Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!cwjcc!hal!nic.MR.NET!shamash!raspail!bga
From: bga@raspail.UUCP (Bruce Albrecht)
Newsgroups: news.admin
Subject: Re: DEC Customer Service (was Re: How safe is UUCP?)
Message-ID: <1087@raspail.UUCP>
Date: 7 Dec 88 20:45:02 GMT
References: <4950@b-tech.ann-arbor.mi.us> <811@mailrus.cc.umich.edu> <14188@cisunx.UUCP>
Organization: Control Data Corporation, Arden Hills, MN
Lines: 19

> This is rather interesting -- seeing a customer's point of view!  I worked
> for Digital Equipment Corp in the Pittsburgh office for 3 1/2 years as a
> Software Specialist and was on site 95% of the time.  I would *NEVER*
> have "complained" to a customer as this was a sure way to catch H*LL
> from my manager.  The philosophy was that a customer's machine was
> his/hers to configure the way they pleased and you worked around their
> needs.

On the other hand, you're a software specialist, and not a field engineer.  I
think a lot of the FE's would complain if passwords were changed, etc.
If you were to solicit DEC FE horror stories, I'm sure you could get several
megabytes worth (I know several).  The point still remains, there are a lot of
people out there who don't care about or don't understand basic security
measures like changing default passwords, and feel that it impedes getting
their job done.  I think that problem is one of lack of training, compounded
by an attitude by vendors (your company and mine included) that security 
is totally a user problem.  Our vendors provide things to help maximize 
secure access to our systems, but don't force people to use them, and in 
general, make it easy to bypass the security features.