[freehunter]

My job is trying to get ambivalent people to take security seriously, and I'd like to amend your statement. Ubiquity and ease-of-use will win over security as long as security professionals insist on cumbersome practices.

Nonsensical password complexity rules.

The absolutely asinine technology we have to encrypt emails.

Third-party antivirus software.

Patches forcing a reboot (hell, patches needing a reboot).

Encryption being an add-on or an option.

Bundling spyware and adware with brand new machines in order to reduce their sticker price.

Let's Encrypt changed the world by making SSL certs as easy as they could ever be. That's a very positive step. Likewise, no one has to wonder if their iPhone is infected with malware. They just use it, without any security training at all. Developers use PaaS because patching is hard and you never know if it's going to break a production system. Now it's someone else's problem.

What wins security is making it harder to not be secure. Wordpress is still a long way from that ideal.

[adrianratnapala]

Yep.

One of the most annoying habits of computer professionals when talking about security is how we object to every idea by showing how a stupid/lazy end-user could render it useless.

It's not that users will never do that: it's that users can't get into secure habits if we paralyse ourselves into not providing reasonable tools.

[flukus]

> What wins security is making it harder to not be secure.

I find this is usually at odds with your original statement. Current security practices are almost entirely a security/utility trade off, we make things secure by locking systems down so the user can do less or has to jump through hoops to do it. The iPhone is the perfect example of this, it's only secure because it's limited in what can be installed or run by the user.

[freehunter]

You're right, I worded that wrong. I should have said "What wins security is making it easier to be secure (rather than making it harder to do insecure things). The iPhone went the second route. iOS is undeniably easy to use right out of the box, and it's also really super secure. But if you want to circumvent all of their security, it's actually pretty difficult. You have to trade a lot of things for the ability to jailbreak your phone.

Windows went the other route. If you want to install unsigned drivers, you have to reboot into a special mode, and next time you reboot you lose that privilege again. If you want to install programs, you have to click yes on the UAC pop-up. In the past, none of those roadblocks existed. Rather than making it easier to have good security, they made it harder to do things insecurely.

Microsoft purposefully put in things to make it harder to be insecure, where Apple (with the benefit of starting from scratch and not having to deal with legacy cruft) was able to make being secure easier. Most people don't have to jump through hoops to do things securely on the iPhone because it was built from the ground up to make sure everything you need to do can be done within the sandbox/walled garden.

Things like SSH keys that require you to upload a certificate to every server, that's secure but all you're doing is making it harder to do things. People are more likely to fall back to passwords, so your only option is to not let them use passwords, which is just making it harder to be insecure. RSA tokens are a middle ground, not really harder than a password but far more secure. But a fingerprint scanner built right into a button you were going to press anyway? That is making security easier. It's good (enough) security and end users don't even notice it, let alone have any opinion on it. It just works. It's that easy.