- Secure by default
Secure by default, in "software", means that the default configuration settings are the most secure settings possible, which are not necessarily the most user friendly settings. In many cases, security and user friendliness is waged based on both
risk analysis and usability tests. This leads to the discussion "what" the most secure settings actually are. As a result, the precise meaning of Secure by default remains undefined.In a
network operating system , this typically means first and foremost that there are no listening INET(6) domain sockets after installation. That is, no open network ports. This can be checked on the local machine with a tool such asnetstat , and remotely with aport scanner such asnmap . As a general rule, a secure network, is only as secure as the "least" secure node in the entire network.If a program uses secure configuration settings by default, the user will be better protected.Fact|date=March 2007 However, not all users will care about securityFact|date=March 2007 and may be obstructed by secure settings. A common example is whether or not blank
password s are allowed for login. Not everyone can, or is willing to, type or memorize a password.Fact|date=March 2007Another way to secure a program or system is through abstraction, where the user is presented an interface in which the user cannot (or is discouraged to) cause accidental
data loss . This however, can lead to less functionality or reduced flexibility.Fact|date=March 2007 Having user control preferences does not typically cause this, but at the cost of having a larger part of theuser interface for configuration controls.Some servers or devices that have an
authentication system, have default usernames and passwords. If not properly changed, anyone who knows the default configuration can successfully authenticate.Operating systems
OpenBSD claims to be the onlyoperating system that is fully secure by default. This, however, does not mean it's inherently the most secure operating system, because that depends on the definition of an operating system. There are many operating systems that are not capable of networking with other systems. Thus, considering the amount of network-based security compromises today, one can argue such an operating system is more secure. OpenBSD is a NOS (Network Operating System).Ubuntu is a
GNU /Linux distribution aimed at the desktop user that by default hides the administrative account and only allows the first user to gain administrative privileges for certain system tasks (such as installing system updates, and managingdisk drive s).Mac OS X does not hide this account, but users with limited rights can still fully utilise the system.Fact|date=March 2007Microsoft Windows andLinspire have beencritic isedFact|date=March 2007 for allowing the user to have administrative privileges without warning — a potential threat to the system.Windows Vista attempts to remedy this situation through itsUser Account Control system.ee also
*
Computer security
*Usability
*Default (computer science)
*Secure by design
*Authentication
Wikimedia Foundation. 2010.