On Fri, Dec 02, 2005 at 06:41:16PM -0800, Andrew Lentvorski wrote: > > Ayup. And this is why we all now use peecees and have crappy security. > > The big problem is that good security is a technical issue which rapidly > mutates into a *political* issue. > > The issue is the fact that the person who grants security access is the > de facto most powerful person in the company. As such, he is also the > biggest political threat in the company. Any technology which can > bypass this will be adopted readily. > > That's what happened with PC's (actually workstations first) and > businesses. Minicomputers and networked terminals generally did a > better, faster and cheaper job than peecees when PC's first appeared. > However, having a PC meant that you did not have to go kowtow to the > keeper of access. This instant removal of a political threat absolutely > ensured the rise of the PC in business. > > I saw all of this in action in IBM where mainframe access was > effectively *free* and PC's cost *real money*. Managers *still* > switched to workstations and PC's. > > The same force also pushes managers toward sacrificing restrictive > access. Restrictive access puts more power in the people who dole out > access; loose access strips that power. > > -a > >
I like the analysis. This also pushes the perimeter of security out to the firewall. A very brittle situation, especially with everyone and his hamster coming in on port 80. -- Lan Barnes [EMAIL PROTECTED] Linux Guy, SCM Specialist 858-354-0616 -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
