You do have a good point, however I would still argue that if you assume
that the quality of implementation is comparable the relationship will hold.

In the context of Linux alone, I can make a very secure system.  I use
Gentoo, for example, and I could compile the system using SELinux
security enhancements, ProPolice, tight authentication profiles,
dissallow SSH, etc...  the implementation quality is perfectly
identical, but as I make the system more secure the usability I expect
from my system lessens.

One of the motivations I have to think this is that all user interfaces
are prone to exploit.  I dont have the link handy, but there is a rather
convincing Ph.D. disertation that systematically lists and defeats
nearly every security system inplace.  The argument there is that each
channel that you open provides the opportunity to exploit.

Howard Winter wrote:

>Will,
>
>
>
>>There is an inverse relationship between security and usability.  As you close yourself off to things
>>that make you vulnerable you intrinsically do the same to opportunities and capabilities that you might
>>
>>
>benefit from.
>
>Not necessarily - only if the implementation of the security is badly done!  A Saab is at least as "usable" as
>a Ford Pinto as a motor vehicle, but I know which one I'd rather be in in an accident!  :-)
>
>And I really can't see how a buffer-overrun can be any sort of opportunity that a user might want...
>
>Cheers,
>
>Howard Winter
>St.Albans, England
>
>--
>http://www.piclist.com hint: The list server can filter out subtopics
>(like ads or off topics) for you. See http://www.piclist.com/#topics
>
>

--
http://www.piclist.com hint: The list server can filter out subtopics
(like ads or off topics) for you. See http://www.piclist.com/#topics