On Fri, Aug 24, 2012 at 10:35 PM, Ken Schaefer <[email protected]> wrote: > I disagree. > > Car manufacturers have been constantly finding ways to make our driving > experience > safer, and less stressful. Whilst it still requires some level of > co-ordination, skill and > concentration to drive a car, it is far safer and far easier to drive a car > now than at > any time in the past. And companies are working on ways to make it even more > so.
And yet deaths via car crash remain perhaps the most frequent form of death not due to disease. It's still dangerous. And your comment is irrelevant, because any activity that a) requires human interaction and b) has the possibility of harm to humans, financially or physically requires vigilance and care on the part of those potentially affected, no matter well understood and technologically developed. > Likewise the IT industry has to find better ways to keep things secure rather > than > relying on changing the entire human race's behaviour. Because the latter is > a losing > proposition - it always has been and always will be. > > Constant whinging by *IT Professionals* has done nothing to change that fact > in the past 40 years. It could be argued that man's natural state is illiterate, disease-riddled and violent. Before we could overcome that with better technology, we had to change the culture, i.e., man's nature, and it wasn't easy. Computing is a very new phenomenon, and 40 years is a very short period of time to introduce a new culture. > Passwords may have worked when users only had to remember 5. > These days it's starting to break down. And printed words only work when you have to recognize 40 or 50 and maybe type your name. > So, what do to? Microsoft tried CardSpace, and building password memory > systems in Windows > and IE. Wasn't entirely successful. Some companies are trying federated > identity systems > (e.g. "login with your Facebook account"). Maybe the government should just > issue people > with smart cards (whether or not they are tied to your actual identity - at > least they would be > relatively impossible to duplicate, with today's technology). Tell that to the vendor of ORCA cards. And no, I don't want federated identities - they will be abused. Check that - they are already being abused. > The constant whinging about programmers, users and everyone else, on this > list, is so tiring. > No one is discussing solutions. Telling the entire population of the > developed world to "suck it up" is > not a solution IMHO. It's what we have. When you come up with something that is less dangerous (and federation isn't it, nor are any government-mandated solutions) and easier, I'll listen. I doubt it will come soon. > FWIW IT admins here seem to have no compunction re. posting the products they > use, > the configuration they have, the AV they have installed, their password > complexity rules, their > administration techniques, and the companies they work for and when they are > out-of-the-office > etc. It's rank hypocrisy. Uh, you're going to have to connect those dots for me. Aside from the last two (revealing your company on-list is a big security mistake, IMHO, and OOFs are a form of moronity, regardless if they're imposed by corporate rules), I consider those part of the community education process, which is what we're trying to do with users. Of course, when some of our community state to users that passwords are passe without giving real alternatives, that would be hypocrisy... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
