Since Sunil's mail took matters to one extreme, I have no choice but to
respond with the other!
(i) There is absolutely no reason to have any confidential stuff on
your account---its a free country so we should have free and transparent
flow of information. So it is your fundamental duty to ignore all
messages regarding security since these may (just may) actually allow
your colleagues and/or your system adminstrator to actually implement
a security policy---a clear violation of freedom to information!
(ii) If by any chance you do want to violate rule (i) and want to have
any confidential stuff on the computer then again ignore all messages
about security since otherwise you wouldn't be able to blame anyone
if someone gets that confidential stuff. If you can't see the
hacker/cracker/spoofer or whatever he/she/it can't exist.
(iii) Use all possible features like rhosts files, xhosts +, remote
telnets, sending passwords by mail, putting your password on your
home page (yes some have been known to do this!) to enable anyone
and everyone to use the system. After all if the taxpayer paid for it
surely the taxpayer has a right to use it!
(iv) And I forgot passwords. Choose a password such as your login or
even "login" or your name---something which you just can't forget even
by chance since who wants to bother that busy system administrator (and
look like a fool) admitting that you chose too complicated a password
(v) Regarding denial of service, why worry. In any case the service
is more often denied by ERNET or VSNL than by a hacker. Secondly, no
one actually pays for this service it comes out a humoungous Institute
budget. If a hacker tries to hack into your Home VSNL account which you
paid real money for then let him/her beware.
(vi) Finally, remember that it is only the hacker that keeps the net
alive. If we didn't have hacker and virus stories why, we might actually
do some computations or right some worthwhile software or perhaps
successfully have a freely flowing communication system over the
internet. What would all those ssh, sendmail, bind and tcp wrapper
program writers and installers do then?