Fang Talks

Not finishing projects since 1994.
02 12 16

The human factor

Because we can’t manually secure against something as predictable as ourselves.

There’s this thing about computer security, and it messes with whatever kind of security you try to employ on your devices. If someone really wants to get in, they won’t bother trying to guess your lengthy password, they’ll just force it out of you somehow. Yes, strong passwords and encryption work well for protecting you in the digital world, but it’s near impossible to withstand a (possibly brute force) social engineering attack.

A system is only as secure as its most exploitable attack vector. And it just so happens that if we need to be able to grant access to humans, that opens up a really big risk. Man is not machine, it does not operate perfectly. That has its own really useful advantages, but certainty is not one of them.

Until systems start observing and understanding the entire situation surrounding those they grant access (which is maybe not impossible), the weakest link can’t be made stronger.
~ Fang


  • 05/12/2016 (1:21 PM)

    I don’t think people would be happy with their computers completely understanding them though. There’s a lot of pushback against the biometrics computers already have.

    • 05/12/2016 (7:03 PM)

      There’s a lot of pushback because data on the modern-day personal computer isn’t inherently safe. Part of that has to do with applications wanting to do their (too intensive for your PC) computing in the cloud, which means your data gets sent over the wire and reaches someone else’s hands, at which point you have no guarantee as to what happens with it.

      • 07/12/2016 (7:06 PM)

        User: “Yo, computer, I just pirated this software. You gonna flag this like a snitch?”
        Computer: No, I will not flag this pirated program as a virus. I gotchu, fam. I even went ahead and cracked it for you.
        User: “Damn, you DO understand me.”

        (That was just a joke. I don’t pirate. Support developers)

Post a comment

Your email will stay hidden, required field are marked with a *.

Experimental anti-spam. You only have to do this once. (Hint: it's "Fang")