Thursday, August 02, 2007

Black Hat: Perception vs. Reality in Security

William Jackson writes on GCN.com:

As computers go, the human brain is not a very good one, says security researcher and consultant Bruce Schneier.

“People are a mess,” Schneier said in a keynote address Thursday at the Black Hat Briefings computing security conference. “If you are looking for computer-like calculations in people, you are not going to find it.”

Schneier, a long-time security iconoclast who has railed against what he called security theater, which provides the illusion of security without the reality, cited a number of clinical studies of how humans perceive risk. The results shatter “any hope that your brain is rational,” he said.

The traits found in these studies have a direct impact on how people select and use security controls in their lives and online.

The human mind is full of biases and shortcuts that allow it to work quickly and efficiently, but not always accurately, when assessing problems.

More here.

0 Comments:

Post a Comment

<< Home