In computer security, “ dancing pigs ” is a term that describes the attitude of computer users toward computer security. It means that users will continue to view funny images, even if they receive a warning from security programs that clicking a link may be a threat. In other words, users select the desired content without regard to its security. The expression “dancing pigs” is commonly used by computer experts and can also be found in articles on information technology and security.
The term was introduced by Gary McGraw and Edward Felten :
 | If users are given the choice between dancing pigs and safety, they will always choose pigs [1] |  |
Bruce Schneier declares:
| Each time, when confronted with a choice between safety and dancing pigs, the user selects pigs [2] | |
Bruce Schneier reveals this:
| If Ivan Setevoy clicks on a button that promises a pig dance on his monitor, but instead receives a warning describing the potential dangers of the application, he will always choose dancing pigs. If the computer displays a warning like “the FLATTERING PIG application may contain malicious code that could permanently damage your computer, steal your savings and affect your ability to have children,” he will still click OK without even reading the warning. After 30 seconds, he does not even remember that a warning occurred at all [3] | |
The Mozilla Security Review Guide says:
| Many of our potential users do not have much experience in using a computer. They do not understand the risk of using interactive web content. This means that we must rely on user decisions as rarely as possible [4] | |
The widespread article [5] of 2009 directly refers to a quote about dancing pigs and argues that user behavior is more or less rational:
| Although it is funny, it is also unfair: users are never offered security, either on its own or as an alternative to anything. They are offered a long, complex and ever-increasing set of tips, rules and regulations that never promises safety, but instead carries vague assumptions about reducing risk [6] | |
Experimental Confirmation
One of the studies of phishing showed [7] that people, to some extent, really prefer “dancing” animals to safety. The study consisted of showing subjects a number of phishing sites, including the Bank of West homepage. For many subjects, the attractive design, level of detail, and the fact that the site did not request a large amount of information were the main factors of choice. Two subjects mentioned a video with an animated bear appearing on the page (for example, “because copying such a video will take a lot of effort”). Basically, the participants found this animation attractive, many reloaded the page just to see it again.
See also
- Trojan horse
Notes
- ↑ Gary McGraw and Edward Felten: Java Defense (John Wiley & Sons, 1999; ISBN 0-471-31952-X ), Section 1, Part 7
- ↑ Mills, Elinor . Q&A: Schneier warns of marketers and dancing pigs (October 23, 2009). Date of treatment February 12, 2013.
- ↑ Bruce Schneier: Secrets and lies. Data Security in the Digital World ( Secrets and Lies ). ISBN 0-471-25311-1
- ↑ Mozilla Security Reviewers' Guide / Mozilla Foundation
- ↑ Mark Pothier . Please Do Not Change Your Password (April 11, 2010). Date of appeal May 25, 2011.
- ↑ Cormac Herley (2009). " So Long and No Thanks for the Externalities: the Rational Rejection of Security Advice by Users " in New Security Paradigms Workshop ..
- ↑ Rachna Dhamija, JD Tygar and Marti Hearst, Why Phishing Works (inaccessible link) , to appear in the Proceedings of the Conference on Human Factors in Computing Systems (CHI2006), 2006.