Reply to post: Re: "Personal" computer no more

Don't want to upgrade to Windows 10? You'll download it WHETHER YOU LIKE IT OR NOT


Re: "Personal" computer no more

"It's not just Microsoft; Google, Apple, and pretty much all the big players seem to be enthusiastically moving in this direction. An analogy would be: we've moved from the traditional liberal "everything is permitted unless it's expressly forbidden" model of rights, to the totalitarian "everything is forbidden unless it's expressly permitted". And I hate it."

While I agree with the sentiment, and I loathe the loss of control over a device that I've paid through the nose to own, is this not something we actually asked for ourselves? We've been slamming the tech giants for over security for decades. And so now their implementing the totalitarian "everything is forbidden unless it's expressly permitted" model... or, as we call it in Network Security, 'Least Privilege'. This is EXACTLY how we run our networks, provided we're actually following best practice.

We can't have it both ways. I sometimes wonder if a career in IT has led to us assuming that the rules don't really apply to us; least privilege is something *I* impose upon my user base, making them come cap-in-hand to me to get software installed or to be permitted to visit website X. If I want to do these things, well, I just use the passwords that I have and no-one else gets.

What Windows 8, and now Windows 10 do (along with basically everything Apple have ever done) is simply what we've been doing to users for years. It offends us, since we generally believe we know what we're doing and so feel patronized... but really, the vast majority of the consumer base are so used to someone else telling them what they're allowed to do on a PC that they aren't going to care if it's IT, their tech-savvy nephew, or Microsoft.

I prefer to maintain total control over my own PC. I build it from parts, I install the OS, I set the admin passwords; I use a least-privilege account and sudo when needed. I decide what's on it, and what isn't. I connect through a firewall that I can configure myself. But that makes me very much the minority. And if we've been complaining that the big players don't do security properly for years, well, we can't complain now when they start to implement basic security principles and we discover that actually, we're now users rather than admins.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020