[nycphp-talk] September Talk
Matthew Terenzio
matt at jobsforge.com
Tue Aug 16 18:41:02 EDT 2005
>
> I believe that the defacto standard for out of the box product and
> programming will become more like "locked down, instant secure setup",
> "data
> encrypted", "all SSL" and "no anonymous access".
>
> We will all be reading on newbie forums questions like: "How do I let
> my
> users access their admin site without a strong password or Smart
> card." And
> the answers will be: "Typically impossible. Why would you do that
> anyway,
> newbie?"
>
>
I agree and disagree.
I think it's great that FreeBSD comes shipped without the ability to
SSH in as root. I was used to that ability in Red Hat, and when I tried
FreeBSD, I was surprised for a moment, but then I thought about it, and
if I ever use a Linux distro that allows that, it will be the first
thing I change.
But security is a moving target. A lot of hardening is in response to
exploits, not as a result of pre-engineering.
So, while I'm glad that experts may be willing to start things off with
heightened security, I realize that security is an ongoing process.
No average web programmer would be comfortable with the "secure" setup
of a web security "expert" of five years ago.
More information about the talk
mailing list