December 29th, 2004, 21:20
Interesting coincidence -- or is there a users and security meme loose? These two articles appeared today:

I'm Sick of Fighting Redmond's Battles (,1759,1746287,00.asp)

Today's ISC Handler's Diary Is Partially Right, and Then Completely Wrong (

Both argue (in very different ways) that, really, vendors are responsible for making their products secure out of the box because you cannot expect the unwashed masses to care enough, or have enough expertise, to make and keep their Internet access secure.

December 30th, 2004, 13:29
I think the comment on TaoSecurity about ISPs needing to provide some thin client services is interesting.

I manage a Windows 2003 terminal server at work and have some experience with Linux Terminal Servers ( too. As annoying as Windows can be, it's definitely much better to manage a terminal server than a bunch of standalone workstations. You always know what's installed, if the virus definitions are up to date, who has what access, all software revisions are consistent and easily updated, etc. There's no more local administrators and we use a fairly locked down security policy to keep it all nice and clean. If a client dies then you just swap out the thin client and they are going again. Of course all these benefits would apply to a *nix solution too.

I could see this type of setup being a good thing for a lot of less saavy home users. They could have all the things they need (web browsing, chatting, music, etc.) without needing to worry about keeping it up to date or fixing it. My wife's grandmother had a Mailstation. It had a keyboard and a character LCD screen to do emails. It worked fine for text emails but pictures of great-grandkids and more complicated emails made her get a PC recently. She's had to have tech support fix it a couple times already and is very frustrated with it. I have some other friends who were very happy with their WebTV until it couldn't do some things they wanted. They bought a PC and their grandkids keep installing software and downloading stuff on it. Either one of these examples would have been great candidates for a nice thin client. It would be easy to provide local services (storage, printing, etc.) and overcome the limitations of webtv and other similar products.

Some people might say it's worthless if the internet connection was down but most of these people wouldn't do anything with a local computer either if the internet connection was down. :silly: