At The Register, Trevor Pott explains why trust is the key part of your personal online security:
Virtually everything we work with on a day-to-day basis is built by someone else. Avoiding insanity requires trusting those who designed, developed and manufactured the instruments of our daily existence.
All these other industries we rely on have evolved codes of conduct, regulations, and ultimately laws to ensure minimum quality, reliability and trust. In this light, I find the modern technosphere’s complete disdain for obtaining and retaining trust baffling, arrogant and at times enraging.
Let’s use authentication systems as a fairly simple example. Passwords suck, we all know they suck, and yet the majority of us still try to use easy to remember (and thus easy to crack) passwords for virtually everything.
The use of password managers and two-factor authentication is on the rise, but we have once more run into a classic security versus usability issue with both technologies.
[. . .]
Trust as a design principle
The technosphere doesn’t think like this. Very few design their products around trust, or the lack thereof. We’ve become obsessed with how the technology works and what that technology can enable; technology is easy, people are hard. How the technology we create integrates into the larger reality of politics, law, emotion and the other people-centric elements, is often overlooked.
In some cases it is simply a matter of having a limited target audience; American firms designing for American users, for example. It is impossible for most to really understand the intricacies of trust issues in all their variegated permutations. It is human to be limited in our vision, and scope of understanding.
H/T to Bruce Schneier for the link.
