Path: utzoo!utgpu!watmath!iuvax!purdue!tut.cis.ohio-state.edu!oz.cis.ohio-state.edu!jgreely
From: jgreely@oz.cis.ohio-state.edu (J Greely)
Newsgroups: comp.sys.next
Subject: Re: Student's view of NeXT marketing plan
Message-ID: 
Date: 9 Aug 89 05:49:52 GMT
References: <4866@tank.uchicago.edu>
	 <1054@adobe.UUCP>
Reply-To: J Greely 
Organization: Ohio State University Computer and Information Science
Lines: 71

In article <1054@adobe.UUCP> greid@adobe.com (Glenn Reid) writes:
>In article  J Greely
>  writes:

>>	 The first problem I have with the "world in a pocket" idea is
>>that those NeXTs will of necessity be standalone or minimally
>>networked.

>I presume the reason you would not network these machines together is
>"security"?

It'll do for the word, although "integrity" and "authentication" are
strong contenders.

>Security can be a false idol, I think.  If you pretend the NeXT machine
>is yet another Vax or Sun or Apollo UNIX machine, and you tie it into
>your existing network, then you have some security problems to worry
>about, mainly because you are operating under the premise that your
>network is already secure.

I have no illusions about the security of our network, but I do know
that adding a machine to it that's bootable by J Random Undergrad off
of his own disk will drastically lessen what "security" we *do* have.
For a quick example of the headaches, consider: the mythical personal
boot disks will either have 1) random uids and usernames, or 2) all
the same.  Neither of these is terribly useful if you want to use
network services such as NFS and shared printers.

>One of the main reasons that UNIX "security" is such a big issue is
>that there has been, traditionally, almost NO way for users to take
>data off the system and put it in their pockets.  Professors are forced
>to leave exams and grades on the system, etc.
...
>If you look at microcomputers, nobody even has a password on many of
>the systems.  If something is sensitive, you put it on a floppy and
>lock it up in your desk.  With the NeXT optical disks, that becomes
>completely practical

But only if everyone has constant access to a NeXT!  In the world as
it is *now*, there are usually large numbers of "foreign" machines,
like Suns, Vaxen, and Pyramids, and they aren't going to vanish
anytime soon.  I can't write to an optical from those, so unless I can
physically get to a NeXT whenever I need to read or write sensitive
data, I've gained nothing.  In the unlikely case that an installation
has only NeXTs, your view will be practical.  Until and unless that
becomes commonplace, the NeXT will have to be no less "secure" than
other networkable Unix boxes (and it is supposed to be, under 1.0).

  I'll just mention the idea of sensitive information that must be
accessed by more than one person, such as proprietary source code
under development.  Not something that can be conveniently dumped to
OD and locked in a desk, unless the entire development team shares an
office.

>>In five years, that model may be practical, but I don't think either
>>NeXT or the university market is ready to support it successfully now.
>>I wouldn't be too unhappy if I were proven wrong, though.

>If the optical disk were, say, three times as fast as it is now, don't
>you think this model would be practical today?

If it were available at the same price (or "reasonable"), for a wide
variety of hardware, yes.  If it can only be read on a NeXT, no.
Currently, I have an OD that's well-filled with personal archives.
When I leave the university (which may be quite soon), I'll be
transferring it all to magtape, because I can read it anywhere.  The
OD is more convenient while I have a NeXT on my desk, but once that's
gone...

-=-
J Greely (jgreely@cis.ohio-state.edu; osu-cis!jgreely)