- Joined
- Jul 26, 2011
- Messages
- 12,240
- Reaction score
- 4,519
- Gender
- Male
- Political Leaning
- Progressive
This. Ability to abuse does not mean authorized to abuse.
For example, as a Marine I've been taught to find and then kill people. I could abuse that by going and hunting people I happen to not like, or who I just think have it coming, or heck, who were wearing the wrong color shirt.
And then I would go to prison if I didn't get executed.
Given that - as an government employee - every friggin keystroke you make on a government computer is taggable, I'm betting just going in unauthorized and starting too look up the email traffic of the brother-in-law you don't particularly like is going to get you nabbed fairly quickly.
In the information technology world it doesn't quite work this way. If you're not authorized to use a system or use a system in a certain manner you are also denied the ability. This is a fundamental tenet of security in which users are granted the minimum privileges necessary to complete their task.
Principle of least privilege - Wikipedia, the free encyclopedia
In a properly secured environment users of this system should only be able to access authorized resources. The idea that anyone logged on can access anything without question is absolutely absurd.