SwiftOnSecurityOne of the biggest security expertise redpills is this is unironically a good idea and the time spent making fun of it was ill-advised for most users whose physical security threat is not a factor in comparison.
Overcoming the incentive to dunk on “users” behavior is an important element in maturing your security understanding. You have a set of levers to pull. Human nature is not one of them. Deal with that or be a righteous failure.
Edginess and denigration is not a measure of effectiveness when your subjects’ success is the criteria. I fear some see Security as a way to be a veto of correctness – rather than a mediator of implementing a solution. The former easy, the latter a lifetime of work.
Guillaume Ross@SwiftOnSecurity I just switched over from the LinkedIn app and a user bashing thread.
Turns out it’s true, most security breaches are caused by human error, it’s just maybe not the human that clicked on the link who made the mistake.
Konstantin Weddige@g @SwiftOnSecurity I might want to borrow that second paragraph. It hits the nail on the head.