Suramya, writes about Computer Usability vs. Security on his website.
I agree with his idea of the issues facing stronger security vs. easier and more productive computing experience.
My take on the matter … there will have to be new technologies, yes, but more importantly, the road to getting the perfect mix of security and usability will also require thousands of hours of end-user research and lab-work. It is simple to me because people are so different in the way they thing out processes, which in turn makes their using the computer different too, the ideas of usability and security that fit one user’s mold will not fit another’s.
I usually take myself as a good example … Even since I had to reboot my MS DOS 6.22 box (a 486 with 32 megs of ram and 120mb MB hard drive) because it caught the Die Hard virus (DH2) and later multiple others in my experiments with Windows 95, I have been more or less secure.
I’ve gone through Windows 98, Windows 98 SE, Windows ME, Windows 2000 and Windows XP. It is interesting to note, I have not had a single active virus infected moment in my computing history since 1999! Of course I’ve had to format windows often, but that’s the OS, not the virus that caused it ;-)
My system security software consists of McAfee Anti-Virus, ZoneAlarm’s freeware version and Firefox’s built-in popup blocker. Other than that, I use a Windows XP system with a decently complex password. No biometric security/authentication systems, no other latest and greatest security gadgets.
Of course, you can say that I am not the target of really serious crackers (crackers are the bad guys, hackers = good guys in my book). But then, a lot of home users aren’t targeted directly either. If your IP address is available and you are in a net-block being hit, you have as good (or bad) a chance of getting attacked as your neighbour.
The bottomline is … all the security will not help unless user education comes into play.
And once user education does come into play, then the demands of an over-simplified system goes away.
3 Feb 2005 at 3:17 pm
Nice to know that people actually read the stuff I write. Thanks for the feedback and it was Interesting to read your thoughts about computer security.