[cryptography] SSL is not "broken by design"

Eitan Adler lists at eitanadler.com
Tue Sep 20 20:37:59 EDT 2011

> It has been a very long time since I had virus or trojan on my home
> computers.  The only time my website was hacked, someone had socially
> engineered my email password out of microsoft.
> So it is not apparent to me that the node is the problem.


Different people perceive security differently and react to threats
differently. Often times educating people doesn't change any action of
the individual. In order words: Security is increased by designing for
the way humans actually behave instead of getting people to behave in
a different way.

>  My wife knows
> nothing about computers.
> ...

Anecdotes are not evidence. There are have been many studies which
show that user education of this form rarely works.

> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

Eitan Adler

More information about the cryptography mailing list