I think that shows how bad Michael Dell is at running businesses. He correctly identified that Apple couldn't go on the way it had been run, but didn't suggest running the company a different way as a potential solution. If Dell is in trouble now, they will stay in trouble unless the market changes to require a company just like Dell.

How about Agnes Cleaners' contact database, containing all their customer records?

Firstly, the kind of encryption they're talking about in the article, as implemented by BitLocker on Windows and third-party products on many operating systems, is transparent to operating system processes.

Erm :). Secondly, active directory domain controllers are typically run on servers rather than laptops, and full-disk encryption is typically run on laptops rather than servers.

Taking those point by point (and staying on topic by discussing hard drive encryption, the subject of TFA):

* you must provide a meaningful key management

Depending on the size of the organisation and the purposes for using encryption, key management may not be necessary, though you still need a capable and reliable lost-passphrase-recovery helpdesk which is going to cost.

* you lose speed of your machines for number crunching

I think you need to review just how much time you think computers spend reading and preparing data from the hard drive. If you're in the middle of a number-crunching job, it's pretty much negligible. And besides that, most business laptop users (the target users of full-disk encryption) are trying to read e-mail and write Powerpoint slides, they aren't trying to simulate protein folding.

* you can easily lose data in the event of hardware corruption

* access to data is a bit harder even for legitimate purposes

Yes, that's the whole point. It's usually only a bit harder (you have to authenticate before the operating system will boot) but in return for that, the confidentiality of your data is protected. Security is about risk management and if the risk of publicising your company's secrets is more significant than the risk of users losing time by forgetting their passwords, then the trade-off is worth making.

* many systems (for example Active Directory domain controller .vs. ipsec) doesn't work well with encryption

Firstly, the kind of encryption they're talking about in the article, as implemented by BitLocker on Windows and third-party products on many operating systems, is transparent to operating system processes.

skills of your systems management must be higher

Oh noes! I pay my systems managers to manage my systems but don't want to pay people who know what they're doing!

Well considering that almost every security vulnerability ever reported has developers as a root cause, not sure you can really claim they cause less harm. The harm just gets postponed until it is maximally expensive.

It is impossible, IMO, to do many functions without these privileges.

I currently work in an environment where I don't usually need admin. I'm a self-employed Mac developer, and do all of my dev work in an unprivileged account. However that account is a member of the _developer group, which gives the debugger the right to attach to processes. That's frequently all I need. When I've worked in $bigcorp networks where developers do need admin or root, IT have typically created a sandbox network for developer machines to sit in which have access to SCM, the bug tracker, build environment front-end and so on but limited access to business systems and internet facilities.

Developers administering PROD boxes?

Apparently you do NOT go through any SOX or HIPPA audits

Why not simply work on virtual machines? Then you know they are clean and you can have all the rights you want and still have comply with company rules.

In a lot of environments, setting up a good seperation is simply to costly in time, so you either end up with dev's with not enough rights to do their job or to many where they can endanger systems they shouldn't.

So it should not be needed to have local admin rights, but then the sysadmins got a hell of a job to setup everything so that it is not needed. Most sysadmins simply ain't capable of that, or if they are, are not given the time.

He's over simplifying. Other things being equal, a population with a higher reproductive rate will out compete a similar population with a lower reproductive rate. The key there is other things being equal differences in organization of a complex population can be sufficient to counterbalance a reproductive rate advantage.

Let me start out by saying that I agree with you. And it's a good argument - it gets the emotional parts of the issue right out in the open. However, I see some things here that are going to be used, effectively, as a counter argument:

1. How many books do you own that you can pass on to your children? How old are those books?
2. Have you ever had a book destroyed through wearing out, getting destroyed by dog, fire, water, etc.?
3. Have you ever lost a book, had it borrowed or stolen?

I'm sure you can all see how these questions erode the argument. And the counter argument, pushing the statistical likelihood of a book being lost or destroyed before passing it on, versus the DRM getting screwed up - it's not very powerful. No one knows the real answer to that question - but people think they do - and so the argument loses those who already have an opinion.

Just some thoughts.

No. But having just searched for it, I discover it's a shorthand name for a law enacted in the US. I'm not from the US.

Just let everybody race everybody else. No more worrying whether people truly class as male, female, able-bodied or whatever.