Re: a password question

From: Andy Fraser (andyfraser31_at_hotmail.com)
Date: 08/10/05 

Date: Wed, 10 Aug 2005 14:55:46 +0100

In comp.os.linux.setup, tim wunder uttered the immortal words:

>> A few months ago on a non-techie NG a Windows vs Linux flamewar broke
>> out (I didn't start it, honest). One of the complaints was that Linux
>> didn't let a user have the same rights as root like a Windows user can
>> be in the admin group and have full access. They complained that they
>> had to keep entering a password to get root access. These were all
>> typical users who didn't give a damn about security, just convenience.
>>
>
> <snip>
> Linux can be configured to be as insecure as you like, giving ordinary
> users full access to the system is almost trivial. Making Windows
> secure, on the other hand, is non-trivial.

You're right but that wasn't my point. I'm concerned that some Windows users
have little to no regard for security at all. The last time I installed
Windows XP (from a pre-SP CD if that makes a difference) it set up the
first added user with admin rights and no password! Passwords aren't the be
all and end all of security and there's a hell of a lot more wrong with
XP's security model but it's a start. Having to enter passwords by default
is one reason for not switching to Linux given by some Windows users.

I'm worried about a possible future where we see a number of ex-Windows
users choosing maximum convenience over a good balance of security and
convenience. I can almost hear the cries of "Hey! I thought Linux was
supposed to be more secure than Windows but it's not much better!" from
these users.

It annoys me when some adds "I can do this in Windows" to their post,
particularly when it's a security matter and they want to lessen security.
It says to me that they're stuck in the Windows mindset and just trying to
emulate Windows behaviour rather than trying to understand why Linux does
something different by default. 

-- 
Andy.

Relevant Pages