Security in Practice: Security-Usability Chasm

Computer systems security area has received increased attention from both academics and in industry. However, recent work indicates that substantial security gaps emerge when systems are deployed, even with the use of state-of-the-art security protocols. The authors' findings suggest that wide-spread security problems exist even when protocols such as SSL and SSH are deployed because systems today do not give security warnings properly or make it trivial for users to bypass them. Even when these protocols are deployed correctly, systems often leave themselves vulnerable to social-engineering attacks as an artifact of their design.