Jason Bassford wrote:
> Isn't have SOME security (even if it's not all that serious) better
> than having NO security? Again, I'm not sure why there's an argument
> against this on a theoretical level.
No SOME security is WORSE than NO security? Why? Because most users do
not understand that they only have SOME security. They assume because
they had to provice a password, or the data is stored 'encrypted' that
it is secure. They will come to depend on this as if it's secure and not
be cautious about what data they store in their profile. Then when they
are attacked, they are in even a worse position that they were
originally because the didn't understand that their data was vunerable.
This is not a theoretical argument. It plays out all the time in real
life (and will continue to play out as long as applications insist on
providing snake oil security.
bob
