[Cryptography] Preliminary review Gutmann's Security Engineering

Guido Witmond guido at witmond.nl
Sat Apr 12 14:16:50 EDT 2014


On 04/09/14 15:15, Joachim Strömbergson wrote:
> Aloha!

> 
> And if we are into the "books in the same field with confusingly similar
> names" discourse, Peter Gutmann is working on his big, big, big book
> "Engineering Security":
> 
> https://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf


I'm reading through his draft and came upon this gem.

on page 40 Gutmann writes on user conditioning:

> Users actually behaved less insecurely when interacting with the site
> that was not SSL-secured” [compared to a site without SSL]

That reminds me of the 'problems' of road-safety. The more
safety-features there are in a car, the less safety-aware people drive
in it (in general).

At the same time doctors are complaining about lack of sufficient organ
donors due to increased road safety.


Regards, Guido.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140412/2a6ab15a/attachment.pgp>


More information about the cryptography mailing list