[conspire] About conditioned helplessness

[Rick Moen]

Quoting Edward Cherlin (echerlin at gmail.com):

[...]
> Fortunately, there is a cure, and people once cured apparently cannot
> be infected with the disease again, according to Seligman's research.
> Unfortunately, the cure is difficult. You have to push people to help
> themselves over and over again until the light comes on.

To clarify, I was not speaking _generally_ of condtioned helplessness,
but rather specifically of conditioned helplessness about computer
security against outside attack.

> It is almost impossible to protect a system from authorized users.

A point, but that's a different discussion, really.   If I'd been
talking about protecting the system against _inside_ threats, I'd have
suggested a locked-down appliance.  That's not the problem space I was
discussing with my friend.

> It is known that trying to determine whether a program contains
> malware by inspecting it is an inherently undecidable problem.

Yes, quite.  This is what Marcus Ranum called 'enumerating badness' in
his article about the six worst ideas in computer security.