Wandering Thoughts archives

2007-04-04

A brief sad note about root passwords

As far as I can see, the inevitable result of having several different root passwords across your systems is that a smart intruder who compromises /bin/su on a single system will sooner or later collect all your root passwords.

(Or perhaps other people are better than we are at typing the right root password at the current Password: prompt.)

(Please do not suggest sudo as the solution. For a start, we'd still want actual root passwords that are distinct from our own passwords.)

sysadmin/ManyRootPasswordsProblem written at 17:17:56; Add Comment

Social problems are the real problems

From a blog entry on the problem of email spam:

Charging even $0.0001 per message would make spam uneconomic, but as with signing and other proposals, it seems socially infeasible.

There is a widespread attitude among computer people that it is a great pity that their beautiful solutions to difficult technical challenges are being prevented from working merely by some pesky social issues, and that the problem is solved once the technical work is done. This attitude misses the point, especially in system administration: broadly speaking, the technical challenges are the easy problems.

Social engineering is a much more difficult field than computer engineering; it is much easier to build something that works than to build something that people want to use. Solving the technical problem without considering the social ones around it is like designing a beautiful house without bothering to find out where in the world it's going to be located.

The corollary of this is that all too often computer people proceed by solving the technical problem first and then attempting to deal with the social side using their technical solution as a lever. Rather often, they are surprised when this fails to work very well, and sometimes they get rather disgruntled about it.

(Almost everyone who is convinced that better PR will get their technical solution to be more widely adopted falls into this category.)

The right way to design practical solutions to real problems is to start with the social constraints and then build a technical solution that works inside them. This does require more work and cleverness than just solving the technical problem, but that's what it takes to get real solutions to tough problems.

Thus, if charging for email is socially infeasible it is not actually a solution to the spam problem; you can only solve the spam problem by starting with what is socially feasible and working forward.

(Disclaimer: I believe that the author of the original blog entry is much more of a computing humanist than I am making him out to be here; I am, after all, using one sentence of an entry as a springboard for my own rant.)

tech/SocialProblemsMatter written at 00:33:37; Add Comment


Page tools: See As Normal.
Search:
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.