Re: A rather newbie question

["Ethan Vaughn" <evaughn () levithan net>]

OK. OK. But the point is *User Beware*. Just because the only thing on
your computer is aunt Gracie's recipes and a couple games doesn't mean
it's not important to try and secure it. The "no valuables here" might
work WRT the physical world of security (don't leave your digital cam
sitting on the driver's seat), but it's diff't with the Internet ... and
not necessarily intuitive. It just seems to be a common argument I hear --
indeed, one I used myself way back when.

Anyway. I think I'm preeching to the choir, as it were. I just thought it
worth mentioning ...




> > While I think you have a point I also think Ethan
> > has one too. It is important
> > to remember that users are generally clueless and/or
> > unconcerned with
> > security. Of course I'm grossly generalizing but I
> > think you get my point.
>
> Yes, I can agree with that...I do get the point.  But
> who are the users?  Say you're an admin at a law
> firm...if the users are supposed to be
> security-conscious (face it, a great many admins lack
> even the most rudimentary security awareness), then
> shouldn't the admins be required to have a law degree,
> also?  How about a hospital...shouldn't each admin
> then have to have a medical degree?
>
> > Keeping in mind that the weakest link can be the
> > average user is always a
> > good idea. And who would argue with idiot proofing
> > any system, computer or otherwise?
>
> Within the context of the business needs of the
> organization...sure.
>
> > So I think a little harmless joking amongst
> > ourselves isn't necessarily all
> > bad :-) After all, how many ID10T errors have you
> > fixed in the last week ;-P
>
> I agree that harmless joking is fine...but I've seen
> instances in which that harmless joking became part of
> the admin's vocabulary, even in front of those same
> users.




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html