09 August 2007

Too much security can be overbearing: Microsoft | APC Magazine

I'd like to invite you all to take a look at the article I've linked to above. It's a report on one of Microsoft's security strategists. Here's what got my attention...one of the kids that has ostensibly made Windows Vista security SO invasive is belly-aching about our nation's policy on national security and the war on terror. First of all, I'm not sure that his extrapolation from software security to national policy is relevant, much less worth consideration. In fact, what I see is that this kid has an opinion about the current policy, and has used his position to forward his political views. Get a blog to do your soap-boxing, okay? If I'm paying money to attend Tech.Ed, and you're espousing politics, well - give me my money back. Second, the position that we're no safer as a result of certain security measures and the war on terror just doesn't hold water. We've dismantled and disabled enemy assets, and forced them to cower in caves. As long as they're doing that, then we ARE safer. I agree that taking my shoes off is a pain in the ass, but there IS a precedent for it (does the name Richard Reid ring a bell?).

I do like his philosophy about recognizing methods of attack. However, this doesn't mean you can discount the focus on stopping the tools of attack. You have to address both, and that's what some people just can't seem to grasp, mostly because it inconveniences them.

Here's a case in point: I get pretty aggravated whenever I open up the Control Panel on my own desktop, and get prompted by a security pop-up. It seems stupid and useless to me, since I'm already logged in and authenticated. Yes, I'm sure, so open the damned thing! However, I recognize that it's there for a reason, and I just tolerate it. It seems hypocritical to me that someone who (presumably) helped design this approach has a problem with taking off shoes and passing through a metal detector.
Post a Comment