Linked by Eugenia Loli on Wed 8th Dec 2004 20:48 UTC, submitted by Nicholas
Editorial I just spent the last several days reading the lengthy essay "Ying and Yang of Security" which explores the origins of security on the personal computer and explains why the current models are outdated. It seems to argue that security systems designed to keep the system safe are relics of the days of mainframes when the system was more important than the user, but for a personal computer the user is more important than the system.
Permalink for comment
To read all comments associated with this story, please click here.
False Pretense
by Bryan S on Wed 8th Dec 2004 21:19 UTC

*Sigh* Every 6 months or so comes a post that says, "We need to start from the ground up on technology issue X"

Yes, yes, re-inventing the wheel is always fun. But how practical is it? If the computer industry ever wants to become as reliable as say mechanical engineering, we need to focus on improving what has come before, instead of reflexively thinking that we can code up a 'radical new approach' everytime we face hardship.

Fact is, security is hard. No different than the real world. No matter what fancy security system you have for your house, you still need things like doors, walls, locks, and security lights.

Same with computers - any new system you seek to design needs to deal with user & group permissions, user roles, and capabilities.

OS's (see VMS) have had this for a long time. New ideas arent needed. What we do need, however, is better tools to manage what we already have.