inessential by Brent Simmons

Security and Profit

John on a difference between security and privacy:

The difference, though, is that with security, the biggest problem is a lack of attention from developers. With privacy, the biggest problem is purposeful obfuscation by developers looking to profit by having users think their information is more private than it actually is.

I agree that the biggest problem with security is a lack of attention. But I also think that a lot of security issues, at least in the past, were a result of developers seeking to profit by making their software easier-to-use at the expense of security.

There’s no need to point the finger just at Outlook and IE and Windows. An example that persists, and that bothers me, is Safari’s “Open ‘safe’ files after downloading” preference, which defaults to on.