[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20030930104438.GA12804755@ohm.arago.de>
From: full-disclosure at arago.de (Thomas Binder)
Subject: CyberInsecurity: The cost of Mo nopoly
Hi!
On Tue, Sep 30, 2003 at 04:09:51PM +1000, Chris Cozad wrote:
> To actually get users to attend this level of training would be
> fantastic. Our jobs would be so much easier. But it just aint
> gunna happen in the real world. It is definitely up to us, as
> security professionals, to effectively "idiot proof" our
> systems, so that users only need to know some basic security
> rules.
Unfortunately, there's always the security/convenience-tradeoff,
i.e. it's quite difficult to design a system / software that's
both very secure and very convenient at the same time. Not to
mention trying to achieve that for existing systems, especially
after people already got used to them.
Ciao
Thomas
Powered by blists - more mailing lists