On 18 October 2015 at 17:13, Hector <gtalist@bell.net> wrote:
Hi all, thought to share. A little bit old but according to it.. using Linux is in the top 10 things to do to stay safe online :p yay.
Any of you follow any particular order?
https://www.usenix.org/system/files/conference/soups2015/soups15-paper-ion.p...
Hector
The reasons WHY the various practices are/are not effective are pretty interesting. The differences described between "expert" and "nonexpert" are pretty interesting too. A place worth going is to explore *why* a password manager is good to use. (Actually, that's probably a good topic for a talk. Anybody got experience with the gamut of password managers running on Linux???) Non-expert users have little faith in password managers, seemingly because they don't understand with any depth how they would be secure. This takes me back to university; we had a module in my Management Accounting #1 course on Linear Programming... It was kinda neat, and, as someone that has studied the math behind it, I'd wish I could use LP for solving some management accounting problems. But the typical management accounting student (as well as, as it happens, our instructor!) doesn't have any idea why linear programming works, with the consequence that, in industry, nobody's prepared to entrust anything to it. It's not a leap to see common application there... If the mechanism seems "too magical," to the point that it's difficult to have any intuition about how it functions, it's tough to trust it. An interesting *new* thing is the fact that we now have some new platforms with fresher behaviours vis-a-vis upgradability. And I'm not sure it helps teach better lessons. I can commonly press a button and upgrade the apps on my Android mobile phone, which ought to be better than the creaky upgrading of Windows and Windows apps, right??? Sometimes there's the right lesson. Alas, sometimes (iOS 9.0.2, I'm looking at you!!!) the upgrades include downgrades of functionality, leading users to the horrid conclusion that they shouldn't trust vendor upgrades to be improvements. -- When confronted by a difficult problem, solve it by reducing it to the question, "How would the Lone Ranger handle this?"