On Wed, Aug 15, 2012 at 4:00 PM, b. brewer <bbrewer@littledystopia.net> wrote:
... Recently I've been thinking about an idea I'll call foo security, since I haven't thought of a better name. It's possible that someone else has already thought of this idea, but if so, I don't know what they called it.
Foo security is an attempt to rethink information security from a usability perspective. It's defined as follows:
A system is foo secure with respect to a user if the system's security properties match or exceed the user's beliefs about those properties.
this is also known as hypothesis #3. [0] anything more is a usability liability ;) 0. "Hypothesis #3 -- There is only one Mode, and it is Secure." http://iang.org/ssl/h3_there_is_only_one_mode_and_it_is_secure.html