fbpx
Wikipedia

Dancing pigs

February 19, 2023

In computer security, "dancing pigs" is a term or problem that explains computer users' attitudes towards computer security. It states that users will continue to pick an amusing graphic even if they receive a warning from security software that it is potentially dangerous.[1] In other words, users choose their primary desire features without considering the security. "Dancing pigs" is generally used by tech experts and can be found in IT articles.

Origins

The term originates from a remark made by Edward Felten, an associate professor at Princeton University:

Given a choice between dancing pigs and security, users will pick dancing pigs every time.[2]

Bruce Schneier states:

The user's going to pick dancing pigs over security every time.[3]

Bruce Schneier expands on this remark as follows:

If J. Random Websurfer clicks on a button that promises dancing pigs on his computer monitor, and instead gets a hortatory message describing the potential dangers of the applet—he's going to choose dancing pigs over computer security any day. If the computer prompts him with a warning screen like: "The applet DANCING PIGS could contain malicious code that might do permanent damage to your computer, steal your life's savings, and impair your ability to have children," he'll click OK without even reading it. Thirty seconds later he won't even remember that the warning screen even existed.[4]

The Mozilla Security Reviewers' Guide states:

Many of our potential users are inexperienced computer users, who do not understand the risks involved in using interactive Web content. This means we must rely on the user's judgement as little as possible.[5]

A widely publicized 2009 paper[6] directly addresses the dancing pigs quotation and argues that users' behavior is plausibly rational:

While amusing, this is unfair: users are never offered security, either on its own or as an alternative to anything else. They are offered long, complex and growing sets of advice, mandates, policy updates and tips. These sometimes carry vague and tentative suggestions of reduced risk, never security.[7]

Experimental support

One study of phishing found that people really do prefer dancing animals to security. The study showed participants a number of phishing sites, including one that copied the Bank of the West home page:[8]

For many participants the "cute" design, the level of detail and the fact that the site does not ask for a great deal of information were the most convincing factors. Two participants mentioned the animated bear video that appears on the page, (e.g., "because that would take a lot of effort to copy"). Participants in general found this animation appealing and many reloaded the page just to see the animation again.

Schneier believes the dancing pigs problem will lead to crime, a key threat. He said: "The tactics might change ... as security measures make some tactics harder and others easier, but the underlying issue is constant." Ignoring computer security can inflict various types of damage resulting in significant losses.[9]

See also

References

  1. ^ Mooney, Greg. "Dancing Pigs and Other Dangers: 3 Popular Email Cons". DMSi. Retrieved 2020-07-21.
  2. ^ Gary McGraw and Edward Felten: Securing Java (John Wiley & Sons, 1999; ISBN 0-471-31952-X),
  3. ^ Mills, Elinor (October 23, 2009). "Q&A: Schneier warns of marketers and dancing pigs". CNET. Retrieved 12 February 2013.
  4. ^ Bruce Schneier: Secrets and Lies (John Wiley & Sons, 2000; ISBN 0-471-45380-3), p262
  5. ^ "Mozilla Security Review and Best Practices Guide". Mozilla Foundation. 17 May 2002. Retrieved 2 February 2015.
  6. ^ Pothier, Mark (11 April 2010). "Please Do Not Change Your Password". The Boston Globe. Retrieved 2 February 2015.
  7. ^ Cormac Herley (2009). So Long and No Thanks for the Externalities: the Rational Rejection of Security Advice by Users (PDF). New Security Paradigms Workshop.
  8. ^ Rachna Dhamija, J. D. Tygar and Marti Hearst. (PDF). Archived from the original (PDF) on 2008-03-06. Retrieved 2011-05-25.
  9. ^ Mills, Elinor (October 23, 2009). "Q&A: Schneier warns of marketers and dancing pigs". CNET. Retrieved 12 February 2013. The tactics might change--phishing, pharming, key logging, social engineering, password guessing, whatever--as security measures make some tactics harder and others easier, but the underlying issue is constant

External links

  • Beware of the dancing bunnies Larry Osterman's WebLog

February 19, 2023
dancing, pigs, this, article, contains, many, overly, lengthy, quotations, encyclopedic, entry, please, help, improve, article, presenting, facts, neutrally, worded, summary, with, appropriate, citations, consider, transferring, direct, quotations, wikiquote, . This article contains too many or overly lengthy quotations for an encyclopedic entry Please help improve the article by presenting facts as a neutrally worded summary with appropriate citations Consider transferring direct quotations to Wikiquote or for entire works to Wikisource August 2018 In computer security dancing pigs is a term or problem that explains computer users attitudes towards computer security It states that users will continue to pick an amusing graphic even if they receive a warning from security software that it is potentially dangerous 1 In other words users choose their primary desire features without considering the security Dancing pigs is generally used by tech experts and can be found in IT articles Contents 1 Origins 2 Experimental support 3 See also 4 References 5 External linksOrigins EditThe term originates from a remark made by Edward Felten an associate professor at Princeton University Given a choice between dancing pigs and security users will pick dancing pigs every time 2 Bruce Schneier states The user s going to pick dancing pigs over security every time 3 Bruce Schneier expands on this remark as follows If J Random Websurfer clicks on a button that promises dancing pigs on his computer monitor and instead gets a hortatory message describing the potential dangers of the applet he s going to choose dancing pigs over computer security any day If the computer prompts him with a warning screen like The applet DANCING PIGS could contain malicious code that might do permanent damage to your computer steal your life s savings and impair your ability to have children he ll click OK without even reading it Thirty seconds later he won t even remember that the warning screen even existed 4 The Mozilla Security Reviewers Guide states Many of our potential users are inexperienced computer users who do not understand the risks involved in using interactive Web content This means we must rely on the user s judgement as little as possible 5 A widely publicized 2009 paper 6 directly addresses the dancing pigs quotation and argues that users behavior is plausibly rational While amusing this is unfair users are never offered security either on its own or as an alternative to anything else They are offered long complex and growing sets of advice mandates policy updates and tips These sometimes carry vague and tentative suggestions of reduced risk never security 7 Experimental support EditOne study of phishing found that people really do prefer dancing animals to security The study showed participants a number of phishing sites including one that copied the Bank of the West home page 8 For many participants the cute design the level of detail and the fact that the site does not ask for a great deal of information were the most convincing factors Two participants mentioned the animated bear video that appears on the page e g because that would take a lot of effort to copy Participants in general found this animation appealing and many reloaded the page just to see the animation again Schneier believes the dancing pigs problem will lead to crime a key threat He said The tactics might change as security measures make some tactics harder and others easier but the underlying issue is constant Ignoring computer security can inflict various types of damage resulting in significant losses 9 See also EditCute cat theory of digital activism Trojan horse computing References Edit Mooney Greg Dancing Pigs and Other Dangers 3 Popular Email Cons DMSi Retrieved 2020 07 21 Gary McGraw and Edward Felten Securing Java John Wiley amp Sons 1999 ISBN 0 471 31952 X Chapter one Part seven Mills Elinor October 23 2009 Q amp A Schneier warns of marketers and dancing pigs CNET Retrieved 12 February 2013 Bruce Schneier Secrets and Lies John Wiley amp Sons 2000 ISBN 0 471 45380 3 p262 Mozilla Security Review and Best Practices Guide Mozilla Foundation 17 May 2002 Retrieved 2 February 2015 Pothier Mark 11 April 2010 Please Do Not Change Your Password The Boston Globe Retrieved 2 February 2015 Cormac Herley 2009 So Long and No Thanks for the Externalities the Rational Rejection of Security Advice by Users PDF New Security Paradigms Workshop Rachna Dhamija J D Tygar and Marti Hearst Why Phishing Works PDF Archived from the original PDF on 2008 03 06 Retrieved 2011 05 25 Mills Elinor October 23 2009 Q amp A Schneier warns of marketers and dancing pigs CNET Retrieved 12 February 2013 The tactics might change phishing pharming key logging social engineering password guessing whatever as security measures make some tactics harder and others easier but the underlying issue is constantExternal links EditBeware of the dancing bunnies Larry Osterman s WebLog Strider HoneyMonkey Project Retrieved from https en wikipedia org w index php title Dancing pigs amp oldid 1126075717, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.