Security and User Interface
I just came across this great quote by Rob Pike (one of the creators of Unix and Plan9):
The Interface to Security
Weak security that’s easy to use will help more people than strong security that’s hard to use. E.g.: door locks.
Tip: User interface is more important than security.
This is so true!
An example: Wireless Access Point security - Unsecure AP is obviously bad. But WPA-PSK with 128 bit encryption is just too horribly painful to set up, to manage (share keys with other ppl, ok Passphrase solves that somewhat), and to periodically change the key. Not to mention the fact that many Linux drivers still don't support WPA completely.
So whats the middle ground?
I personally like MAC address filtering. Though it is trivially easy to break (sniff packets to get a valid MAC address, and then change your MAC address to that), it still keeps away >99% of the intruders. A door lock is a great analogy.
I'm sure there are numerous other examples of Security v/s User Interface.
The Interface to Security
Weak security that’s easy to use will help more people than strong security that’s hard to use. E.g.: door locks.
Tip: User interface is more important than security.
- Bad user interfaces drive people away from security.
- Weak security is much better than none at all.
This is so true!
An example: Wireless Access Point security - Unsecure AP is obviously bad. But WPA-PSK with 128 bit encryption is just too horribly painful to set up, to manage (share keys with other ppl, ok Passphrase solves that somewhat), and to periodically change the key. Not to mention the fact that many Linux drivers still don't support WPA completely.
So whats the middle ground?
I personally like MAC address filtering. Though it is trivially easy to break (sniff packets to get a valid MAC address, and then change your MAC address to that), it still keeps away >99% of the intruders. A door lock is a great analogy.
I'm sure there are numerous other examples of Security v/s User Interface.