On 5 Oct 2006 at 0:41, Wayne Johnson wrote:
> Security is more a state of mind than a series of precautions so I
> can act like an idiot other wise.
That's partly true, although part of a rational assessment of that "state
of mind" usually *includes* taking reasonable precautions, and for EVERY
OS on the planet, except for this bizarre cult of windows admin-all-the-
time folk, that includes doing tasks, in general, with the minimum
privileges necessary to accomplish the task.
> .. Just because one wears a seat belt
> doesn't mean they should drive like a NASCAR driver.
I'm sorry, but you've gotten this exactly backwards. It is just the
opposite: just because you THINK you're a super-safe, NASCAR-class driver
doesn't mean that you *shouldn't* wear your seatbelt and it is certainly
scurrilous to suggest that not-using-a-seatbelt might be OK to *other*
drivers (based solely on your good luck in not getting nailed). Or
suggesting that wearing hard hats at a construction site is unnessary
(they're uncomfortable, hot, restrict your view, etc) because you've been
doing it for 20 yrs and haven't gotten hit by a brick yet.
Even at the beginning of the MSDN article on dropmyrights, Michael warns:
I've said this many times, but I'll say it again, "Running with an
administrative account is dangerous to the health of your computer
and your data." So, whenever someone says they must operate their
computers as administrators, I always try to persuade them it's not
the correct thing to do from a security perspective. ...
Perhaps I'm too security conscious (and that I've used too many operating
systems: I'm sure you're all aware that windows stands alone among
essentially EVERY 'real' OS in embracing this 'admin all the time'
lifestyle) but I still just don't understand why some of you are so
*casual* about it. It is one thing to argue that you "have" to run as
admin and so you put up with the security risks that implies[*] but quite
another to argue that it is just another minor decision, like switching
from Opera to Firefox.
[*] although I'm very very skeptical: I've used a lot of OS's over a
lot of years and have yet to run into *anyone* [other than an
admin-all-the-time windows advocate] try to make the case that they
"need" full privileges all the time],
I confess to having some suspicions about some of it: the security-snake-
oil purveyors, like Symantec and McAfee, certainly want folk to keep
running admin-all-the-time. That's money in the bank for them. And so
their mantra isn't "secure your system" but "buy more snake oil from us".
/Bernie\
--
Bernie Cosell Fantasy Farm Fibers
mailto:[EMAIL PROTECTED] Pearisburg, VA
--> Too many people, too few sheep <--
--
----------------------------------------
To unsubscribe, mailto: [EMAIL PROTECTED]
Is your picture included in the Official Win-Home List Members Profiles Page?
http://www.besteffort.com/winhome/Profiles.html
If not, write to: [EMAIL PROTECTED]
