On 6/30/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Your final statement still focus's only on technology i.e. educate
> programmers.
> Yes I agree they can play a significant part in security applications
> but in my experience the common theme of making everything transparent
> for the users is utter nonesene.
>
> Ordinary users should be educated in security principles to assist in
> understanding the value of data and how their actions could implicate an
> exposure. Especially since we still need to setup users as power users
> or admins in order to operate many third party apps.
Ahh... But you see, with proper security education of programmers, you
wouldn't need to give end users "Power User" or "Administrator" access.
You would teach the programmers how to use the available security framework.
"The person is smart, people are dumb, stupid and panicky." - MIB
You train the ones that build the world, that the end user "lives" in, about
staying within a secure framework.
--
END OF LINE
-MCP
