Since this is a "social cause" computing system odds are whoever is running this is not employing *NIX. Perhaps they are because of the old "low cost" argument since such organizations have limited funds, this may implicateopen source, but I doubt it.

Almost every time I've read about a massive data compromise going way back to the time the now bankrupt software retailer turned dot com "Egghead" had the account information of 100,000 of its customers compromised, it has almost always invariably been a Windows system. More recently (within the last year) a business in Arkansas involved in insurance and/or finances (business domain escapes me now) had the information of hundreds of thousands of its customer compromised. After some quick investigation my guess that they were operating on Windows was dead on.

It amazes me that so many people who operate under Windows particularly IT "pros" have no notion of employing different computer accounts, file access control lists (ACLs) and privilege separation - running sensitive processes connected to a network with stunted credentials.

Of course, we don't come out of the womb knowing this stuff but it behooves anyone who considers his or herself an "IT pro" to become familiar with these rudimentary tools which have existed in the NT variation of Windows since the early 90's (yet *rarely* employed).

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/9758/28854#28854