Human Nature vs. Security

Human Nature vs. Security
Daniel Hanson, 2004-03-29

Social engineering in the latest crop of viruses has people jumping through hoops to open malicious attachments. How do we change the pattern?

Expand all | Post comment

Human Nature vs. Security 2004-03-30
Anonymous

Human Nature vs. Security 2004-03-30
IT Professional (2 replies)

Human Nature vs. Security 2004-03-31
Anonymous

Human Nature vs. Security 2004-04-05
Anonymous (1 replies)

Human Nature vs. Security 2004-04-07
Anonymous

Nice summary of the problem, but where's the solution? 2004-03-30
Anonymous (2 replies)

Nice summary of the problem, but where's the solution? 2004-03-30
Anonymous

Nice summary of the problem, but where's the solution? 2004-04-06
Anonymous

The "solution" is to be patient and wait for a virus/worm to be released which wipes the users drive clean. When all you can do for your users is to re-install their OS, and they have lost all of their data, it might begin to sink in.

This sounds about right to me. Users are known to run email attachments they know are worms just because they want to see what happens. So long as there is no direct consequence to the user for doing so, this problem will continue.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/231/25699#25699

Human Nature vs. Security 2004-03-30
Mene Tekel (1 replies)

Human Nature vs. Security 2004-04-06
Anonymous (1 replies)

Human Nature vs. Security 2004-04-07
Anonymous

Human Nature vs. Security 2004-03-30
Simonis

Human Nature vs. Security 2004-03-30
Anonymous

Human ignorance vs. security 2004-03-30
F. Obfusco

Human Nature vs. Security 2004-03-30
Yvan Boily (1 replies)

Human Nature vs. Security 2004-04-02
Anonymous

Human Nature vs. Security 2004-03-31
jaywalker (3 replies)

Human Nature vs. Security 2004-04-01
Brainclots (1 replies)

Human Nature vs. Security 2004-04-04
Mene Tekel

Human Nature vs. Security 2004-04-01
IT Professional (1 replies)