I hadn't hear about CALEA until now and Cringley's article made me stop for a moment. He attributes the problem to "a dumbing down of IT". Isn't that one of the roots of most security problems? Users and even administrators don't know what needs to be secured or often how to secure it. But, come on, when you are running the infrastructure, shouldn't the burden of competency be a bit higher?
Posted by cbrown at July 14, 2003 10:40 PMThe burden of competency should be high when a person's profession is to run the infrastructure. Where the industry still has too far to go is in implicitly placing a similar burden on average users. There's still too many places to adjust too many poorly-documented settings. If I use a toaster, should I have to understand how electricity works, or should I just be able to press the lever and toast my slices? At the same time, I need to have some understanding of what's going on so I can use the appliance safely. It's a real balancing act.
Posted by: Todd at July 28, 2003 11:11 AMAgreed - I can't believe the things I'm forced (for instance) to explain to my mother while she's running her computer. Let's face it. There is nothing intuitive about today's user interfaces. Most web browsers look alike, not because that's the intuitive way to browse but because the *very first* web browsers defined the interface and it's now frozen in time.
Posted by: Chris at July 28, 2003 9:23 PM