Wednesday, Dec 2, 2015 3:56 AM Paul Smith wrote:
The thing is that whatever you do to email, the weak link is always the
human. Humans are the ones who respond to Nigerian princes, they're the ones
who think it's OK to send their bank password by email to anyone who asks for
it in an authoritative way, etc.
So, training HAS to be done, otherwise people will lose privacy.
Look, I'm really sorry to keep harping on this, because I know it's a bit off
topic and probably annoying, but your model of how to do security for end users
is simply wrong. The way you prevent people from getting scammed is to by
default not deliver email from people they don't know. I realize this is
anathema to a lot of email folks, but that's why facebook is more popular than
email now: facebook doesn't deliver spam from people you haven't friended.
The way you prevent people from getting their passwords ripped is to not give
them passwords. The tokbind working group is working this problem, and the
solution they have is a good one, which we will undoubtedly see deployed in the
future. It's true that it's not available now, and the vulnerability that you
cite does exist now. This is a problem we need to solve, not an inevitable
quality of online technology. Security technology based on physical tokens is
also getting better/more accessible. It's worth noting that Nigerian scammers
typically scam people who have actual cognitive deficits, not regular people.
People aren't actually all equally gullible, and there are lots of people who
are skeptical enough that they can benefit from privacy protections even in the
absence of secure token binding and physical tokens.
Of course, most people don't really care about privacy whatever they say
(witness all the personal information posted to Facebook/Twitter/etc) so it
doesn't matter that they can't be trained. The ones who do really care about
their privacy are the ones who will train themselves if the information is
available to them.
This doesn't reflect what people who actually study this issue are saying.
People do care about privacy. They just can't get it. Even though they
can't get it, they do take measures to get it to the extent that they can.
It's true that not everybody does this, but it is not true that most people
just don't care. If you ask them "do you care about privacy," they might say
no, but if for example you ask them "do you care if thieves know whether or not
you are out of town," they will say yes.
So saying that because people don't care about privacy, we shouldn't try to
protect their privacy, is wrong on two counts: first it's wrong that people
don't care about privacy, and second it's wrong that we shouldn't try to
protect people from threats of which they are not presently aware.
--
Sent from Whiteout Mail - https://whiteout.io
My PGP key: https://keys.whiteout.io/mellon(_at_)fugue(_dot_)com
pgpkPWPr6GV6A.pgp
Description: PGP signature
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp