Firewall Wizards mailing list archives
Re: OfficeTV (was: Personal Firewall Day?)
From: Dragos Ruiu <dr () kyx net>
Date: Tue, 7 Oct 2003 11:53:16 -0700
On October 7, 2003 09:58 am, Marcus J. Ranum wrote:
Sure. Let's solve the problem for 99.99% of the world and let the power users take a competence exam and give 'em the right to use UNIX if they pass. I'm fine with that. But it's stupid to continue to have 99.99% of the computers on earth being managed using primitive tools by people whose primary mission is NOT to manage computers. And, on top of it, let's expect them to keep their systems secure and patched. You've got your agenda backwards because your perspective is as one of the .01% of the computer users in the world who know what they are doing.
One might argue that you are loooking at the problem backwards, and the right solution would be to raise the percentage of users who know what they are doing through education. You are also looking at this as a person who has to administer them rather than someone who has to use them to get something useful done. But that said, I agree to disagree. My experiences with the HP variant of your WebTV box (officeTV?) which was far less radical than what you suggest, left me convinced the concept has many inherent, critical, flaws. Sure administering 2 terminal services boxes is easier than 200 desktops, but that's the administrator talking. The key question is using 200 desktops easier to get more productive work done? Natural selection seems to indicate so far that the latter is the winner. Also this easier to administer concept holds for a few hundred, but it too faces its own scaling issues as you go bigger, in the forms of bureaucracy, latency, inflexibility, and others. When you try to apply it to hundreds of sites and tens of thousands of users, imho, it doesn't hold up. I'll easily stand behind your assertions that our current crop of OSes are TOO difficult to manage (as well as being ridiculously limited in their variation - we are down to what a few dozen OSes, with the majority on a handful of strains down from hundreds a few decades ago). Alas, the first non-toy worm with a _real_ malicious payload that the designers lose control of will convince us of the value of reliablity, redundancy and the inherent dangers of monocultrue I foresee. Though I hope for our sake that day is a long way off. And whether the issue is technical, economic, political, or metaphoric - it is still a real issue, and our increasing computing monocultureness is a problem waiting to bite us. I will also agree that our current software development pays ridiculously nee... dangerously little heed to concepts surrounding security, manageability, scalability and reliability. But the more drastic variant of the solution I saw become such an impediment that you propose doesn't sound like a good direction or an appropriate solution for today's computer security dillemas. I'm not even gonna touch "the dictatorships are good" thing with a ten foot pole. This discussion has wandered too far off anyway. cheers, --dr -- Top security experts. Cutting edge tools, techniques and information. Tokyo, Japan November, 2003 http://www.pacsec.jp pgpkey http://dragos.com/ kyxpgp _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Personal Firewall Day?, (continued)
- Re: Personal Firewall Day? Bill Royds (Oct 11)
- Re: Personal Firewall Day? Devdas Bhagat (Oct 11)
- Re: Personal Firewall Day? Devdas Bhagat (Oct 07)
- Re: Personal Firewall Day? Dragos Ruiu (Oct 07)
- Re: Personal Firewall Day? Christopher Hicks (Oct 07)
- Re: Personal Firewall Day? Marcus J. Ranum (Oct 07)
- Re: Personal Firewall Day? Adam Shostack (Oct 07)
- Re: Personal Firewall Day? R. DuFresne (Oct 07)
- Re: Personal Firewall Day? Frank Knobbe (Oct 16)
- Re: Personal Firewall Day? Marcus J. Ranum (Oct 07)
- Re: OfficeTV (was: Personal Firewall Day?) Dragos Ruiu (Oct 07)
- Re: Personal Firewall Day? David Lang (Oct 06)
- Re: Personal Firewall Day? Adam Shostack (Oct 07)
- Re: Personal Firewall Day? Crispin Cowan (Oct 07)
- Re: Personal Firewall Day? Achim Dreyer (Oct 07)
- Re: Personal Firewall Day? avraham shir-el (arthur sherman) (Oct 07)