Re: Sys Admins Wanted

Colin Panisset (Colin.Panisset@nospam.nms.otc.com.au)
Fri, 6 May 1994 11:18:21 +1000 (EST)

Once upon a time, Scott Hopwood was heard to say:

} > I think you'll find that any future
} > sysadmins are going to have to deal with these technologies,
} > dissmissing them because of minor inconveniences isn't going to
} > cut it when you're faced with cleaning up after your passwords
} > have been compromised.
}
} I wouldn't call it a technology, but a technique. Calling it a technology
} implies that it is an advance on the existing state. I think you may be
} putting the needs of the SysAdmin in front of the needs of the users.
} Improving the integrity or maintainability of a system does not always
} improve its usefulness as a tool. To use yet another analogy, its like
} getting your car fixed and the mechanic telling you:
}
} "We moved the engine onto the front seat. It makes it a lot easier to work
} on it if its in the open. This way, if anything goes wrong we can get to
} it straight away"

No, not really. Your analogy presumes that the mechanic is the only one to
benefit from such an interaction. In fact, the issue impacts both the
mechanic and the car driver, in much the same way. Consider:

Car Owner: "I've got this bag of money, see, and I want to keep it in the
front seat of my car, where I can get at it easily. But people keep stealing
it! What can I do?"

Mechanic: <sotto voce> "Get a clue...?" <spoken> "Well, this is a problem.
We'll have to increase the security on your car, obviously. We can do this in
a number of ways. We can move the car somewhere that people can't get to it
ever (lock it in your garage forever), but that makes it useless as a car.
We can paint the windows with on-way mirror paint. That way, no-one can tell
if there's money on the front seat. And if people keep breaking in, we can
teach you how to lock your door!"

Owner: <whining> "But the mirror windows look nasty! And I keep losing the
key! Can't you just fix it easily?"

Mechanic: <pulls out large-caliber semiautomatic weapon> "Sure." <BLAM!>
<Proceeds to strip car for parts>

} I don't see a "well considered solution" as being one which requires you
} to remember (or write down) a new password every time you log in for every
} system you have an account on. God help anyone who looses a wallet, because
} every wallet will contain the keys to all the information that you own.

Bzzzzzzt. A number of one time password systems rely on certain non-special
or pregenerated information, such as the current time, location of login,
and so forth. If you can't remember to wear an accurate watch or can't
work out where you are, then that's your problem.

} A "well considered" system is one which has been discussed and argued about.
} If this is the way systems are going, then I think arguing it *is* in
} order. The users are part of the system, not external to it. They should
} have some say in anything that has a direct impact on them, and not
} ignored and treated like ignorant children.

Agreed. Absolutely. Now they should also realise that the sysadmin is a
part of the system too, and has to *maintain* all these bizarre conflicting
systems cobbled together in the dark of night, because said sysadmin *has*
considered the users and wants them to be able to access a really secure
system easily.

Not a flame.

-- Colin.