On Tue, 14 Mar 2006 17:50:31 -0700, Darrin Chandler <[EMAIL PROTECTED]> wrote:
>>The often used OpenBSD phrase "Secure By Default" actually encourages >>the lazy attitudes and lack of learning. Worse yet, "Secure By Default" >>is fairly misleading since systems are always secured by knowledge, >>effort and dedication. >> >> >I don't think "Secure by Default" is a bad thing. Neither perceptually >nor in practice. I really like the ability to bring up an OpenBSD box on >a public IP without much concern that it'll get hacked in 30 minutes. It seems I failed to be clear. Having sane default settings is a good thing. I very much enjoy and appreciate both the utility and the bragging rights of "Secure By Default" as much (if not more) than most OpenBSD users. The sane default settings we enjoy have come from process of looking at things critically so as to better understand all the implications. The point I failed to be clear on, is I think the same process of critical thinking and understanding implications should also be applied to the rhetoric we use for promotion. Go ask you mom or a nontechnical friend what she thinks when she hears an operating system is "secure by default"? Ask her what it implies? Ask her what she thinks it will require from her? My mom, in her late 60's, hates computers, hates the web, hates email and has no interest in learning about computers but none the less, she uses OpenBSD daily for web access and email. Her replies to those questions were quite enlightening. kind regards, JCR