I’m reading through NIST SP-800-70 (pdf), the NIST guide to producing security configuration guides. Let me get more coffee before I continue. Thanks for waiting.
“If home users and other users without deep security expertise attempt to apply High Security checklists to their systems, they would typically experience unwanted limitations on system functionality and possibly unrecoverable system damage.”
Can someone explain to me how you can break a system that badly? I mean, sure, it can be hard to get a new boot block, or a new kernel in place, but once you do, you can recover things.
I’m very down on a system message that implies that modifying your computer can cause unrecoverable damage. It inherently inhibits tinkering, perhaps even more than laws do. After all, we see how effective laws against sharing music or drugs are. But scaring someone into not touching that config file with the threatened loss of all their data? There’s a security measure for you!