We all know the old saying about 7 different eskimo words for snow, and the implications that items that are important in a culture tend to have more words about it in a language. Anyone who's knowledgeable with computers, especially in tech support, knows there's quite a few ways to convey when the user is not understanding what to do, and that it is not a functional bug in the software.
PEBKAC- Problem exists between keyboard and chair. The ID ten T error, spelled idiot. Newb, n00b, newbie, luser, pilot error. Trying to find the any key, or use the computer's cupholder. My father has a saying, in terms of bad drivers, of a "Loose nut behind the wheel."
With the rise of social engineering, nigerian 419 scams, phishing, malware, spyware, and other online attacks that rely more on psychological insecurities than buffer overflows, the user has become more and more the weak link in software security. Unfortunately, I see much of the security debates focus on technical aspects, when we should be looking at personal ones.
Mac users are known to not use antivirus software, and for good reason. During the days of System 6 or MacOS 9, we all had Disinfectant, and perhaps Symantec or Norton, but that was also the days of nvir, cdef, or Stardust. The forces that made these viruses, of curiosity and idle hands have been replaced by greed, which has passed the Mac by.
The lack of wild mac OS X viruses in the wild severely reduces the need for antivirus, but worse yet is the current state of commercial antivirus software. In the effort to be proactive and have more tickmarks on the feature matrix, they are constantly monitoring, scanning, and possibly crashing the OS. The cure is worse than the disease, especially when there is no disease!
Worse yet is the style in which antivirus software typically runs. Get the update, run a scan, repeat. This in and of itself is good, but my issue is with what isn't provided. Security provided by dialog boxes, or by tasks, and then one is magically protected. But antivirus software is reactive by nature, protecting only after the virus is loose, or worse yet, already on your computer.
When you buy a Mac from an Apple retail store, it includes a coupon for a free training session or someone to help set up your computer for you. This is one advantage that PCs lack; an educated user base. Symantec, Microsoft, any vendor concerned about security can do one very simple thing to secure the computer more than anything else: Include a training video to teach the user simple security practices.
It needn't be complex. Analogies would help, especially in translating common real world sense into an online version. It should also address online security with children. Don't talk to strangers? Don't chat with people your parents haven't okayed yet.
Some way to curtail this endless september, by teaching new users how to surf the web wisely. Have Apple's task force in black turtlenecks talk about phishing, spam, and how to avoid other online scams. The biggest security hole of any OS is its users, and actual dialog, not endless dialog boxes, is a vital solution.
