> While I think you have a point I also think Ethan > has one too. It is important > to remember that users are generally clueless and/or > unconcerned with > security. Of course I'm grossly generalizing but I > think you get my point.
Yes, I can agree with that...I do get the point. But who are the users? Say you're an admin at a law firm...if the users are supposed to be security-conscious (face it, a great many admins lack even the most rudimentary security awareness), then shouldn't the admins be required to have a law degree, also? How about a hospital...shouldn't each admin then have to have a medical degree? > Keeping in mind that the weakest link can be the > average user is always a > good idea. And who would argue with idiot proofing > any system, computer or otherwise? Within the context of the business needs of the organization...sure. > So I think a little harmless joking amongst > ourselves isn't necessarily all > bad :-) After all, how many ID10T errors have you > fixed in the last week ;-P I agree that harmless joking is fine...but I've seen instances in which that harmless joking became part of the admin's vocabulary, even in front of those same users. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
