what I think is an important little piece via Aaronland today: Peter G. Neumann notes that where there is no authorized access control (i.e., proper security in place), there can be no breach of authority when someone gets in to a system. I’ve probably just butchered the precise meaning, but the concept is important. It cannot be enough to just enact legislation making certain things illegal. Adequate measures to prevent access have also to be put in place. Whether it’s DVDs, eBooks, or whole systems – there is a responsibility to protect your system beyond just stating ‘don’t touch’. Which is what most seem to want to do, rather than dealing with security more thoroughly.
In Montreal, you can get a ticket if you haven’t locked your car door while it’s parked on the street. The principle is that by not taking such a simple measure to keep one’s car secure, one is a drag on society as a whole, by contributing to rising insurance rates via increased theft etc. It’s the same idea.
Michael Boyle's weblog
