|
|
Subscribe / Log in / New account

XDC2012: Graphics stack security

XDC2012: Graphics stack security

Posted Oct 1, 2012 4:08 UTC (Mon) by raven667 (subscriber, #5198)
In reply to: XDC2012: Graphics stack security by dgm
Parent article: XDC2012: Graphics stack security

>> If it's not enabled by default, nobody will use it because it won't get testing and bugs won't be fixed.
>Sorry for the harsh words, but this is the LAMEST possible argument you could make. If it was useful for someone people would use it. If it's not used it's because it's not useful, so we're all better without it.

It may be lame but it's true, non-default options don't get as much testing as default options, especially in volunteer-tested software, the less-used code paths are more likely to be buggy. Sure, some people will use non-default config options but their experience may be sub-par because of it.

In any event, reasonable security options should be enabled by default. Imagine that something like password hashing were a non-default feature. What would happen is that most people would never turn it on and have plenty of bad things happen as a result. After the second or third time the security design problem bites them maybe they'd turn on the more secure feature but then would find themselves locked out of their system or some other horrible fate after which they'd find out that nobody turns the security feature on because it doesn't work. So then they'd just accept the additional risk of doing things in a more risky way that is likely to have a bad outcome because that's just the way things work.

It seems that this kind of scenario has played out many times over the years, like MS Windows putting people in the Administrators group to get around the entire permissions checking system. The Windows issue with the Administrators group and all the trouble that has caused over the years seems to be exactly the kind of thing they are trying to avoid.


to post comments

XDC2012: Graphics stack security

Posted Oct 1, 2012 4:20 UTC (Mon) by dlang (guest, #313) [Link]

there are security options that can be turned on because they don't break anything (i.e. hashed passwords) and security options that should not be turned on by default because they do break things (the examples in this case that break all soft keyboards, screenshot programs, etc)

many security people fall into the trap where they consider security the most important thing. In the real world it isn't. Security is a matter of risk, and you have to balance risk vs benefit.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds