J.C. Roberts wrote:
These days, you see computer security mentioned on the nightly news, yet
there's never any mention of correctness or quality. The result has been
obvious; people have flocked to OpenBSD in hopes of attaining this
supposed "security" thing but they never realized there is a lot of work
and learning required.
The often used OpenBSD phrase "Secure By Default" actually encourages
the lazy attitudes and lack of learning. Worse yet, "Secure By Default"
is fairly misleading since systems are always secured by knowledge,
effort and dedication.
I don't think "Secure by Default" is a bad thing. Neither perceptually
nor in practice. I really like the ability to bring up an OpenBSD box on
a public IP without much concern that it'll get hacked in 30 minutes.
Installing things, even most packages, takes reading and learning. And
that's as it should be. Opening up ports should take *some*
understanding of what you're getting into. Other oz make it too easy to
install services, and encourage the use of webmin, all to the detriment
of the users.
Though he dumbed down the details a lot, before Theo's post on this
thread, how many people had any clue how dangerous X and/or video
drivers (particularly closed source blob drivers) really are? More
importantly, how many people would extend the effort to try solving the
problem?
I was less aware than I should have been.
If a slogan was used that is less buzzword compliant, less inviting and
less misleading, the situation might improve or at least potential users
would be forewarned about the study and effort required.
Personally, I lean towards "Difficult By Default" but probably because
it also applies to my personality. ;-)
It's not that difficult. It's just not point and click (thank goodness).
The faq, the man pages, and this list all encourage reading, learning,
and understanding what the hell you're doing. I don't see any conflict
whatsoever in that and in Secure by Default.
--
Darrin Chandler | Phoenix BSD Users Group
[EMAIL PROTECTED] | http://bsd.phoenix.az.us/
http://www.stilyagin.com/ |
