[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Tom Potts wrote: > > I'm afraid the above notes list to a large degree why computing has ground to > a halt over the last few years. M$ has been selling the lie that computing > can be made easy - it cant! You cant make something easy to use, useable and > secure. I disagree strongly to this. Consider locks, there are various different types of locks in common usage on peoples front doors, which vary widely in security, and hardly at all in ease of use, I don't see how something being on a computer suddenly changes this. You might be right in the practical question of much of modern computing is built in a slapdash fashion (all cheap Yale locks), but I don't think there is a fundamental reason why usability and security should clash. Those who think security is in opposition to ease of use, are I think simply wrong. In most instances they are orthogonal, and in many instances ease of use is necessary to ensure a system remains secure. > Default username/passwords are a must in this environment as otherwise there > would be thousands of inaccessible boxes everywhere! I don't understand this at all. Some common ADSL routers do insist you set an admin password on installation (as does Oracle these days), as does Debian and most other distros. These boxes aren't suddenly inaccessible because of this. Setting unique security credentials on installation is a sensible model, that can be easier to use than a default username/password, since you don't even need to look in the manual to discover what the default is when you first configure the device. > Secure web browsing is a nice idea but at some time there will be a power cut > and you will loose all your bookmarks and most people will grind to a halt > then. I think the security folk would argue all you need is a channel from the browser to a permanent storage for bookmarks. The problem is our computer models allow the browser to write all sorts of things to disk in all sorts of places, rather than what the programmer expected. Which is where models like SELinux come in, or "contract models", where that which is allowed is made explicit in advance. I don't think losing bookmarks will cause most people to grind to a halt, although they might do more random surfing and less work, I don't see that as a problem. Now if it was Google that was missing...
Attachment:
signature.asc
Description: OpenPGP digital signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html