[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KWallet integration
From:       Daniel Stone <daniel () fooishbar ! org>
Date:       2003-09-04 8:36:37
[Download RAW message or body]


On Thu, Sep 04, 2003 at 08:08:04AM +0200, Martin Konold wrote:
> If you decide not to lock your screen you simply leave your account to be 
> used/abused. Any extra complexity in order to save you from the initial 
> failure (not locking the screen) is doomed to fail. 
> 
> If you don't want other people to access your data or steal your identity you 
> simply cannot leave the screen unlocked. 
> 
> In general adding extra "security" features which dont really work only 
> provides people with a missleading impression about their security status. 
> 
> KDE provides for friends and children in need to check their webmail etc. a 
> nice offer to open another session for them if the screen is locked 
> currently.

I'm afraid I have to disagree with you here. I leave my screen unlocked at home
and generally at work, but mainly because everyone in the office has sudo access
to all the machines anyway, and at home, there are a couple of people with the
root password.

That does not, however, mean that I want everyone to be able to use my GnuPG
key, for instance. It also doesn't mean that I want them to be able to do things
like login as me on all the sites I have privileged access to, or my webmail, or
whatever.

Sometimes the concept of multiple levels of security is called for; this is one
of these times.

-- 
Daniel Stone                                              <daniel@fooishbar.org>
http://www.debian.org - http://www.kde.org - http://www.freedesktop.org
"Configurability is always the best choice when it's pretty simple to implement"
  -- Havoc Pennington, gnome-list

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]