undefined | Better HN

0 pointsArnt6y ago0 comments

How many crackpots have there been there for each Ignaz Semmelweiss, though? Ignoring weird people pays off if it saves having having to spend time on their far-out theories, even if Ignaz was right as well as weird.

I personally think security has been spoiled by unrealistic advice. "Use PGP" is the worst, but it's not alone. A few years ago a mass-market device (tens of millions sold) asked me to enter my password three times within two minutes in order to carry out one single operation, and it demanded that the password be secure enough that I needed two kinds of mode-shift to enter it on that device's keyboard. Who takes that vendor's ideas about security seriously after experiencing shit like that?

0 pointsArnt6y ago0 comments

0 comments

5 comments · 1 top-level

teddyh6y ago· 4 in thread

Crackpots can be filtered out using logic, though. But people don’t do that; people filter based on how hard it would be to change in the proposed way.

People might say that they want security, but when some logical person takes this literally and respond “Use PGP”, they might be logically correct (since as bad as it may be, there might not be any secure alternative to PGP), this advice will always be ignored because what people want is not actually security. What people want is to feel secure while not changing anything about what they are doing or how they are doing it.

jstanley6y ago

> Crackpots can be filtered out using logic, though. But people don’t do that;

For an excellent argument of why most people shouldn't do that, I recommend the essay "epistemic learned helplessness": https://web.archive.org/web/20180406150429/https://squid314....

The gist is that most people are so bad at evaluating logical arguments that they are more likely to be swayed by false arguments rather than correct ones, so the winning strategy is to simply ignore everything that sounds strange.

thu21116y ago

Better URL: https://slatestarcodex.com/2019/06/03/repost-epistemic-learn...

jjoonathan6y ago

If the headache of dealing with PGP is greater than the headache of dealing with a hacker and dodging google targeted ads, it's not remotely illogical to choose the latter.

teddyh6y ago

In some cases, the logical choice and the actual choice may coincide. But people still aren’t, and never will be, logical.

j / k navigate · click thread line to collapse