[LINK] RFI: Multi-User Capability on User Machines
Marghanita da Cruz
marghanita at ramin.com.au
Mon Sep 4 16:51:26 AEST 2006
Roger,
This is basic security....if you have physical access to the
machine...then no amount of software security is going to help.
Marghanita
Roger Clarke wrote:
> Chris's post makes clear to me that I still haven't been precise enough
> in the way I've formulated my question. (This is harder than I thought!).
>
> I'm not concerned about whether users can be running concurrently.
>
> I'm concerned about whether separate users, using the machine at
> different times, can rest assured that their data is secure against the
> prying eyes of others who have access to the machine.
>
> One test-case is siblings in the same household. Can Big Sis avoid her
> love-letters being accessed by Kid Brother?
>
> Another, more relevant test-case is flatmates in the same household. Can
> each flatmate establish their own relationships with, for example, eBay
> and Amazon, confident that their profiles (server-side) and cookies
> (client-side) won't be polluted by their flatmates using the machine?
>
> Clearly this depends upon Big Sis and Flatulent Flatmate religiously
> logging out every time they leave the machine.
>
> But if they do so, can they be confident that their profiles and cookies
> are inviolate?
>
> I'm intentionally overlooking those with super-user privileges on the
> device (or their equivalent in other-OS-speak), and seriously smart
> operators who can fire up the disk-drive on a different machine and
> extract whatever they want from it.
>
>
> At 16:06 +1000 4/9/06, Chris Maltby wrote:
>
>>> Roger Clarke wrote:
>>>
>>>> Can anyone nail for me the date and version of Windows that delivered
>>>> the feature on end-user machines?
>>
>>
>> On Mon, Sep 04, 2006 at 02:19:53PM +1000, Howard Lowndes wrote:
>>
>>> As far as I'm aware, they still don't. You can get Remote Access,
>>> Remote Assistance and Terminal Services, but it is hardly multiuser
>>> ala Unix/Linux/OSX
>>
>>
>> I'm with Howard on this. The standard end-user device has a single
>> active user session. That session can be remote when there isn't a
>> user using the keyboard/video/mouse. Or a remote assistant can share
>> your session if you permit it.
>>
>> You can have lots of inactive users, or get one of the server editions
>> which allow multiple active "terminal" sessions, but your MS PC is
>> still a "personal" computer.
>
>
--
Marghanita da Cruz
Ramin Communications
http://www.ramin.com.au
Phone: 0414-869202
Email: marghanita at ramin.com.au
More information about the Link
mailing list