Re: Sys Admins Wanted

Scott Hopwood (shopwood@nospam.socs.uts.EDU.AU)
Fri, 6 May 1994 11:41:28 +1000 (EST)

On Fri, 6 May 1994, Colin Panisset wrote:

> No, not really. Your analogy presumes that the mechanic is the only one to
> benefit from such an interaction. In fact, the issue impacts both the
> mechanic and the car driver, in much the same way. Consider:

No, it doesn't (though I think this may be stretching the analogy anyway).
The owner gains (in the mechanics view) by having a more easily maintained
car, and as the engine is easy to get to the it should also be cheaper to
maintain.

> Car Owner: "I've got this bag of money, see, and I want to keep it in the
> front seat of my car, where I can get at it easily. But people keep stealing
[Analogy edited]
> Mechanic: <pulls out large-caliber semiautomatic weapon> "Sure." <BLAM!>
> <Proceeds to strip car for parts>

No, your analogy would be more correct if the mechanic suggested only
*one* way of protecting the system, which involved 10 minutes re-wireing
the electrics of the system before each drive (or somthing equally
inconvienent). Cars aren't *Completely?* secure, but secure enough for
most people.

> Bzzzzzzt. A number of one time password systems rely on certain non-special
> or pregenerated information, such as the current time, location of login,
> and so forth. If you can't remember to wear an accurate watch or can't
> work out where you are, then that's your problem.

This is not what was suggested before. If a one-time system can include
information as you suggest, that would be more resonable.

> Agreed. Absolutely. Now they should also realise that the sysadmin is a
> part of the system too, and has to *maintain* all these bizarre conflicting
> systems cobbled together in the dark of night, because said sysadmin *has*
> considered the users and wants them to be able to access a really secure
> system easily.

To abort:

"Oh what a tangled web we weave, when computing systems we do concieve"

-----------------------------------------------
Scott Hopwood shopwood@nospam.socs.uts.edu.au

'A monkey throws,
A spinning bone,
A silent spaceship'