Re: Another Fedora decision

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Tue, Feb 3, 2015 at 1:01 PM, Valeri Galtsev
<galtsev@xxxxxxxxxxxxxxxxx> wrote:
>
>>
>> Yes, computers and the way people access them are pretty much a
>> commodity now.  If you are spending time building something exotic for
>> a common purpose, isn't that a waste?
>
> Do I have to take that people who are not sysadmins themselves just hate
> an existence of sysadmins?

No, I think there are better things for sysadmins to do than fix
settings that should have had better defaults.

>> There are probably still people that take their cars apart to check
>> that they were assembled correctly too.  But that doesn't mean that
>> things should not be shipped with usable defaults.
>>
>
> No, I'm not the driver of my cars, I mean computers. I am a mechanic of
> racing car competition team, my cars go into competition, and the life of
> driver riding it depends on me having taken the whole mechanism apart, and
> making sure nothing breaks and kills driver and hundreds of spectators.

So don't you think it would be a good thing if the thing was built so
it didn't break in the first place? That is, so nobody gets killed
running it as shipped, even it they don't have your magical expertise?

> I really hate these car analogies. They are counter-productive. In your
> eyes my server is indeed a commodity, which I refuse to agree with pretty
> much like I refuse to join ipad generation. My ipad would be commodity,
> but I for one will never trust that ipad and will not originate connection
> to secure box from it.

The point I'm trying to make is that whatever setting you might make
on one computer regarding security would probably be suitable for a
similar computer doing the same job in some other company.  And might
as well have been the default or one of a small range of choices.
And in particular, rate limiting incorrect password attempts and/or
providing notifications about them by default would not be a bad
thing.  Unless there's some reason you need brute-force attacks to
work...

-- 
   Les Mikesell
     lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux