> I know it's rather easy to break through a glass window, but I still prefer to see outside.
Bad analogy. It is not that easy to break modern multi-layer glazing, and it is also a lot easier to get away with breaking into a computer or account than breaking a window, undetected, until it is time to let the user know (for a ransom attempt or other such). Locking your doors is a much better analogy. You don't leave them unlocked in case you forget your keys do you? That would be a much better analogy for choosing convenience over security in computing.
> I know I could faff with multiple locks for my bike, but I rather accept some risk for it to be stolen for the convenience.
Someone breaking into a computer or account isn't the same as them taking a single object. It is more akin to them getting into your home or office, or on a smaller scale a briefcase. They don't take an object, but that can collect information that will help in future phishing attacks against you and people you care about.
The intruder could also operate from the hacked resource to continue their attack on the wider Internet.
> A major dumb is that security people think breaking in is the end of the world.
The major dumb of thinking like this is that breaking in is often not the end of anything, it can be the start or continuation of a larger problem. Security people know this and state it all the time, but others often don't listen.
> The major dumb of thinking like this is that breaking in is often not the end of anything, it can be the start or continuation of a larger problem. Security people know this and state it all the time, but others often don't listen.
This is exactly the counter productive attitude I criticized. I told you why others don't often listen, but you don't seem to listen to that.
Because the fallout can cause significant problems for others, people not agreeing that online security is relevant to them is like people not agreeing that traffic safety measures (seatbelts, speed limits) are not relevant to them, and should IMO command no greater respect.
Maybe being a bit of a dick about it doesn't help much, but being nicer about it doesn't seem to help at all.
Bad analogy. It is not that easy to break modern multi-layer glazing, and it is also a lot easier to get away with breaking into a computer or account than breaking a window, undetected, until it is time to let the user know (for a ransom attempt or other such). Locking your doors is a much better analogy. You don't leave them unlocked in case you forget your keys do you? That would be a much better analogy for choosing convenience over security in computing.
> I know I could faff with multiple locks for my bike, but I rather accept some risk for it to be stolen for the convenience.
Someone breaking into a computer or account isn't the same as them taking a single object. It is more akin to them getting into your home or office, or on a smaller scale a briefcase. They don't take an object, but that can collect information that will help in future phishing attacks against you and people you care about.
The intruder could also operate from the hacked resource to continue their attack on the wider Internet.
> A major dumb is that security people think breaking in is the end of the world.
The major dumb of thinking like this is that breaking in is often not the end of anything, it can be the start or continuation of a larger problem. Security people know this and state it all the time, but others often don't listen.