An Operating System in the hands of a novice is inherently unsecure. Some OS's are worse than others, but it is the wetware that is the larger issue at the outset. And while "forced" is a strong term, it doesn't miss the mark by much. You are not suggesting that momma and pappa can go down to Sears and get the Hot Wheels Computer for little Johnny or the Barbie PC for little Jill with a secure Posix OS and Barney software on it are you? They're going to buy Microsoft because they don't trust the hippies in the Yurts and Tepees that are trying to give their software away, and the MS tortureware comes with the cute little box they're buying.`
Doug --- Tim Fournet <[EMAIL PROTECTED]> wrote: > I think you're making an incorrect assumption in that any new > computer > user is forced to use an inherently insecure operating system. > > -Tim > > > > On Wed, 2002-07-03 at 09:42, Doug Riddle wrote: > > I want to wade in on this one, because I can see both sides. > > I'll use my father as an example. He is very intelligent, a > former > general of the US Army, captain of industry, etc, etc. He is > not, by > any stretch of the imagination computer literate. He can use a > PC > and send and recive emails, but if the screen changes colors, > he > calls for help. To him, a computer is a "blackbox." At almost > 70 > years old he has no interest in trying to learn the workings of > said > box, he just wants to stay in touch and talk to some old > friends. He > should be able to do that in reasonable safety. He understands > there > are security issues, and has accepted the fact that his > ignorance > will occassionaly lead to his PC being wiped out. He counts on > keeping a low profile and a decent virus scanner to protect him > from > most problems, and it will. > > I, on the other hand run some domains, manage some websites and > love > Linux. My exposure is a higher, and I have to take more steps > to be > sure that not only am I safe, but that I am not unwittingly > used as a > tool by someone else in a DoS or worse. > > Then there is the new user. Unless they are so dense as to > have to > have someone come over and turn on the PC and use the mouse for > them, > they have to be aware of the basic threats a computer user on > the > internet faces. However, their skill level does not allow them > to > combat these threats. Informing them of specifc threats on a > constant and consistant basis does them no good, as they cannot > respond. It is a sad but true fact that there is more > misinformation > than factual information available. > > It is deplorable that Microsoft doesn't make a better effort to > secure their software and educate their customers. Given the > current > disasters in the American corporate model it is not surprizing > that > Microsoft treats their customers as non-entities, but it is > unethical. > > So, what is a good approach to sending out notices about > security > flaws? Probably a new mailing list. Anyone that wants to > suscribe > and try and protect themselves can subscribe. Advise the new > users > to tackle the basics before subscribing. That way it is a > self-paced > system and those that wish to remain blissfully ignorant are > welcome > to do so. > > In a perfect world, these would not be issues, we do not live > in > Perfect as the commercial says. We live in a society where > half of > the people are so failed by the education system that they > cannot > read and write well enough to fill out a job application. We > need to > cut the new people some slack while they come up to speed. > Besides, > there is no surer teacher that fire is hot than a scorch mark > on your > hand. > > My two cents, US. > > Doug Riddle > > > --- Jerald Sheets <[EMAIL PROTECTED]> wrote: > > But don't you consider it a moral issue that common *REAL* > security > > threats are not discussed freely? > > > > I find that amoral at best and criminal at worst. In any > event, it > > does > > a disservice to new folk. > > > > A very palatable method of succeeding at free discourse > without the > > detriment of speech deprivation :-) would be to have a > > "clickers-announce" list where such items are "announced" as > they > > occur, > > and then in the context of the same message you could present > the > > time > > and place (and cost if applicable) of the discussion "what it > is > > and > > what you can do". > > > > As an educator, I would find this a fine occasion to divert > from > > standard curriculum, and follow a thread explaining the state > of > > security today, what it is, how it works, and what you can > do. > > Simply > > quashing a free discourse on said topic does a service to no > > one....ESPECIALLY newbies. > > > > --JMS > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Larry Braud > > > Sent: Wednesday, July 03, 2002 9:07 AM > > > To: [email protected] > > > Subject: Re: [brlug-general] IE un-Security > > > > > > > > > John, the problem is, a very large percentage of the > > > membership of CC are New-Newbies. They just got their > > > computer, (in hours usage), and are afraid to turn it on if > > > > someone says "security problems". You have to remember that > > > > on a 1 - 10 scale, the Linux group are at an 8 - 10 and the > > > > members that we teach are in the 1 - 3 range. Security > > > problems are real and I try to address it every workshop I > > > give, but a lot of the CC membership still don't even have > > > the basic antivirus or firewall software even thought you > can > > > get them free. Larry > > > > > > > John Beamon wrote: > > > > "Holy crap", indeed. Is it really PI to mention security > > > > problems in > > > > the Clickers' list? What else do 1500 ppl talk about on > a > > > daily basis > > > > in what is essentially a Windows club? > > > > > > > > </span> > > > > > > > > oof! That was harsh. I'm sorry. It slipped out before > I > > could > > > > restrain it. No offense intended. Seriously, when MS' > own > > Supreme > > > > Architect (or whatever his title is this week) goes for > Trusted > > > > > > Computing (TM) and makes security job #1 for the world's > > largest > > > > software company, it seems that a basically Windows club > would > > > > consider this an important subject to converse freely > > > about. I mean, > > > > if I checked my mail more than my securityfocus.com and > > cert.org, I > > > > would APPRECIATE people pointing out major security > issues > > > from time > > > > to time. Finding the subject gauche is just obtuse > beyond > > > belief in > > > > modern computing times. No offense intended, but I > "don't get > > it". > > > > > > > > -j > > > > > > > > > > > > > > > > _______________________________________________ > > > > General mailing list > > > > [email protected] > > > http://brlug.net/mailman/listinfo/general_brlu> g.net > === message truncated === ===== Warmest Regards, Doug Riddle http://www.dougriddle.com ## Firearms are second only to the Constitution in importance; they are the Peoples' Liberty Teeth." - George Washington ## __________________________________________________ Do You Yahoo!? Sign up for SBC Yahoo! Dial - First Month Free http://sbc.yahoo.com
