Quote:
[Originally Posted by dELTA]I think your view is somewhat contradictory.
When you make it "harder to abuse", the bad guys will still be able to do it, just like you say, but the only thing you might accomplish then is to make the users think it's even more secure (and remove functionality that may be beneficial to them at the same time), which is indeed a bad thing, just like you also say.
|
If you limit the number of ways in which one can abuse the system, or screw it up, this makes it alot easier to determine whether foul play is at hand. If virii only had one way of propagating, it would severe limit the number of virii in the open. As it is, there are a lot of ways that virii can spread, and as a result a lot of computers are down every now and again.
Making the system harder to break indeed makes it more secure. If less people know how to break the security, that to me is a plus. There will always be bad guys out there, but that doesn't mean one shouldn't care about security, as your reasoning will lead to.
Quote:
This is also the exact same conclusion that you thought it was "strange that I arrived at".
|
No. You, for some strange reason, argue that functions should be removed. This is a step of your reasoning I see no premises to accept. In fact, you were arguing that user options be restricted, so that the problem wouldn't be there - unless ofcourse you think that the only way to avoid the problem for users, is to remove the to permission to change files.
Quote:
Which is exactly what I meant about making the data tamperproof with cryptographical means, instead of restricting an operating system which cannot be ultimately trusted anyway (and no, I don't mean "Windows is not secure", I'm referring to the fact that the data cannot be trusted to not have been tampered with even if the operating system isn't exposing any APIs to do it, just like I explained before).
|
You're missing the point: if the general user doesn't know of the security holes, he's not going to use cryptographical means to secure his data. That's the whole point: if all users did, there wouldn't be a problem. However, a lot of users simply don't know that maybe there's a good reason to - and they will never know. Instead of waiting for the inevitable to happen, there may be a point in trying to increase the security of the OS. If the user can use cryptography on his own, it can be implemented in the system as well.
Quote:
Exactly what do you propose to make the date/time functionality more secure without removing any functionality then, in addition to the NTFS permission system?
|
I'm not perfectly familiar with NTFS, but it seems possible to me, that one could implement a system log of file changes (can't remember if there's already something of the sort implemented). In addition to the date/time variables changeable by the user, an additional variable could be used, to keep track of last modification. The variable would be dependent on a system clock not modifiable by normal users.
As we already agreed, there's no point in implementing much extra security for admins - but these had better know what they're doing anyway. The real concern lies with normal users.
Quote:
One of the biggest problems with "normal users" is that they are indeed logged in with admin privileges all the time... |
Some are, some aren't. If the security can be raised for at least some, that's still a step in the right direction, wouldn't you say? Or maybe everybody deserves what they get?
Fake