According to Mossberg, IT and security people like you and me -- well, me for certain -- are the problem, because we call the end user stupid for executing viruses. And even though the article outlines multiple warnings from multiple security mechanisms that the user must purposefully disregard in order to infect themselves, it is still our fault when they do so. And apparently, we are wrong for saying so. We're to blame because we say they are to blame.
Mossberg retorts with, "Well, I have a word for these contemptuous techies: Save your energy for solving the problem instead of blaming its victims. Mainstream users shouldn't have to be IT experts to operate their computers."
In a word? Um, that's 24 words. If that statement were computer code rather than consumer criticism, it would be... wait for it... a buffer overflow. Allocate one word and stuff it with 24. No boundary checking. Oh, the irony.
I've looked high and low to references from security people calling for the end user to be an IT expert to use their system, and I couldn't find one. You don't have to be a master chef in order to cook meats properly. You don't have to be a master mechanic to drive a car, nor do you have to be a NASCAR driver in order to buckle up and not drink and drive.
And you don't have to be a computer expert to load AV software and install a firewall.
We are not wasting energy blaming stupid users. We are calling for users to take a little time and to learn minimal skills before attaching their systems to the Internet. The time it takes for these innocents to wallow in victimization would be far better spent actually reading all those message boxes telling you that you are about to screw up your system before clicking OK. If I have to deal with people angered by being called "stupid" for doing so, yet help raise the overall level of security consciousness in the process, then that is a burden I am happy to accept.
Lesezeichen