Comment by soulofmischief
4 months ago
> How even do you explain to people with zero computer lessons that adding a new access mechanism increases the attack surface and makes hacking easier?
You literally tell them that. That's it. As prominent tech leaders have been doing. They either choose to believe experts, or disbelieve them. Or they could get a CS major. They chose option #2. They ostensibly disbelieve experts because what they're hearing does not mesh with what they want.
But let's be honest with ourselves; it's not that they disbelieve them, or don't understand. It's that they don't care. You are giving these people way too much of a benefit of the doubt. They have the tools at their disposal to remove any ignorance.
> You literally tell them that. That's it. As prominent tech leaders have been doing.
As it's not working, QED not "that's it".
> You are giving these people way too much of a benefit of the doubt.
They're hurting their own interests in the process. If they were just hurting my interests, I'd agree with you. But this stuff increases the risk to themselves, directly. I may have even told them about https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 given the timing.
> As it's not working, QED not "that's it".
Neither is underestimating your enemy or making excuses for their behavior.
> Neither is underestimating your enemy or making excuses for their behavior.
Indeed. I do neither, which is why I left the UK.
It would be underestimating them indeed to have remained there — I foresaw, even then, that a story equivalent to this very headline would eventually emerge.
And it would also be over-estimating myself to think that I could change them after the Act when I could not change them before the Bill.