On 5/17/2010 9:41 PM, Kurt Seifried wrote: ....
The reason we have so many problems is this: Security is hard.
Lots of things about computing are "hard". The path to improvement is in looking for ways to make the systems easier to operate properly. A place to start is a little respect for users of security solutions.
Different people have different definitions of "Security" and what level of "Security" they want. Striking a balance is not easy.
All users want a high level of security, it's just that they don't want to pay a high price for security they don't benefit from. Users are exercising sound judgment based on the information we provide them.
The balance here is really cost vs perceived benefit. By opening up to ideas for improving the user experience of security we can reduce the cost and increase the perceived benefit. Ultimately a security system relies on users' judgment. The problem is "the choice between dancing pigs and security", not the choice of dancing pigs.
jjb -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
