- Dec 30, 2012
- 4,809
Summary: When you make security hard to use, users look for a way around it. That's why efforts to make the internet more secure must be held to a high usability standard.
There's a general trade-off between usability and security. It's an old phenomenon, going back well before the computer age. General Benjamin W. Chidlaw, while commander in chief of the joint service Continental Air Defense Command (part of what eventually became NORAD) in 1954, put it this way:
Flash forward to 2014, and it's still the case that if it were convenient to be secure, there wouldn't be so much insecurity about.
Professional security software has always tended to be difficult to use, at least to use it properly. Perhaps the classic example is PGP (Pretty Good Privacy), a program written in 1991 to secure email. PGP uses symmetric public key cryptography and hashing to allow users to exchange messages securely and to prove the provenance of those messages
Read More
There's a general trade-off between usability and security. It's an old phenomenon, going back well before the computer age. General Benjamin W. Chidlaw, while commander in chief of the joint service Continental Air Defense Command (part of what eventually became NORAD) in 1954, put it this way:
Simply put, it is possible to have convenience if you want to tolerate insecurity, but if you want security, you must be prepared for inconvenience.
Flash forward to 2014, and it's still the case that if it were convenient to be secure, there wouldn't be so much insecurity about.
Professional security software has always tended to be difficult to use, at least to use it properly. Perhaps the classic example is PGP (Pretty Good Privacy), a program written in 1991 to secure email. PGP uses symmetric public key cryptography and hashing to allow users to exchange messages securely and to prove the provenance of those messages
Read More
