> On Feb 2, 2015, at 5:10 PM, Les Mikesell <lesmikesell@xxxxxxxxx> wrote:
>
> should a software
> vendor make their code stop working for you because they think you
> aren't working hard enough?
When the consequence of widespread bad security is botnets and all the ills that derive therefrom — DDoS armies, spam, etc. — then yes, I think we do need to raise the industry’s overall level of security.
At risk of bringing out some *actual* Internet nutters, the question of minimum password security levels is directly analogous to that of vaccination. When a large population stops vaccinating, we start seeing previously-defeated diseases coming back, like the measles outbreaks in California and rural Australia:
http://goo.gl/7caiui
http://goo.gl/8lT8Pd
Polio was almost completely eradicated, but it’s starting to come back in the middle east after the CIA used a fake vaccination campaign as a pretext to try to get into bin Laden’s Pakistan compound:
http://goo.gl/KbbMUC
http://goo.gl/C2B5EE
I believe personal freedom should count quite highly in policy discussions. But, when your failure to protect yourself endangers me, it stops being a question of personal freedom.
Practice safe hex!
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
