[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] CyberInsecurity: The cost of Mo nopoly

To: "'full-disclosure@xxxxxxxxxxxxxxxx'" <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] CyberInsecurity: The cost of Mo nopoly
From: Thomas Binder <full-disclosure@xxxxxxxx>
Date: Tue, 30 Sep 2003 12:44:38 +0200

Hi!

On Tue, Sep 30, 2003 at 04:09:51PM +1000, Chris Cozad wrote:
> To actually get users to attend this level of training would be
> fantastic. Our jobs would be so much easier. But it just aint
> gunna happen in the real world. It is definitely up to us, as
> security professionals, to effectively "idiot proof" our
> systems, so that users only need to know some basic security
> rules.

Unfortunately, there's always the security/convenience-tradeoff,
i.e. it's quite difficult to design a system / software that's
both very secure and very convenient at the same time. Not to
mention trying to achieve that for existing systems, especially
after people already got used to them.

Ciao

Thomas

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [inbox] Re: [Full-Disclosure] CyberInsecurity: The cost of Mo nopoly
  - From: Chris Cozad

Prev by Date: RE: [Full-Disclosure] Re: Pudent default security - Was: CyberInsecurity: The cost of Monopoly
Next by Date: Re: [Full-Disclosure] CyberInsecurity: The cost of Monopoly
Previous by thread: RE: [inbox] Re: [Full-Disclosure] CyberInsecurity: The cost of Mo nopoly
Next by thread: Re: [inbox] Re: [Full-Disclosure] CyberInsecurity: The cost of Mo nopoly
Index(es):
- Date
- Thread