RES: [GTER] Invasão
Lao DanTong
danton at inexo.com.br
Wed Nov 3 12:39:36 -02 2004
On Wed, 3 Nov 2004, Luis Fernando Rocha wrote:
> Por falar em conscientização de usuários, o Jakob Nielsen, "guru" de
> usabilidade, escreveu um artigo dando uma "porretada" nesse assunto,
> dizendo - resumidamente - que "...educação de usuários não é a principal
> resposta aos problemas de segurança...".
>
> Link: http://www.useit.com/alertbox/20041025.html
...
* Encrypt all information at all times, except when it's displayed on
the screen. In particular, never send plaintext email or other information
across the Internet: anything that leaves your machine should be
encrypted.
* Digitally sign all information to prevent tampering and develop a simple
way to inform users whether something is from a trusted source. This
might, say, replace current stupid security warnings that people don't
understand because they expose the guts of the technology. ("The security
certificate has expired or is not yet valid." Aha. And what does that mean
to a normal person?)
....
>
> O que acham?
Bullshit!
More information about the gter
mailing list