John Kelsey and I wrote a short paper for the Rossfest Festschrift: “Rational Astrologies and Security“:
There is another non-security way that designers can spend their security budget: on making their own lives easier. Many of these fall into the category of what has been called rational astrology. First identified by Randy Steve Waldman [Wal12], the term refers to something people treat as though it works, generally for social or institutional reasons, even when there’s little evidence that it works—and sometimes despite substantial evidence that it does not…
This article has been indexed from Schneier on Security