Re: [Blind-sysadmins] Looking for feedback on a grad project
I was told in no uncertain terms by a large antivirus vendor that their software would not be made accessible, because they consider keyboard input to be a security risk. I know at least one other person who was told that as well. I'm just mentioning that as an example of some of the thinking out there.
I have heard this as well. I also have been told by one System Admin that the first thing he does after configuring a workstation is to disable the accessibility options, for "security" reasons. Sounds pretty insecure security thinking to me. Frank -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Smart Sent: Wednesday, November 19, 2014 10:23 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project I was told in no uncertain terms by a large antivirus vendor that their software would not be made accessible, because they consider keyboard input to be a security risk. I know at least one other person who was told that as well. I'm just mentioning that as an example of some of the thinking out there. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
I have heard this as well. I also have been told by one System Admin that the first thing he does after configuring a workstation is to disable the accessibility options, for "security" reasons. Sounds pretty insecure security thinking to me. Frank -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Smart Sent: Wednesday, November 19, 2014 10:23 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project I was told in no uncertain terms by a large antivirus vendor that their software would not be made accessible, because they consider keyboard input to be a security risk. I know at least one other person who was told that as well. I'm just mentioning that as an example of some of the thinking out there. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Sounds like that sysadmin has no clue about security, I’ve never heard that anywhere else and don’t see how disabling accessibility options would impact security at all. Perhaps it was just an excuse for him to have more control over the workstations? Really odd. Ryan
On Nov 19, 2014, at 10:05 AM, Frank Ventura <frank.ventura@littlebreezes.com> wrote:
I have heard this as well. I also have been told by one System Admin that the first thing he does after configuring a workstation is to disable the accessibility options, for "security" reasons. Sounds pretty insecure security thinking to me. Frank
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Smart Sent: Wednesday, November 19, 2014 10:23 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
I was told in no uncertain terms by a large antivirus vendor that their software would not be made accessible, because they consider keyboard input to be a security risk. I know at least one other person who was told that as well. I'm just mentioning that as an example of some of the thinking out there.
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
I think Frank is correct. I am working on a Masters in Cyber security and there is not a category of threats posed by accessibility options on a workstation. That administrator is being willfully ignorant or is just a control freak that doesn't truly understand security. Greg B. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Wednesday, November 19, 2014 11:26 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project Sounds like that sysadmin has no clue about security, I’ve never heard that anywhere else and don’t see how disabling accessibility options would impact security at all. Perhaps it was just an excuse for him to have more control over the workstations? Really odd. Ryan
On Nov 19, 2014, at 10:05 AM, Frank Ventura <frank.ventura@littlebreezes.com> wrote:
I have heard this as well. I also have been told by one System Admin that the first thing he does after configuring a workstation is to disable the accessibility options, for "security" reasons. Sounds pretty insecure security thinking to me. Frank
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Smart Sent: Wednesday, November 19, 2014 10:23 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
I was told in no uncertain terms by a large antivirus vendor that their software would not be made accessible, because they consider keyboard input to be a security risk. I know at least one other person who was told that as well. I'm just mentioning that as an example of some of the thinking out there.
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Why some people have the jobs they do is beyond me. 1 time I had a situation where the computer was throwing an error almost at the very beginning of the boot process, i.e., way b4 Windows started, & the dh admin was trying to blame it on the person's screenreader. Yeah--right! Not only so, but the error was quite clearly indicating a RAM failure. So I had to phone him up & explain in 2-year-old terminology why it was that the screenreader could not be at fault & that the lady needed a new computer or her old 1 fixed ASAP. Made me wonder if he was even competent enough to pull the cover off the dippin thing & install new ram. Basically, that kind of mentality is because people don't know their stuff & try to cover their stupidity by means of a shotgun. On 11/19/14, Greg B. <gbobo@woh.rr.com> wrote:
I think Frank is correct. I am working on a Masters in Cyber security and there is not a category of threats posed by accessibility options on a workstation. That administrator is being willfully ignorant or is just a control freak that doesn't truly understand security.
Greg B.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Wednesday, November 19, 2014 11:26 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
Sounds like that sysadmin has no clue about security, I've never heard that anywhere else and don't see how disabling accessibility options would impact security at all. Perhaps it was just an excuse for him to have more control over the workstations? Really odd. Ryan
On Nov 19, 2014, at 10:05 AM, Frank Ventura <frank.ventura@littlebreezes.com> wrote:
I have heard this as well. I also have been told by one System Admin that the first thing he does after configuring a workstation is to disable the accessibility options, for "security" reasons. Sounds pretty insecure security thinking to me. Frank
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Smart Sent: Wednesday, November 19, 2014 10:23 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
I was told in no uncertain terms by a large antivirus vendor that their software would not be made accessible, because they consider keyboard input to be a security risk. I know at least one other person who was told that as well. I'm just mentioning that as an example of some of the thinking out there.
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
Why some people have the jobs they do is beyond me. 1 time I had a situation where the computer was throwing an error almost at the very beginning of the boot process, i.e., way b4 Windows started, & the dh admin was trying to blame it on the person's screenreader. Yeah--right! Not only so, but the error was quite clearly indicating a RAM failure. So I had to phone him up & explain in 2-year-old terminology why it was that the screenreader could not be at fault & that the lady needed a new computer or her old 1 fixed ASAP. Made me wonder if he was even competent enough to pull the cover off the dippin thing & install new ram. Basically, that kind of mentality is because people don't know their stuff & try to cover their stupidity by means of a shotgun. On 11/19/14, Greg B. <gbobo@woh.rr.com> wrote:
I think Frank is correct. I am working on a Masters in Cyber security and there is not a category of threats posed by accessibility options on a workstation. That administrator is being willfully ignorant or is just a control freak that doesn't truly understand security.
Greg B.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Wednesday, November 19, 2014 11:26 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
Sounds like that sysadmin has no clue about security, I've never heard that anywhere else and don't see how disabling accessibility options would impact security at all. Perhaps it was just an excuse for him to have more control over the workstations? Really odd. Ryan
On Nov 19, 2014, at 10:05 AM, Frank Ventura <frank.ventura@littlebreezes.com> wrote:
I have heard this as well. I also have been told by one System Admin that the first thing he does after configuring a workstation is to disable the accessibility options, for "security" reasons. Sounds pretty insecure security thinking to me. Frank
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Smart Sent: Wednesday, November 19, 2014 10:23 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
I was told in no uncertain terms by a large antivirus vendor that their software would not be made accessible, because they consider keyboard input to be a security risk. I know at least one other person who was told that as well. I'm just mentioning that as an example of some of the thinking out there.
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
It's often that the easiest way to avoid accountability is to blame the unknown. That Screen Reader ... that foreign application you know! It makes this little person inside of one's computer say evil things! -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Jackie McBride Sent: Thursday, November 20, 2014 8:07 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project Why some people have the jobs they do is beyond me. 1 time I had a situation where the computer was throwing an error almost at the very beginning of the boot process, i.e., way b4 Windows started, & the dh admin was trying to blame it on the person's screenreader. Yeah--right! Not only so, but the error was quite clearly indicating a RAM failure. So I had to phone him up & explain in 2-year-old terminology why it was that the screenreader could not be at fault & that the lady needed a new computer or her old 1 fixed ASAP. Made me wonder if he was even competent enough to pull the cover off the dippin thing & install new ram. Basically, that kind of mentality is because people don't know their stuff & try to cover their stupidity by means of a shotgun. On 11/19/14, Greg B. <gbobo@woh.rr.com> wrote:
I think Frank is correct. I am working on a Masters in Cyber security and there is not a category of threats posed by accessibility options on a workstation. That administrator is being willfully ignorant or is just a control freak that doesn't truly understand security.
Greg B.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Wednesday, November 19, 2014 11:26 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
Sounds like that sysadmin has no clue about security, I've never heard that anywhere else and don't see how disabling accessibility options would impact security at all. Perhaps it was just an excuse for him to have more control over the workstations? Really odd. Ryan
On Nov 19, 2014, at 10:05 AM, Frank Ventura <frank.ventura@littlebreezes.com> wrote:
I have heard this as well. I also have been told by one System Admin that the first thing he does after configuring a workstation is to disable the accessibility options, for "security" reasons. Sounds pretty insecure security thinking to me. Frank
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Smart Sent: Wednesday, November 19, 2014 10:23 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
I was told in no uncertain terms by a large antivirus vendor that their software would not be made accessible, because they consider keyboard input to be a security risk. I know at least one other person who was told that as well. I'm just mentioning that as an example of some of the thinking out there.
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
There is a principle in IT that you disable anything you don't need as a way to limit your exposure. So in that way it makes a little bit of sense to turn off accessibility functions if you don't need them. But, after all, orca is part of the gnome project. Your window manager takes keyboard input and, well, does stuff with it. You have to type in your password to use the computer, right? How big of a security problem is that? Maybe you should disable password logins to make it harder to steal passwords, right? I run into this attitude all the time with developers and other systems admins. Anything can have security holes. You could say if you're really concerned about security, you should uninstall bash or openssl. In fact, if you really want to make sure nobody breaks into your computer, turn it off. There is always going to be a balancing act between usefulness and security. It's just dumb to disable something people actually need unless there is a known, imminent security threat. Most likely, that sys admin was just being a pisser. On 11/19/2014 10:25 PM, Ryan Shugart wrote:
Sounds like that sysadmin has no clue about security, I’ve never heard that anywhere else and don’t see how disabling accessibility options would impact security at all. Perhaps it was just an excuse for him to have more control over the workstations? Really odd. Ryan
On Nov 19, 2014, at 10:05 AM, Frank Ventura <frank.ventura@littlebreezes.com> wrote:
I have heard this as well. I also have been told by one System Admin that the first thing he does after configuring a workstation is to disable the accessibility options, for "security" reasons. Sounds pretty insecure security thinking to me. Frank
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Smart Sent: Wednesday, November 19, 2014 10:23 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
I was told in no uncertain terms by a large antivirus vendor that their software would not be made accessible, because they consider keyboard input to be a security risk. I know at least one other person who was told that as well. I'm just mentioning that as an example of some of the thinking out there.
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
participants (7)
-
Chris Smart -
Frank Ventura -
Greg B. -
Jackie McBride -
John G Heim -
Lee, Amanda -
Ryan Shugart