AnnaleeMay 8, 2023

I've been thinking lately about how we teach folks about digital security and safety and how we don't really have a way to retire old advice

I know folks who heard they should never connect to a public or unfamiliar Wi-Fi network, never scan a QR code, never charge their phone at a public outlet - and they never got the stand down memo that those threats have been largely mitigated and as long as they're keeping their phones and browsers up to date, it's usually fine to do those things.

Show threadSumana HarihareswaraMay 8, 2023
@Annalee Hmm! I'm interested in learning more about why those things are okay now (as long as one uses up-to-date devices and browsers).
Show threadEric Hellman
@brainwane @Annalee I'm also interested in why so many IT professionals cling to old advices like these and outdated practices such as password rotation. Perhaps it's just the power of mystery and mistrust.
There's no generally-respected, trustworthy up-to-date plain-language place we can point to and say "follow these recommendations".
There's no "Dr.Fauci" for digital security and safety.
May 8, 2023 at 3:53pmWeb
Show threadchrisMay 8, 2023

@gluejar @brainwane @Annalee "I'm also interested in why so many IT professionals cling to old advices like these and outdated practices such as password rotation."

Because changing the advice, even if warranted, confuses people, too. How many times have you heard someone complain along the lines of "I have no idea if eggs are good for you or not, one day they say they're fine, the next they're not... they just don't know what they're talking about."