Editing 1200: Authorization

{{comic
| number    = 1200
| date      = April 17, 2013
| title     = Authorization
| image     = authorization.png
| titletext = Before you say anything, no, I know not to leave my computer sitting out logged in to all my accounts. I have it set up so after a few minutes of inactivity it automatically switches to my brother's.
}}

==Explanation==
Certain computer {{w|Operating system|operating systems}} were initially designed as ''multi-user systems''. As the name suggests, these systems are meant to be used by multiple people or {{w|User (computing)|users}}, sometimes at the same time. To prevent malicious or accidental destructive damage to the system, users are split into two general groups: regular users, and {{w|system administrator}}s (or admins). Regular users can access and use {{w|Application software|programs}} on the computer, but only the admin is allowed to make changes to how the computer runs.  This same split level of security continues to this day, even in privately owned, or "home", computers.

The wry remark made here is that in the decades since the most important things on a computer to be worried about are no longer the programs that it runs, but the private personal data it contains and can access (usually online). Anyone who wished to do real mischief on an active computer could do {{w|Identity theft|considerable damage}} without ever caring what the admin password was. The admin password, in effect, now protects something that has become barely, if any, concern.

This comic pokes fun at the {w|authorization} mechanisms surrounding most operating systems' administrator accounts. It makes the argument that the user's data is more valuable than the integrity of the system. This is arguably true for most personal systems, although it is probably not true in a shared-server setup, where a system compromise could lead to the exposure of many users' data.

Essentially, once a user is {{w|Login|logged in}}, they can typically access all of their data without any further restriction. Modifying the operating system (for example, to install {{w|Device driver|drivers}}) requires a separate password.

In fact, this password protection also hinders installation of {{w|malware}}, which is otherwise possible even remotely, with the malware then being able to e.g. steal passwords, enabling a cracker anywhere in the world to access your accounts without ever needing to touch your computer. So having your computer set up to not to ask you for an administrator's password arguably implies a bigger risk of identity theft than allowing others to access your system physically while being logged in does.

The title text alludes to the security practice where computers automatically lock the user out after a few minutes, requiring a password from the user in order to continue using it. Instead, Randall's computer automatically switches to his brother's account, presumably compromising his data instead of Randall's. The fact that Randall's brother has an account on Randall's computer even though Randall does not live with his childhood family (so his brother would not need to use his computer often) could be because Randall does not want his brother to be able to access his files, PayPal, etc… when he uses his computer, which would indicate that either Randall is cynical, his brother is not trustworthy, or Randall is simply following the {{w|principle of least privilege}}.

==Transcript==
:[Diagram showing several connected bubbles. One in the center says "User account on my laptop," surrounded by "Dropbox," "Photos & files," "Facebook," "Gmail," "PayPal," and "Bank," which are connected to the middle bubbles and to each other. Below the middle bubble is one labeled "Admin account," which is covered in spikes, and has a "door" to the bubble above it.]
:If someone steals my laptop while I'm logged in, they can read my email, take my money, and impersonate me to my friends, but at least they can't install drivers without my permission.

{{comic discussion}}
[[Category:Computers]]
[[Category:Identity Theft]]