I guess I get the argument about not properly protecting an account ( with no financial value ) with a strongly encrypted password but one can look at this another way...

If I am in an environment - say a Fox conference - where I feel I am among friends, or at least people of good will - and I leave my wallet on the table it is surely careless of me, but it really does not speak well of someone who steals it. I don't think they are less culpable than someone who breaks into my room to steal it or mugs me on the street.

( I also realize I must not have what it takes to be a hacker - it would never occur to me to try someone's user name as password - much less to think of it and try it an get in on the first try with no failed log ins. Incredibly "lucky". )




>Having been away from the UT for only a couple of days, I had to read a whole lot here. Most arguments have been presented, but some of the thoughts I had while reading haven't yet been presented, I think.
>
>Let me begin to say I do not want to excuse Naomi here. But I also do not want to condemn her right away. Until this very moment there are two versions about the username/password usage. Andy claims she used "I" as the username and the same password that he uses on the UT, thereby implying that UT consultants can see those passwords. Naomi, on the other hand, claims she used AndyKr as username AND as password. Only one of both versions can be the truth. Which one is the truth?!
>
>For me it is important to know. If Andy is right, then the 'leak at the UT' is a very important issue. If Naomi is right, then it's possibly not even an integrity issue. Let me explain...
>
>If Naomi is right here, and Andy's password equalled his username, then it was merely his own plain stupidity. Passwords have been invented with a reason. Eventually I can partially blame a friend when I discover he used my amply protected account without my consent, but even in that case I'd mostly blame myself. But can I blame an enemy if he does that? My hunch is: No. In that case I can only blame myself. The fact here is that Naomi felt that Andy had talked to Eric in private messages about her behind her back and she was 'curious' enough to try this formally illegal act. In a sense, it was an act of war.
>
>If Andy is right here, then the 'leak at the UT' is a serious problem. But even in that case the integrity of the 'consultant' is hardly an issue, as I see it. It is the sole responsibility of the HIGHEST management of the company to implement an infrastructure that makes it practically impossible for a consultant to compromise the company. If the password can/could be obtained here by Naomi, then it was mainly the fault of Michel. He should have made it impossible to discover. BTW, Martin Salias, who's also a consultant here, has explicitly claimed that this info is not available to him. Martin is a trustworthy guy and those words should have been enough proof under other circumstances. However, in this case it is Michel who has the moral obligation to say the pessimists are really wrong here. And if they aren't, then he should immediately say so and promise a repair or redesign.
>
>
>>What Kevin is saying is that Naomi has hacked into Andy's account and shared info with others (her admission). The fact that she has done this means her integrity is not the greatest .. and because her integrity is not the greatest .. she is not someone that should have administrator rights on the UT. I agree with Kevin. This doesn't have anything to do with the battle between her and Andy or other sites .. we are just saying that it doesn't appear that she can be trusted with an administrator account and it makes us nervous that someone like that has those rights on the UT.
>>
>>(Kevin .. feel free to jump in if I've put words into your mouth .. but this is how I interupted what you said.)