Slashdot Mirror

← Back to Stories (view on slashdot.org)

When Does Usability Become a Liability?

Posted by Cliff on from the stuff-to-discuss dept.

nasteric asks: "I caught myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee. The discussion had to do with usability and security. Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. They claimed making Linux a friend of Joe User will require it to 'open itself up' and become more susceptible to attack. Needless to say, this became an endless debate between our Microsoft Administrators and our Linux/Unix Administrators that will undoubtedly continue into the morning. Therefore I pose this question to the Slashdot community. Will making Linux more user friendly result in it becoming less secure? Hopefully your expertise will help shed some light on (and bring to and end) our discussion." Does decent usability necessarily imply the presence of vulnerabilities? Macs seem to have this area down pretty well, with little in the way of vulnerabilities. Can Linux software follow the same route?

6 of 930 comments (clear)

  1. Re:It's all in the install program... by LostCluster · · Score: 4, Informative

    ugh... foobared that post up... you know what I meant. Linux has everything off by default.

  2. Re:Mac OS X "trojan"? by IntlHarvester · · Score: 4, Informative

    the code can't even be moved in raw binary form without destroying the resource fork

    I assume that most Mac mailers observe the MacMIME spec. This makes sending forked files through email a transparent process.

    (Not arguing with the rest of your post -- I think it would be a lot easier to trojan Mac users with a "Install this Cool Screensaver" thing instead of jumping through hoops with a fake MP3.)

    --
    Business. Numbers. Money. People. Computer World.
  3. Re:Yes by weave · · Score: 5, Informative
    That's what's great about OS X. If you want to install an app and the installer requires admin rights, it prompts you to enter in your user accounts' regular password. This stops automated trojan installers, but doesn't require a separate id/password for doing system level work. It also alerts you that "Hey, I'm doing something that will change by system."

    There is no need to log into an admin account to do any of this kind of stuff under OS X.

    I've also never seen an OS X app that says you have to give all users all perms to the root folder, or have everyone running as admin, or open up the program folder for everyone to write to because settings are being stored in the wrong dang place.

    Windows could be a lot more secure, but Microsoft doesn't go far enough to shame software vendors into sticking to the logo requirements. How many times have you Windows admins had to support a desktop app or driver for a peripheral that REQUIRES admin or power user rights? It's insane that there are Windows programmers that are still writing crap like this today.

  4. Re:Yes by Grayputer · · Score: 5, Informative

    Actually most virus arrivals now do need a luser. Email gateways are doing more scanning and keeping outlook users from becoming auto-lusers. However, one of the latest/best scams is to zip the virus and password protect it (quasi-encrypted) so the gateway scanner can not scan it. Then include instructions in the email that social engineer some luser into unzipping it with the supplied password and running it. I've seen some pretty good email virus scams recently, the text is REALLY good, definitely luser friendly.

  5. Re:It's all in the account setup... by J.+J.+Ramsey · · Score: 4, Informative

    "On Windows they call it Administrator, on Linux they call it Root. It's the same thing, the user account that has no restrictions on it. Every user wants to run that way, because seeing a "permission denied" message on their own box just isn't going to make them consider the system user-friendly."

    Except it's not quite the same. On Linux, graphical apps, at least the ones that are part of the distro's admin tools, prompt for the root password if they are started by a regular user. Windows XP, as far as I've been able to tell, doesn't do this. Ordinary *nix apps are designed to run with user-level privileges, and this has been so from the beginning. Many Windows apps, however, are written with a permissive environment like Windows 95/98 in mind, so apps do things that only work if the "Program Files" directory is writable. Most Linux distros have a regular user account created as part of the installation. Any additional users created as part of a Windows XP installation have Administrator privileges by default.

    On a typical Linux box, running as a regular user is usually the path of least resistance. The opposite is true for Windows XP.

  6. Re:Wha? by Kur · · Score: 5, Informative

    Wrong. Language studies have shown that computer langauges are not equivalent to conventional lanugages . One study, in part, was undertaken to identify whether teaching and using computers at an early age is beneficial. Unsurprisingly, it showed absolutely no benefit. Unlike spoken languages, where the earlier you start, the better you are, computer languages showed no such advantage. That's good news for adults.

    Sorry, I do not have the source available. The study was discussed in the NYT within the last year or so.