[18572] in cryptography@c2.net mail archive
Re: PKI too confusing to prevent phishing, part 28
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Wed Sep 28 00:41:12 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: Jerrold Leichter <leichter@smarts.com>
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, cryptography@metzdowd.com
In-Reply-To: Your message of "Sun, 25 Sep 2005 23:39:41 EDT."
<Pine.SOL.4.61.0509252240470.22831@frame>
Date: Mon, 26 Sep 2005 12:42:08 -0400
In message <Pine.SOL.4.61.0509252240470.22831@frame>, Jerrold Leichter writes:
>
>
>Talking about users as being able only to hold one bit continues an
>unfortunate attitude that, if only users weren't so dumb/careless/whatever, we
>wouldn't have all these security problems.
This is an important point. When *many* people are doing the "wrong"
thing, the problem isn't the people, it's the mechanism they're being
asked to use.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
