Interesting analysis of the Brain Training phenomenon. I would hardly call it a “trojan horse” or claim that it is not a game, but otherwise a nice description of what makes the software so popular.

Now, if they could just have a few questions/quizzes to make people more careful with how they treat their (and others’) data.

As a side note, I had several conversations about user education today and then I found Bruce Schneier had posted something about it on his blog as well. He mentions a counterpoint by Marcus Ranum, but this just made me think of the fundamental differences in perception by the soft-spoken Bruce versus tough-as-nails Marcus. They both seem to love educating others and spreading the word about good security practices, but both also make a case for a world with less need (Bruce by creating incentives for people to make simpler technology and Marcus by creating incentives for peope learn risks faster).

One big problem with Marcus’ theory, incidentally, is that people may never realize the true cause of failure was not incidental. I have heard this referred to as the theory that a cat might not step on a particular hot stove again after they get burned, but they tend not to translate their experience into “red stove tops are hot, don’t step on them again”. I posted a comment on Bruce’s blog to highlight an issue with his theory of “just make things safer”.