Re: A rather newbie question

[Harlan Carvey <keydet89 () yahoo com>]

> While I think you have a point I also think Ethan
> has one too. It is important 
> to remember that users are generally clueless and/or
> unconcerned with 
> security. Of course I'm grossly generalizing but I
> think you get my point. 

Yes, I can agree with that...I do get the point.  But
who are the users?  Say you're an admin at a law
firm...if the users are supposed to be
security-conscious (face it, a great many admins lack
even the most rudimentary security awareness), then
shouldn't the admins be required to have a law degree,
also?  How about a hospital...shouldn't each admin
then have to have a medical degree?

> Keeping in mind that the weakest link can be the
> average user is always a 
> good idea. And who would argue with idiot proofing
> any system, computer or otherwise?

Within the context of the business needs of the
organization...sure.  
 
> So I think a little harmless joking amongst
> ourselves isn't necessarily all 
> bad :-) After all, how many ID10T errors have you
> fixed in the last week ;-P

I agree that harmless joking is fine...but I've seen
instances in which that harmless joking became part of
the admin's vocabulary, even in front of those same
users.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html