The kiosk PCs at the RSA conference are running Windows XP, logged in as Administrator. (Updated: Wired has pictures) Any user could install spyware to intercept the next users’ passwords and data. You’d think a security conference would have… secure infrastructure?
In related news, Microsoft says Vista is the most secure version of Windows so far – yet not perfect – but blames the users for security issues. Craig Mundie, now responsible fo security at Microsoft, said at RSA:
“The challenges we face in building our products, and the challenges everybody faces in administering and using them, is that humans are humans and they make mistakes.”
What we need then is software for human beings.