

Recent Android security hype, is just hype. - shirtless_coder
http://www.tomdignan.com/?p=66

======
JunkDNA
From the article: "bottom line on this one is that users click OK. Well we may
or may not be able to trust users to read the screen before they click OK, it
is not appropriate to paint this as an Android security flaw. What it really
is, is a human security flaw. Therefore the hype is invalid, as this fact
about the human condition has been known by almost every living being for
hundreds of years."

I am not an Android user, but as a general computer user for years, this
section annoyed me. The problem is that users frequently suffer from warning
fatigue. After you see that screen 30x, you just don't see it anymore, no
matter what it says. There are way too many people who don't take human
factors into consideration when they design security features. Humans aren't
robots. They aren't infallible. Even the best of us screw up. Software needs
to be designed around that concept and provide multiple safety mechanisms and
methods for notification. I'm not saying it's easy, but surely we can do
better than just slapping a bunch of text into a dialog?

~~~
shirtless_coder
Yeah, and I totally agree with you. The problem is that this is still a human
flaw. It's not a flaw with the security of android as a platform.

~~~
blueben
When software design causes users to behave in a good way, we praise the
software. So too must we blame software when it causes users to behave badly.

