[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Fri, Nov 2, 2012 at 11:32 AM, paul sutton wrote: > Can we perhaps come up with something that can be used to teach computer > security to school children perhaps I have to say I'm always a little sceptical about the effects of education, especially when it is seen as a silver bullet. A lot of education is focused on existing problems. It's good that people are made aware of them, but the malware authors tend to react and change their tactics. For instance, after years of us warning people about how phishing emails can lead to account compromises, a lot of today's phishing emails actually warn you about account compromises (and then tell you to "take action" to regain access). Or to take your example of a links URL showing in your browsers: that's true, but a lot of good and bad sites use redirection. So links in Twitter show as t.co (which, though not necessarily a great idea, actually adds an extra protection layer), but recent spam campaigns used a lot of .gov URLs to redirect to malware/spam sites. So even though in general I would say URLs from the US government are more secure than those registered in Colombia, it's not always the case and believing you're more secure because you know where the link goes may actually do more harm than good. Last month was Cyber Security Awareness Month (in the US and, I believe, also in the EU). Its slogan was/is "Stop. Think. Connect.", so Stop before you're about to do something, Think about whether it is genuine and then Connect to the site if it is. It's a nice idea of course and it isn't too specific. It should still apply in ten or twenty years. But when presented with a link to (or on) say Facebook or Twitter, many people don't follow this advice, because they 'know' it is genuine. I do the same. Except that I may have a slightly better (though not perfect) sense of 'knowing' when a link is genuine, but it's hard to make that distinction. > perhaps as a group we can look in to helping draw something up I applaud your efforts, but a lot of effort (and money) has been spent on this by governments, security companies and volunteers. I'd be surprised if we could come up with something better than what others have come up with. (I don't know very much about actual programs that are available. If there's interest I'd happily have a look at them.) Martijn. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq