-----Original Message-----
From: Kurt Buff [mailto:[email protected]]
Subject: Re: On the subject of security...
> I think it has everything to do with the comic, or at least my understanding
> of the comic. What I'm
> reading from it is that he's using poor web browsing techniques, and not
> protecting his personal
> data via the mechanisms I've outlined, including different IDs and passwords
> (and even
> different browsers) for different web sites, etc.
>
> Perhaps you have a different understanding of the meaning of that comic - if
> so,
> please provide me with illumination.
The text in the comic does state "if someone steals my computer whilst I am
logged in...” in which case, disk encryption, multiple passwords, multiple
browsers etc. would mostly be useless – the assumption being that the user is
logged into these sites or apps already.
I think explainxkcd.com does a good job of explaining the comic (emphasis
added):
http://www.explainxkcd.com/wiki/index.php?title=1200
<quote>
Computer operating systems were initially written for the business environment.
Thus they were made to be accessible to multiple employees, or users, but only
fully accessible to administrators (or admins). Regular users can access and
use programs on the computer, but only the admin is allowed to make changes to
how the computer runs. This same split level of security continues to this day,
even in privately owned, or "home", computers.
The joke here is that the most important things on a computer are no longer the
programs that it runs, but the private personal data it accesses (usually
online). Anyone who wished to do real mischief on an active computer could do
considerable damage without ever caring what the admin password was. The admin
password, in effect, now guards a vault no one cares about.
This comic pokes fun at the authorization mechanisms surrounding most operating
systems' administrator accounts. It makes the argument that the user's data is
more valuable than the integrity of the system. (This is arguably true for most
personal systems, although it is probably not true in a shared-server setup,
where a system compromise could lead to the exposure of many users' data.)
Essentially, once a user is logged in, he or she can typically access all of
his or her data without any further restriction. Modifying the operating system
(for example, to install drivers) requires a separate password.
</quote>
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin
