I mean, I think it's a worthwhile comment even granting this. When people are worrying about the computer scare of the moment, they tend not to realize that the threat surface is so massive that they're certainly, inevitably vulnerable somewhere.
No security habit short of Ludditism was going to keep people safe from Heartbleed. And it does feel a little on the nose for Comey to be pushing a security 'story' that's conveniently removed from crucial steps like "update your software regularly". I was irritated to see him describe that as "caring about people's personal security" when his stance on all other tech topics is to make people give up security for access.
None of which makes taping up a webcam wrong, of course. It's easy, it's nontechnical, and it eliminates a whole (very real) class of threat at a single stroke. That's actually pretty good, and webcam spying/blackmail certainly does happen.
In fairness, however, he wasn't "pushing the story". Indeed the irony is pointed out during the story.
I work at a public library and occasionally teach computer classes. In one we cover security, but it's infuriatingly difficult. When you're working with people who have trouble with the mouse, or even with basic literacy (I mean reading literacy, not computer), it's hard to explain "attack surfaces" or "the cloud". It usually comes down to:
1. Understand the difference between identity and security.
2. Update your software regularly.
3. Use different passwords for different services and write them down (the number of people who don't know their password because they have email on their phone is... too high).
4. Be aware of who you are giving information to and why. Do they need that information? Is what they are offering worth providing it.
No security habit short of Ludditism was going to keep people safe from Heartbleed. And it does feel a little on the nose for Comey to be pushing a security 'story' that's conveniently removed from crucial steps like "update your software regularly". I was irritated to see him describe that as "caring about people's personal security" when his stance on all other tech topics is to make people give up security for access.
None of which makes taping up a webcam wrong, of course. It's easy, it's nontechnical, and it eliminates a whole (very real) class of threat at a single stroke. That's actually pretty good, and webcam spying/blackmail certainly does happen.