[LINK] Security efforts hindered by untrained users
Stilgherrian
stil at stilgherrian.com
Thu Jan 31 05:40:47 AEDT 2008
On 30/1/08 10:57 PM, "Brendan Scott" <brendansweb at optusnet.com.au> wrote:
> Bernard Robertson-Dunn wrote:
>
>> "Certainly end users are a big hole for most people, because end users
>> are not going to be your most technically competent people," said Gary
>> Chen, a senior analyst at Boston-based Yankee Group Research Inc. "And a
>> lot of attacks today rely on the gullibility of users to click on a link."
>
> Surely this could be effectively combated by having a pop up ask "Are you
> sure?" each time someone clicks a link?
No. Having worked a lot with relative naïve users over the years, I can
report that any dialog which gets in the way of them achieving their aim
simply isn't read. Since so many dialogs are meaningless (to them), and
their world does not immediately cave in, hitting "OK" is a reflex action.
They click "OK" without reading what the dialog says.
Even if they did read the message, because they'd be being asked for every
link, the vast majority of which would be legitimate, that click would soon
become reflex if it wasn't already.
Stil
--
Stilgherrian http://stilgherrian.com/
Internet, IT and Media Consulting, Sydney, Australia
mobile +61 407 623 600
fax +61 2 9516 5630
ABN 25 231 641 421
More information about the Link
mailing list