Presentation is loading. Please wait.

Presentation is loading. Please wait.

Outrageous Opinion: Nothing We Do Can Improve Security Edward W. Felten Secure Internet Programming Lab Dept. of Computer Science Princeton University.

Published byShawn Wiggins Modified over 9 years ago

Similar presentations

Presentation on theme: "Outrageous Opinion: Nothing We Do Can Improve Security Edward W. Felten Secure Internet Programming Lab Dept. of Computer Science Princeton University."— Presentation transcript:

1 Outrageous Opinion: Nothing We Do Can Improve Security Edward W. Felten Secure Internet Programming Lab Dept. of Computer Science Princeton University

2 Anti-lock brakes (ABS) were supposed to make cars safer. But people with ABS just drove faster, and closer together. Result: no real change in accident rates Users traded away safety for speed The Lesson of Anti-Lock Brakes

3 Security mechanisms will always be configurable by users. Users trade off security vs. function Typical user approach: –Maximum functionality; “good enough” security If we provide better security, users will trade it away for functionality. Ergo, security will not improve Nothing We Do Can Improve Security

4 Objection: Security Isn’t “Good Enough” Yet Not really an exception to the rule –“turned off” is a configuration choice If we improve base-level security, people will find riskier uses for systems Invariant: most users operate at the ragged edge of “secure enough”

5 Developers Make Tradeoffs Too

6 Objection: We’re Still Doing Good Even if users trade away security, they’re trading it for something they value But: tradeoff makes it even harder to measure how we’re doing Maybe we’re actually doing a good job ?!?

Download ppt "Outrageous Opinion: Nothing We Do Can Improve Security Edward W. Felten Secure Internet Programming Lab Dept. of Computer Science Princeton University."

Similar presentations

Gears ‘n stuff: Angular Velocity

Gears ‘n stuff: Angular Velocity
Trade-Offs and Opportunity Costs

Trade-Offs and Opportunity Costs
Computer Organization. The Nature of Data Spreadsheets give us a way to create processes that manipulate data We can think of a piece of data as a quantity.

Computer Organization. The Nature of Data Spreadsheets give us a way to create processes that manipulate data We can think of a piece of data as a quantity.
Use specific reasons and examples to support your opinion.

Use specific reasons and examples to support your opinion.
Logic Gates.

Logic Gates.
L-9 Friction and Circular Motion

L-9 Friction and Circular Motion
Sex is just like driving…... Sex and relationships education (SRE) in primary schools Too much, too early? Losing innocence? It’s up to the parents? It.

Sex is just like driving…... Sex and relationships education (SRE) in primary schools Too much, too early? Losing innocence? It’s up to the parents? It.
AI for Connect-4 (or other 2-player games) Minds and Machines.

AI for Connect-4 (or other 2-player games) Minds and Machines.
Transportation Tuesday TRANSPORTATION TUESDAY CHANGE TAKES TIME HAS TRANSPORTATION TUESDAY MADE A DIFFERENCE TO YOU YET? SIX REMINDERS FOR SAFER DRIVING.

Transportation Tuesday TRANSPORTATION TUESDAY CHANGE TAKES TIME HAS TRANSPORTATION TUESDAY MADE A DIFFERENCE TO YOU YET? SIX REMINDERS FOR SAFER DRIVING.
Safety Math Lets add it up? For Sliver wolf Welding and Ag Mechanics by Mr.E.

Safety Math Lets add it up? For Sliver wolf Welding and Ag Mechanics by Mr.E.
The effects of interstate speed limits on driving speeds: Some new evidence Fred Mannering.

The effects of interstate speed limits on driving speeds: Some new evidence Fred Mannering.
9 th Grade Seminar Discussion May 13, 2015. Have you recently reached a point where, either in person or via technology, you pushed something too far.

9 th Grade Seminar Discussion May 13, Have you recently reached a point where, either in person or via technology, you pushed something too far.
How computers changed the world.

How computers changed the world.
Embedded Systems Introduction. What is an Embedded System What is an Embedded System? Definition of an embedded computer system: is a digital system.

Embedded Systems Introduction. What is an Embedded System What is an Embedded System? Definition of an embedded computer system: is a digital system.
Geography inquiry Michelle Stroosnijder Liselotte Tervooren

Geography inquiry Michelle Stroosnijder Liselotte Tervooren
Microsoft ® Office Outlook ® 2007 Training Manage your mailbox II: Understand your choices for storing Doña Ana Community College presents:

Microsoft ® Office Outlook ® 2007 Training Manage your mailbox II: Understand your choices for storing Doña Ana Community College presents:
Floating-Point and High-Level Languages Programming Languages Spring 2004.

Floating-Point and High-Level Languages Programming Languages Spring 2004.
Forex Megadroid Scam Revealed: The Truth behind Forex Megadroid By Ben Benez 1http://www.gpsforexrobotreviewed.com/

Forex Megadroid Scam Revealed: The Truth behind Forex Megadroid By Ben Benez 1http://
Software Engineering CSE470: Embedded Systems Overview 49 What is an Embedded System What is an Embedded System? Definition of an embedded computer system:

Software Engineering CSE470: Embedded Systems Overview 49 What is an Embedded System What is an Embedded System? Definition of an embedded computer system:
Black Holes. What is a black hole? What is a black hole? A black hole is an infinitely dense object that occupies a single point in space. It is so dense.

Black Holes. What is a black hole? What is a black hole? A black hole is an infinitely dense object that occupies a single point in space. It is so dense.

Similar presentations

Ads by Google