. At least three studies [24], [50], [32] found that users still want the benefits of potentially unsafe behavior."

Have you noticed the word "suggest"? For me, if the research only suggests something, then it is not scientifically confirmed. That is probably a difference in our meaning of science. Anyway, from my experience (not science), this suggestion is most probably true.

Edit.
It is your thread. But, I think that our discussion became out of topic and hardly understandable to the readers. :unsure:
We cannot agree on the basics (what is science)! I have already said, that I can accept this difference. MalwareTips is not a scientific forum. :)
 
Last edited:
  • Like
Reactions: vtqhtr413

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
IEEE and IEEEAJ are two different organzations, not that it matters
ldogg's argument is so ridiculous i did not even bother to look

it wouldn't matter to ldogg what IEEE is or its reputation, all they cared about was linking something desparately trying to discredit IEEE

IEEE is very highly respected and serves as the source of most of standards that define developments in levels 1 and 2 of the open system interconnect (osi) model, along with establishing requests for comment internetworking standards, and hardware standards that oems adhere to across the world
May have been wrong on the predatory journal claim and that I can admit fault for, so I apologise. In terms of this argument, you haven't shown much in the way of truth, as a literature review study is classed as research, whether that can be acknowledged isn't my problem, the fact it's research is reality, hence why I provided a reliable source to back up my claim, via burden of proof.

really? please link literature reviews that are put under rigorous peer-review and where everything cited is fact-checked and verified by a third party
i'll give you every opportunity to prove me wrong, i'll wait
Yes, my friend. A literature review study is still considered a type of research. Unless you're stating the reference I used was wrong and they're lying?

lol, that is never how it has ever worked
if that was a requirement then so much work would be hindered or never happen
you can keep making claims all you want here, but you will not change reality
If a scientific claim or hypothesis is made, evidence needs to be formed or cited from the scientific literature. So we should use, expert opinion, media articles and Alex Jones from Infowars instead; right?

but the paper is a literature review, not research
This was the original claim you made. I rebutted via a reliable reference, and then your goalpost shifted with the quote below. Fact - literature reviews

you would be laughed out of university by insisting that literature reviews must be peer reviewed to verify all the sources relied upon
I never insisted on this argument point at all. You originally said "but the paper is a literature review", which is a type of research, please stop being disingenuous, and shifting argument points. And the ad hominem at the start of this quote dismantles your entire argument, regardless if you had good points prior to the ad hominem.

you have absolutely no idea what you are talking about
Tautology buzzphrase.

Other sources:
ScienceDirect expands on literature review as a research methodology - Literature review as a research methodology: An overview and guidelines
Literature reviews are also common in a research proposal or prospectus (the document that is approved before a student formally begins a dissertation or thesis) - Baglione, L. (2012). Writing a Research Paper in Political Science. Thousand Oaks, California: CQ Press.
"A literature review shows your readers that you have an in-depth grasp of your subject; and that you understand where your own research fits into and adds to an existing body of agreed knowledge." - Literature Reviews – The Writing Center • University of North Carolina at Chapel Hill

Need I carry on? A literature review is a type of scientific research, fact.

~LDogg
 
  • Applause
Reactions: vtqhtr413

Andrezj

Level 6
Thread author
Verified
Well-known
Nov 21, 2022
248
The authors of the review are very cautious about conclusions. They often wrote that the particular surveys show or suggest something. They do not write that this is an accepted truth.
is english your native language? because use of the word "suggest" does not indicate doubt
the paper authors are not drawing any conclusions, they are merely re-stating the findings of others
and nowhere do they state that the doubt the validity of the conclusions of the studies or the data used by those studies

Have you noticed the word "suggest"? For me, if the research only suggests something, then it is not scientifically confirmed. That is probably a difference in our meaning of science. Anyway, from my experience, this suggestion is most probably true.
the authors' use of the word "suggest" is NOT for additional studies to establish that users are a primary cause of their security problems, but to encourage additional studies to develop better psychological and predictive models.

"The home computer user is often said to be the weakest link in computer security.
...
Anecdotal evidence, surveys, and studies suggest that home computer users often do not adequately understand the threats, or have the time, desire and knowledge to be able to handle them."

if you need studies with large datasets and extensive analysis for you to accept these things as fact, then it is really odd:

1. a significant number of users do not know enough about security
2. a significant number of users do things that are unsafe - like using weak passwords
3. a significant number of users do not have an inclination to study security
4. a significant number of users do things that are not in their best interests - like posting personal infos on social media
5. a significant number of users do not care about security
6. a significant number of users want the benefit of highly risky behavior, such as downloading and installing cracks and warez
7. etc

no IT security professional would doubt the veracity of these statements because they are established, widely-accepted fact
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
is english your native language? because use of the word "suggest" does not indicate doubt
There is no need for that type of discrimination whatsoever, if you cannot be respectful, delete the topic and move on. This debate is done my friend, let's move along.

~LDogg
 

Andrezj

Level 6
Thread author
Verified
Well-known
Nov 21, 2022
248
"A literature review shows your readers that you have an in-depth grasp of your subject; and that you understand where your own research fits into and adds to an existing body of agreed knowledge." - Literature Reviews – The Writing Center • University of North Carolina at Chapel Hill
the thing is that the authors are not doing any research, they are merely re-stating the findings of others
about the only conclusions they make is that more studies would be helpful
you obviously did not read the paper

try harder

If a scientific claim or hypothesis is made, evidence needs to be formed or cited from the scientific literature. So we should use, expert opinion, media articles and Alex Jones from Infowars instead; right?
and social scientists that use newspaper reports and other such primary sources, with no other studies to reference, needs to be cited from scientific research?
you have absolutely no idea what you are talking about

and in the context of the linked paper, the authors make no claims or posit any hypothesis

Yes, my friend. A literature review study is still considered a type of research. Unless you're stating the reference I used was wrong and they're lying?
you did not supply any evidence
again, supply evidence that literature reviews are required to be subjected to peer review
i am giving you every opportunity to prove me wrong
Need I carry on? A literature review is a type of scientific research, fact.
a paper that does nothing except repeat others' work but in different words has never been required to be peer reviewed
you can keep posting links, links that prove nothing
supply a shred of evidence - an explicit statement by some credible governing body (university writing guidelines are not a governing body of the peer review process no matter how much you argue that they are) that says "literature reviews must be reviewed"
that is not how it works, it never has worked that way and it never will

you really do not know what you are talking about
 

Andrezj

Level 6
Thread author
Verified
Well-known
Nov 21, 2022
248
@LDogg

Here is what one of your links of "evidence" explicity states about literature reviews:

1675105409508.png


Nowhere in the links provided by @LDogg does it state that literature reviews require peer review.

 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
I'm not addressing anything you say, dude. You only misrepresent people's arguments and insult them. I'm sorry to see that you're the type of person on this forum. In my last response, I never mentioned anything about literature reviews requiring peer review, we both know I never stated anything along those lines. All I said about literature reviews was disproving what you said about them not being a type of research when it is. Have a good day and please don't bother replying. The worst individual I've ever encountered on this forum and I rarely say that.

~LDogg
 
  • Thanks
Reactions: vtqhtr413
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top