BITlab: Behavior Information Technology

BITlab
404 Wilson Rd. Room 251
Communication Arts & Sciences
Michigan State University
East Lansing, MI 48824

Folk Models of Home Computer Security

by: Rick Wash

Abstract

Home computer systems are insecure because they are administered by untrained users. The rise of botnets has amplified this problem; attackers compromise these computers, aggregate them, and use the resulting network to attack third parties. Despite a large security industry that provides software and advice, home computer users remain vulnerable. I identify eight `folk models' of security threats that are used by home computer users to decide what security software to use, and which expert security advice to follow: four conceptualizations of `viruses' and other malware, and four conceptualizations of `hackers' that break into computers. I illustrate how these models are used to justify ignoring expert security advice. Finally, I describe one reason why botnets are so difficult to eliminate: they cleverly take advantage of gaps in these models so that many home computer users do not take steps to protect against them.

Reference

Rick Wash. “Folk Models of Home Computer SecurityProceedings of the Symposium on Usable Security and Privacy.2010.

Download: PDF