3 Oct
2016
3 Oct
'16
8:59 p.m.
<https://www.schneier.com/blog/archives/2016/10/security_design.html>: The problem isn't the users: it's that we've designed our computer systems' security so badly that we demand the user do all of these counterintuitive things. Why can't users choose easy-to-remember passwords? Why can't they click on links in emails with wild abandon? Why can't they plug a USB stick into a computer without facing a myriad of viruses? Why are we trying to fix the user instead of solving the underlying security problem?