Coworker Dave on Personal Computing   Leave a comment

Dave recently wrote a piece about the current odd state of affairs in personal computing.

I don’t know that I like his whole piece, but he has a couple of very good points:

  • Most people don’t personally compute, so they don’t need a “personal computer”, they need a “utility box”.
  • It is sort of nonsensical to have “ordinary” people in charge of taking care of a piece of technology that is several orders of magnitude more complicated than their car, when they pay mechanics to take care of their car.
  • Until the cost of bad systems administration is borne by somebody (in a fiscal sense), there will never be a sufficient motivation to make anything better.

I don’t like the insurance idea. Although it would assist, it would be extremely difficult to migrate to such a system without a period of distinct hosing of the general population -> suddenly all of the cost of bad system security falls upon the user. Since no insurance company could really do a good job of quantifying the risk at the beginning, the insurance would be really high. This would be bad for the overall information economy.

On the other hand, it *is* a problem. When millions of compromised hosts are parts of various botnets, you can’t keep ignoring the fact that nobody is paying the cost for really bad security, or nothing is ever going to get fixed. This is where I think Dave is onto something.

Most people *don’t* use their computer for more than a dozen tasks. They watch video, listen to music, write email, send messages, browse the web, archive their photos and documents, do some wordprocessing or spreadsheet work, balance their checkbooks, and play games. These are utility users. They shouldn’t be systems administrators; they shouldn’t *have* to be systems administrators. The two biggest barriers to fixing this problem are the OS and media content providers. The OS problem is sort of solving itself (albeit slowly and horribly); XP’s “default administrator” has been replaced with Vista’s UAC (which unfortunately everyone is turning off, but at least we’re getting somewhere) and Macs don’t make users root.

Unfortunately, people have to become administrators anyway, because they want to be able to see videos or play games or download music, and there are no ubiquitous file formats for any of those. Not to mention the fact that content providers keep shoveling DRM down users’ throats, and in order for DRM to work, the underpinnings need to hook into the operating system, which means the user needs to be an administrator to futz with it. This is stupid -> it’s like demanding that people know how to fix their plumbing (and therefore drywall, plaster, paint, whatever) in order to watch the TV.

Not an easy problem. I suspect a distributed solution is what is needed here. OS vendors need to be held accountable for some things. ISPs need to be held accountable for some things. Users need to be held accountable for some things. Content creators need to be held accountable for some things.

And of course they’re all going to complain that regulation is stifling their business.

Advertisements

Posted May 13, 2008 by padraic2112 in security, tech

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: