Alan wrote:
The biggest security hole is sitting in front of the computer, and unlike
the others that one is *very* hard to fix. Policy and tools have to
reflect that as the systems get more secure the bad guys will move their
attacks to the next weakest link - the user.
Usually there is an abstraction between what the user attempts
to do and the action that really happens. You can have a
problem if the abstraction misrepresents its action or if
the user just doesn't understand it.
--
Les Mikesell
lesmikesell@xxxxxxxxx
