Firewall Wizards mailing list archives

Re: The home user problem returns

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 13 Sep 2005 20:43:21 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 13 Sep 2005, Mason Schmitt wrote:

Educating users to fix the problem doesn't work.  Educating users there
*is* a problem seems to work, just not en-mass.


Nope. Because we're dealing with shared environments - so even if you
managed to somehow raise the clue level in 50% of the population it winds
up having almost no effect because the clueless infect the clueful
second-hand.


I think that was Paul's point.  Home users can't be educated to the
point that the problem becomes "fixed".  I don't think they need to be
or should be, so if that's where the effort is being expended, then I
agree - it's a waste of breath.  I do think that over time education
efforts will result in an increase in clue in the vast majority of
people.  If this weren't the case, then there would be no point to
having a public education system...  Not everyone is going to get
straight 'A's, some people will fail, others who are living a hand to
mouth existence, or who's country is too backward or too poor will or
for whatever reason doesn't have education available to the masses will
not learn - which leads nicely to your comment below concerning AIDS.

It's really a problem in epidemiology. Imagine if 50% of
your population refused to worry about AIDS yet was capable of having
sex with 1,000,000 different partners a day* - The numbers are all tipped
the wrong direction, for education to work. Spammers have pretty much
proved that.


Well, no, the spammers haven't proven that.  What the spammers have
shown us is that even if they only sucker a minute percentage of the
people that actually receive their crap, that it's financially
worthwhile.  The reason being that the economics of spam allow the
spammers to plunder a public resource (the net) with relative impunity.
Ecological economists such as Herman Daly, have shown that when you
don't factor in the cost of continual withdrawal from a natural
resource, that your books aren't really balancing.  This is again an
issue that is only going to be rectified by increasing the spammers
costs which many people are working on.

I also don't think the user education problem is an epidemiological one
either.  To suggest that ignorance to a growing and changing computer
security environment is somehow like a rapidly spreading pathogen is a
little bit of a stretch.  If ignorance were infectious, you'd probably
be dead or an idiot right now.  I remember you ripping apart Dan Geer's
mono culture idea that was such a big deal a little while back.  Not
trying to pick a fight here, I just don't get the argument.

Raise a teen or two and you learn, epidemiological/pathogen covers alot ofissues in development and edcuation! Ignorance *is* infectious, and onebad apple can...two bad apples, damn, life would be grand if one was justhearding cats...

Passive education, observational learning has it's limits and is tested tothe extreeme in the world o parenting. It can be both intriging andffrustrating to see how many times the same kid<s> has<ve> to grab the samehot wire before they learn that the shock it distributes is *not*enjoyable. My 3 pups on the otherhand learned within a day that theinvisible fencing bounds the limits of their explorations.



But I digress some from the topic at hand, sorry...

Thanks,


Ron DuFresne

- --~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDJ3Isst+vzJSwZikRAvCAAKCWrcJ5baBSulE7pFDipmzfLbzJ7wCeNU8Q
sBEiayQXYuprjmQ9l0OvM3s=
=mEdC
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: The home user problem returns, (continued)
- - - Re: The home user problem returns R. DuFresne (Sep 13)
    - Re: The home user problem returns Mason Schmitt (Sep 13)
    - RE: The home user problem returns Paul Melson (Sep 13)
    - Re: The home user problem returns Paul D. Robertson (Sep 13)
    - Re: The home user problem returns Marcus J. Ranum (Sep 13)
    - Re: The home user problem returns Mason Schmitt (Sep 13)
    - Re: The home user problem returns Marcus J. Ranum (Sep 13)
    - RE: The home user problem returns Tina Bird (Sep 13)
    - RE: The home user problem returns Marcus J. Ranum (Sep 13)
    - Re: The home user problem returns Mason Schmitt (Sep 14)
    - Re: The home user problem returns R. DuFresne (Sep 13)
    - Message not available
    - Message not available
    - Re: The home user problem returns mason (Sep 14)
    - RE: The home user problem returns Paul Melson (Sep 22)
    - Re: The home user problem returns Mason Schmitt (Sep 13)
    - RE: The home user problem returns Paul Melson (Sep 13)
    - Re: The home user problem returns Mason Schmitt (Sep 13)
    - Re: The home user problem returns Jim Seymour (Sep 13)
    - RE: The home user problem returns Tina Bird (Sep 14)
    - RE: The home user problem returns Paul Melson (Sep 22)
    - Message not available
    - Re: The home user problem returns Mason Schmitt (Sep 12)
    - RE: The home user problem returns Paul Melson (Sep 13)

(Thread continues...)