Thousands of Ottawa bureaucrats fail phishing scam test
-
The problem isn't just the end users, regardless of their capabilities to handle computers.
Agreed.
What if their "superiors" constantly send them work emails with embedded links?
Refusing to respond to work emails would get you sacked in most workplaces.
Certainly, most end users should be educated about how to use the computers. This has been the mantra for the last decade or so and if it would work, it would've worked by now. As such, computer training, even just the basics, not going to help.
Agreed.
There is little benefit training the workers, if their "superiors" are even more brain dead (which IMO most appear to be).
Another issue is how much time it takes to block/disable/destroy the servers that phished/stolen information is sent to.
-
-
Government workers or otherwise the employer should have in place training for they employees that teach the do's and do not's of using the computers at work.
Don't assume just because they own their own computer they have the needed knowledge.
-
Government workers or otherwise the employer should have in place training for they employees that teach the do's and do not's of using the computers at work.
Agreed.
However the people most likely to be caught breaking the rules are management (ordinary workers can be easily sacked for not "towing the line").
"I'm Management, IT directives don't apply to me."
-
As such, computer training, even just the basics, not going to help.
I respectfully disagree. I do believe basic lessons would help. A lot of people do not understand they are even running windows, much less what version.
I think good basic security and computer lessons would help. Its worth a try at least. Most people have had no tech knowledge or lessons at all. To even have just a basic understanding would help tremendously.
While software should always strive to better, it is also equally very important that the end user has a basic understanding of what device they are using, and how to take at least some steps to safeguard their data.
To say it would not help at all imho is not an accurate conclusion. Now as to the people who do not care, then that is there fault.
You do not have people drive a car, and not know how to perform basic maintenance or traffic etiquette. You do not blame the car manufacturer or the traffic signs/lights or the government when you crash into a tree or another person. Cars protect you with airbags and seatbelts, you protect yourself by driving correctly.
While it is always a responsibility to protect the users as best as they can with patches and security updates, it is also the users responsibility to do reasonable efforts to protect their information and make informed choices about what software they install.
-
-
Their are two kinds of people you can't teach.
1. Those that don't want to know.
2. Those that think they know everything.
We have a computer world full of both.
-
Their are two kinds of people you can't teach.
1. Those that don't want to know.
2. Those that think they know everything.
We have a computer world full of both.
Agreed
-
That's a bit on the harsh side calling people names based on their computing habits. With the level of sophistication that the malware has nowadays and the lack of reasonable technology to protect against it, any person could become a victim. Certainly, people clicking around are more likely to fall victim to malware, than others who don't. The latter group can fall victim just as well, via the "watering hole" and other technics used by the malware.
While I contest your accusation that I "called people names", I did fully intend for my writing to come off as harsh. Beating around this particular bush has been done for years and, frankly, we sometimes just need to acknowledge the elephant in the room even if that is an unpopular opinion. The sooner we properly acknowledge that most average computer users can't take a single step forward in the internet without causing some form of harm to themselves and/or others, the better.
The problem isn't just the end users, regardless of their capabilities to handle computers. The problem is the endless cycle of patching software that has reached to the point, that the best security advice is to not use the software such as JAVA. Adobe isn't too far either and so on, and on, and on...
The endless cycle of patching isn't a problem, though the current habit of changing entire portions of software with some patches (Firefox 28->29 for example) is bad. If set as such, updates will be performed automagically with little fuss usually. In fact, I would say patches and update mechanisms are getting to the point they're starting to inconvenience the enthusiasts rather than Joe Average nowadays.
Certainly, most end users should be educated about how to use the computers. This has been the mantra for the last decade or so and if it would work, it would've worked by now. As such, computer training, even just the basics, not going to help. Software will need to get better, that includes security solutions that actually easy to use and effective. The current AV solutions aren't it as most of you, if not all, in this forum know...
We can develop any number of security tools, but as long as the problem lies between the keyboard and the chair none of that will be effective.
It has been proven time and again that unsavvy computer people will click on and through anything without regard to what they are doing, this needs to change and there are two ways this can change: Education, or a walled garden. Obviously education has had less than stellar results, even today unsavvy computer people are completely failing such rudimentary tasks like simple reading, so maybe Apple is doing something right by shoehorning everyone into a walled garden where people can be protected from themselves.
As the old saying goes, with power comes responsibility. If people can't be responsible with their computers they shouldn't be allowed access to computers at all (or their access appropriately limited). The earlier driver's license analogy is also a good example of placing proper responsibility upon the user.
-
-
I respectfully disagree. I do believe basic lessons would help. A lot of people do not understand they are even running windows, much less what version.
I respect your view on the subject and we seem to agree to disagree...
Most people run applications and you're correct, that they'd care less on what platform.
You do not have people drive a car, and not know how to perform basic maintenance or traffic etiquette. You do not blame the car manufacturer or the traffic signs/lights or the government when you crash into a tree or another person. Cars protect you with airbags and seatbelts, you protect yourself by driving correctly.
While the car analogy isn't the best for computers...
One could argue that most drivers don't know how to perform basic maintenance, or know the engine size, transmission type, etc., that does not disqualifies them from driving with a valid driver license. In another word, what's under the hood is irrelevant for them and they can drive just fine. Principally, this is the same with computers; it doesn't really matter how the computer works, as long as the application is working as expected.
What happens, if and when the traffic light control falls to malware and/or malfunctions giving everyone green light in every direction? Will that be the drivers' fault? Well, yeah, you should've looked, right?
While it is always a responsibility to protect the users as best as they can with patches and security updates, it is also the users responsibility to do reasonable efforts to protect their information and make informed choices about what software they install.
So, what happens between the endless cycle of patches and security updates, when the system is vulnerable, even if it is up to date with the latest patches? This is the time frame that's most critical for end users and there isn't many security technologies available to protect them. There are some, but not for the general public...
-
That's a bit on the harsh side calling people names based on their computing habits. With the level of sophistication that the malware has nowadays and the lack of reasonable technology to protect against it, any person could become a victim. Certainly, people clicking around are more likely to fall victim to malware, than others who don't. The latter group can fall victim just as well, via the "watering hole" and other technics used by the malware.
While I contest your accusation that I "called people names", I did fully intend for my writing to come off as harsh. Beating around this particular bush has been done for years and, frankly, we sometimes just need to acknowledge the elephant in the room even if that is an unpopular opinion. The sooner we properly acknowledge that most average computer users can't take a single step forward in the internet without causing some form of harm to themselves and/or others, the better.
I apologize for misunderstanding your initial post on the subject...