Comment by thewebguyd
14 hours ago
> It is the young people that are growing up conditioned to press accept
It's really alarming, actually. I run the cyber security training & phishing simulations at my work, and it's the younger employees that struggle the most. It's like they just assume that everything on the web is trustworthy.
It's not hard to see why though. They grew up with app stores & locked down devices. No concept of a file or file system, no concept of software outside of the curated store & webapps. People that never had to take responsibility for their own digital safety because "someone else" (Google, Apple) always did it for them.
> It's like they just assume that everything on the web is trustworthy.
> It's not hard to see why though. They grew up with app stores & locked down devices.
When we create a safer world, people’s defense mechanisms naturally atrophy or are never developed in the first place.
The problem is, we haven't really created a safer world. We created an illusion of safety by taking away agency.
We might be safer in terms of vulnerabilities, root exploits, RCEs, etc. but the internet is still full of malware, scams are still just as rampant. Vigilance is still very much required, but is no longer taught.
Look at all the malware available on the Play Store. The curation does nothing but create an illusion of safety.
It’s absolutely safer browsing the internet now than it was when I was a kid. Getting a virus or equivalent on your phone is no small feat
5 replies →
When I joined my last job I noticed that their email settings were misconfigured... EVERYTHING was going straight to the inbox, not even the most basic of spam filters were in place.
When I got filtering on observe-only mode I saw users were getting up to a dozen phishing emails every day.
We quickly did a hard simulated phishing test and most users opened the email but zero users clicked through.
Two years later, after we had excellent email filtering in place, our simulated phishing test had a 30% fail rate.
Take from that what you will!
Immune system exercise, interesting point. At least you’ve kept up the checks.
That's the philosophy behind Safety Third.
Just curious, what come first and second in this use of the phrase applied to computer security? I came to know the expression from fire circus performance and adjacent circles, where first and second are safety of the audience and the venue, and third is your own. I use it often when I'm about to knowingly do something sketchy or potentially dangerous without applying safety practices required "by the book", acknowledging the present danger to myself and accepting the risk. I never saw it used in infosec context.
1 reply →
Maybe we should make young learners in primary school use "infected" Windows XP so they can dodge spam popups and learn what and what not to click.
They'd just click it away every time, when my nephew got a gaming laptop he'd play mindcraft and the windows sticky keys popup would be firing constantly must have seen him dismiss it 15 times before I offered to show him how to get rid of it.
Just remembered, even more distressing he first said "No it's ok" until I insisted it had to be solved if he wanted to game on it and could be easily solved.
Growing up I had a "computing" class in high school. It's where I learned to type, but also learned the basics of using both macOS(9 at the time) and Windows.
It was also drilled into me that the default state of anything on the internet is to be untrusted and potentially harmful.
It also helped that you could actually tinker with things, and there were plenty of foot guns around to drill that lesson home.
Somewhere along the way that message got lost and didn't get communicated to the young ones, and I'm not even that old (38).
> They grew up with app stores & locked down devices. No concept of a file or file system
I think almost every Android user has thise concepts.
But on the trustworthy web assumption, I agree. The only effective remedy is a personal calamity.
Are you really exposed to those concepts for daily Zoomer usage? I mean, you can spend your whole normie life using an Android phone never going to the file manager.
(fwiw it's been a while since iOS also have those concepts)
People are also struggling to think about what is computed or stored where or what different wireless interfaces do. Imagine what sort of data people enter into LLMs!
Absolutely. With many lawyers, it is client personal data.
In some sort of weird sense, it makes me appreciate the 'free armor trimming', 'alt F4 helps block attacks in pvp', and similar people in RuneScape. It gave young me a very low stakes environment to learn about scams, losing only what amounts to a little bit of my time. I wonder if there is an argument that we should encourage a certain level of scamming in video games just for the lessons it teaches at low cost? Alas, this isn't generalizable to society at large.
That's an exaggeration. Young people on average have grown up with drastically greater understanding of what a file is than any other generation that has come before them. They grew up using Chromebooks or laptops in school, constantly interacting with the local file systems, uploading files to Instagram and TikTok from the file systems on their smartphones, browsing their phones for files constantly. They know what a file is, they use & manage files more than any other generation prior.
No other prior generation comes close.
Compare them to people growing up in the 1980s. The average person at that time was overwhelmingly oblivious to computing very broadly, their grasp of a "file" as a concept would have been close to non-existent. That was just 40 years ago.
In the mid 1980s a mere 10% of US households had home computers. And that was a high mark globally, it was drastically lower in nearly every other country (closer to zero in eg China, India at that time). The number of people routinely using office PCs was still extremely low.
Today young people have a computer in their hand for hours each day, and they knowingly manage files throughout the day.
I use lights every day, but I know way less about electricity than my grandparents, two of whom who could remember when their town was electrified as children and who therefore treated it as the marvel it truly is. And also because we've worked out a ton of bugs in electricity and it often just works.
My kids will know way less about filesystems than I do, because I had to learn DOS commands to navigate around the operating system if I wanted to play computer games, which led to a lifelong interest in how computers actually work at a level they can (and, so far, do) happily ignore.
Or in your scenario, understand the concept of 8.3 file names and why they existed, and when they were removed, and how :P
1 reply →
You don’t upload a “file” in a “folder” to TikTok. You upload a “video” from your “library”. Consumers have been conditioned to stop thinking about files especially when it comes to media since iTunes and the iPod in 2001.
> files especially when it comes to media since iTunes and the iPod in 2001
As a non-Apple user, this is not something that happened to me. I literally have a "Files" app on my Android phone and my laptop/desktop.
11 replies →
> They grew up using Chromebooks … in school, constantly interacting with the local file systems
While it is possible to interact with the local file system on a school Chromebook, it’s certainly not the default. School interactions with Chromebooks seem to consist of logging with highly secure passwords like “strawberry” and using Google Docs. And playing games with heavy PvP components and paid DLC (paid by parents whose kids beg for it, not by schools) that call themselves “educational” because they interject math problems needed to use those juicy spells, make no effort whatsoever to teach anything, but produce a nicely formatted report correlating scores to numbered elements of the Common Core standards.
There may be some demographic groups located between people who were young during the 1980s and people who are young during the 2020s, time periods which are 40 years apart.
Maybe they do more intuitively think of things as virtual objects, but it seems like the issue is they don't have a deeper understanding of how the mechanisms behind the abstractions work and can easily get fooled into accepting terms they wouldn't if they properly understood.
> easily get fooled into accepting terms they wouldn't if they properly understood.
And easily get sold add-on services. How many people hit the 5GB iCloud limit for backups and just pay without stopping to think that it might be possible to do local backups to your computer and you don't really have to pay for extra storage?
Just hit them with the scary language "You are at risk of losing your photos forever if you don't pay!" because that concept of "Oh, photos are just files in a directory and I can copy those anywhere I want" doesn't exist. To many, those photos are part of the gallery app, not a separate file from it and since that app only runs on the phone, surely it must not be possible to copy them anywhere unless I pay for the storage.
> Young people on average have grown up with drastically greater understanding of what a file is than any other generation that has come before them. They grew up using Chromebooks or laptops in school, constantly interacting with the local file systems, uploading files to Instagram and TikTok from the file systems on their smartphones, browsing their phones for files constantly. They know what a file is, they use & manage files more than any other generation prior.
This argument is like saying you understand nutrition because you eat food every day and haven't died yet.
> drastically greater understanding of what a file
No, they do not. First, simply using something does not mean you understand it at all. Secondly, because the devices they've become the most accustomed to work very hard to hide all those details from the user.
And yet, it's the generation that struggles the most with managing files on their work laptops and on SMB shares.
They know app silos, not file system hierarchy. Ask a teenager where a file is on their phone and the will tell you the name of an app. Ask them how to copy it somewhere else, and they'll use the share sheet and send it to another app.
High adoption doesn't equate to high literacy.
> Ask them how to copy it somewhere else
To be fair, at least Android and presumably iOS grant apps by default no access to your files in modern versions.
The only way to get, e. G., an attachment downloaded via Thunderbird to a PC or another app is the share dialogue. A user does not access to the isolated app storage by default on an unrooted Android phone. For better or worse the young user is actually making the right choice here for their platform.
(This is also why making a backup of an Android phone is a nightmare when you aren't using a first party option. ADB is sometimes able to bypass it)
6 replies →
> Young people on average have grown up with drastically greater understanding of what a file is than any other generation that has come before them.
I totally disagree!!! Yes, everyone works with computer, phone, tablet, whatever, nowdays!
But does generation z "knows" about what a computer is?
Absolutely not!!!
While tech has advanced and graduated IT personal know more than previous generations (obviously!), all the rest, while they do know how to do their jobs, they know nothing about computers!!! They are pretty much like everyone else that didn't know what a computer was in generations x and previous!!!
However, contrary to previous generations, because they do interact with the tech, they represent a higher security risc for them and for others!
... Because they know nothing about it!!!
It's like giving a box of matches to a neanderthal in the middle of the woods...
Almost everyone in the "Gen x and previous" that interacted with the tech, did know what they were doing (past the initial learning phase)!!!
This does not happen after gen x!
I agree, but I'd push that to anyone after millennials rather than gen x. I was born in '87 (Millennial) and our generation was the last one to bridge the analog->digital divide, having grew up in both worlds, I think it gave us a kind of unique understanding and relationship with tech that younger folks don't have.
To disagree and recycle some past writing:
> Yeah, I have a particular rant about this with respect to older generations believing "kids these days know computers." [...] they mistake confidence for competence, and the younger consumers are more confident poking around because they grew up with superior idiot-proofing. The better results are because they dare to fiddle until it works, not because they know what's wrong.
> They know what a file is, they use & manage files more than any other generation prior.
Unfortunately, they don't.
They might have had a computer in their hand for hours each day, but they barely know anything about it. The ones who do tend to be those who grew up playing on PC, as opposed to console or mobile, because the latter - despite falling under the "digital natives" aegis - are really shockingly ignorant of even basic concepts.
That's also a stereotype. Gen Z (born 1997 to 2012) is roughly 2 billion people. Among them are the technorati, and the tech literate. The influencers and the influenced. It's fair to compare what was available to them growing up, vs yourself (I learned to program before there was Google), but it's hard to say things that are going to be universally true across that many humans that are interesting. Most of them will have two arms and two legs but will most be able to navigate /etc/systemd/user/? Can't say.