(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Kerio Reseller
Printer Friendly Version

Convenience and Security


2008/03/04

How many of you will start up your car and leave it running in your driveway to warm it up a bit before you leave? My wife does that because cold weather really bothers her arthritis; a warm car is almost a necessity. Although we hardly live in a high crime neighborhood, I ask that she at least leave it locked while it's sitting unattended, but she doesn't always do that.

Obviously leaving an unlocked car running in your driveway increases the chances of it being stolen - more so in some neighborhoods than others, but the convenience of a warm car decreases security. Even your key clicker - that handy little radio device that locks and unlocks your car - is a security problem: should you lose your keys in a public parking lot, the person who finds them can probably also easily find your car even in a large lot. The clicker makes this much easier than walking around trying keys would be.


Hate these ads?

Why am I thinking about this? It's this Security glitch exposes OS X account passwords post.

My first reaction was "Oh, so what? Physical access again. It's always physical access!. You aren't going to get my machine that easily: I have a strong password, a strong firmware password, I encrypt important files.."

Yeah, right. And then I blow it all for convenience. My worriesome encrypted files are left open and unencrypted most of the time. When I go out for "just a few hours", I don't shut my Mac down - I just put it to sleep. Even sometimes when I know that there will be no one here for a few days, yes, I shamefully leave my Mac sleeping - and don't even require a password to wake it up!

It's not that I don't have a procedure that I could follow. I do have the passwords, and they'd have some value if I'd just shut the machine off. In case of break-in, I even have a mostly broken old laptop that I keep around just so that I can leave it out as an easy swipe. I figure that if I leave it sitting at my desk, any thief will quickly grab that and not bother to look for my well hidden MacBook. I do the same thing with my box of poker money: it's transparent so that you can see it's an instantly available pile of cash and I leave it in plain sight always. At most there's a hundred dollars in there, but it might be enough that a nervous thief would just grab it and the old laptop and scurry off.. unless the thief is in the habit of reading this website, and in that case you'll want to know that I often take the MacBook with me, so you shouldn't spend too much time looking for it. Actually you shouldn't spend much time anyway: that's not much here beyond books. Lots of books, the box of poker change, that crappy old laptop: not much that's worth your trouble. Our TV's are old and bulky, we have very little jewelry.. other than the 'puters, there's not much here worth stealing.

Losing the computers would be more than annoying, so I really should be more religious about at least shutting everything off so that passwords have a chance to work. I'll really regret it if my convenience habits lead me to big inconvenience some day.






Convenience almost always lessens security. That, of course, is exactly why Microsoft has had so many security problems: their focus has been much more on ease of use than hardening security. But good security is hard. Another example is passwords: you should never re-use passwords, of course, but most of us do, at least to some extent. Even I have a "common" password I use in a lot of places that I don't think of as important. I shouldn't do that and neither should you, but we both know we're just kidding ourselves: we do it for convenience.

Well, one thing I do NOT do is let Firefox or the Mac OS X Keychain memorize any passwords. Though if I'm going to leave files open and unencrypted and the machine just gently snoring while I'm off at the gym for half the day, that's not going to help much, is it?

But it certainly is more convenient, right?



Comments /Security/convenience.html


Mon Mar 10 11:34:22 2008: Subject:   anonymous


This could help: http://www.macosxhints.com/article.php?story=20040724203315798

Add your comments
cartoon
Forget the expense of flying to New England. Forget hotel and meals costs.
Installation and light training Boston and New England


Enter your email address for automatic notification of new posts here
(be sure to whitelist 'feedburner.com' if you use spam filtering)

Or use any RSS reader

Delivered by FeedBurner

Views for this page
Today This Week This Month This Year  Overall
215201,245 1,245

numly esn 96953-080304-886665-67
numly barcode

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here

pavatar.jpg
More:
       - Security
       - MacOSX




Unix/Linux Consultants

Your ad here - $24.00 yearly!

http://www.schewanick.com SCO Unix, Solaris, Linx (various), PHP, MySQL, Apache, uniBasic, dL4, Perl, System Administration and more....


UBB Computer Services Support for Openserver, Unixware and Linux. Windows integration with Unix/Linux servers. Hardware, Backup and Networking issues. Located near Sacramento CA, we provide onsite support throughout Northern CA and Nationwide via remote access. We are a SCO Authorized Partner and a Microlite BackupEdge Certified Reseller.


http://www.m3ipinc.com Security, firewalls, ids, audits, vulnerability assesments, BS7799, HIPAA, GLB, incident handling






Coming Attractions

My Favorites

Change Congress

Related Posts