Slashdot Mirror
When Does Usability Become a Liability?
nasteric asks: "I caught myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee. The discussion had to do with usability and security. Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. They claimed making Linux a friend of Joe User will require it to 'open itself up' and become more susceptible to attack. Needless to say, this became an endless debate between our Microsoft Administrators and our Linux/Unix Administrators that will undoubtedly continue into the morning. Therefore I pose this question to the Slashdot community. Will making Linux more user friendly result in it becoming less secure? Hopefully your expertise will help shed some light on (and bring to and end) our discussion." Does decent usability necessarily imply the presence of vulnerabilities? Macs seem to have this area down pretty well, with little in the way of vulnerabilities. Can Linux software follow the same route?
ugh... foobared that post up... you know what I meant. Linux has everything off by default.
the code can't even be moved in raw binary form without destroying the resource fork
I assume that most Mac mailers observe the MacMIME spec. This makes sending forked files through email a transparent process.
(Not arguing with the rest of your post -- I think it would be a lot easier to trojan Mac users with a "Install this Cool Screensaver" thing instead of jumping through hoops with a fake MP3.)
Business. Numbers. Money. People. Computer World.
There is no need to log into an admin account to do any of this kind of stuff under OS X.
I've also never seen an OS X app that says you have to give all users all perms to the root folder, or have everyone running as admin, or open up the program folder for everyone to write to because settings are being stored in the wrong dang place.
Windows could be a lot more secure, but Microsoft doesn't go far enough to shame software vendors into sticking to the logo requirements. How many times have you Windows admins had to support a desktop app or driver for a peripheral that REQUIRES admin or power user rights? It's insane that there are Windows programmers that are still writing crap like this today.
Actually most virus arrivals now do need a luser. Email gateways are doing more scanning and keeping outlook users from becoming auto-lusers. However, one of the latest/best scams is to zip the virus and password protect it (quasi-encrypted) so the gateway scanner can not scan it. Then include instructions in the email that social engineer some luser into unzipping it with the supplied password and running it. I've seen some pretty good email virus scams recently, the text is REALLY good, definitely luser friendly.
so they think anything that's user friendly must be vulnerable. A classic logic error, whose name I forget right now.
:-)
How about "familiarity breeds contempt"?
How about post hoc, ergo propter hoc?
Just be sure to wear the gold uniform when you beam down -- you know what happens when you wear the red one.
If the user doesn't care about security then it is hard to add more security without making the system more difficult to use.
On the other hand a system infected with viruses and trojans can be un-usable.
In all fairness to MS, the Windows history is from a novice single user or small work group. Windows was kinda of thrust onto the Internet, by, well, the growth of the Internet. It is more usable and less secure because of that.
Linux has the whole multi-user UNIX, USENET, geek, Internet history behind it. It is more secure and less usable because of that.
I see Windows and Linux evolving toward each other in security, in usability and in many other ways.
"On Windows they call it Administrator, on Linux they call it Root. It's the same thing, the user account that has no restrictions on it. Every user wants to run that way, because seeing a "permission denied" message on their own box just isn't going to make them consider the system user-friendly."
Except it's not quite the same. On Linux, graphical apps, at least the ones that are part of the distro's admin tools, prompt for the root password if they are started by a regular user. Windows XP, as far as I've been able to tell, doesn't do this. Ordinary *nix apps are designed to run with user-level privileges, and this has been so from the beginning. Many Windows apps, however, are written with a permissive environment like Windows 95/98 in mind, so apps do things that only work if the "Program Files" directory is writable. Most Linux distros have a regular user account created as part of the installation. Any additional users created as part of a Windows XP installation have Administrator privileges by default.
On a typical Linux box, running as a regular user is usually the path of least resistance. The opposite is true for Windows XP.
If the os let a person say:
burn song.wav to cd1 as audio-cd
burn all songs in c:\mp3 to cd1 as data-cd
that would be pretty easy and friendly. But no os does that AFAIK. No reason you couldn't make a bash alias to do that and then it would be easy for people.
Actually, that looks pretty close to AppleScript. Unfortunately, the "ease of use" tends to become a liability to advanced users, as they have difficulty remembering the syntax.
Javascript + Nintendo DSi = DSiCade
Wrong. Language studies have shown that computer langauges are not equivalent to conventional lanugages . One study, in part, was undertaken to identify whether teaching and using computers at an early age is beneficial. Unsurprisingly, it showed absolutely no benefit. Unlike spoken languages, where the earlier you start, the better you are, computer languages showed no such advantage. That's good news for adults.
Sorry, I do not have the source available. The study was discussed in the NYT within the last year or so.
> Most "viruses" at the moment need a stupid user.
Hmm, I was under the impression that most viruses these days just need a stupid email client (read: Outlook), with no intervention by the user required one way or the other.
A virus, by definition, requires human intervention to propagate.
A worm can propagate without human intervention.
Tracy Hickman (of Dragonlance fame.) has professed to using a "help you write" tool. Despite using what ammounts to a novel-wizard, [...]
Its not as bad as you make it sound. The software in question is essentially a directed brainstorming application that helps authors make sure their ideas for a novel adequately cover the many different levels that many critics think are essential for a 'good book'. It isn't exactly 'point and drool'...
> you can't just supply the Admin password, you have to logout, kill all your apps, login as admin, do what you were trying to do in the first place
/?
/user:<UserName> program
/profile if the user's profile needs to be loaded
/env to use current environment instead of user's.
/netonly use if the credentials specified are for remote access only.
/user <UserName> should be in form USER@DOMAIN or DOMAIN\USER
/profile /user:mymachine\administrator cmd /profile /env /user:mydomain\admin "mmc %windir%\system32\dsa.msc" /env /user:user@domain.microsoft.com "notepad \"my file.txt\""
/netonly.
C:\> RUNAS
RUNAS USAGE:
RUNAS [/profile] [/env] [/netonly]
program command line for EXE. See below for examples
Examples:
> runas
> runas
> runas
NOTE: Enter user's password only when prompted.
NOTE: USER@DOMAIN is not compatible with