lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: Bart.Lansing at kohls.com (Bart.Lansing@...ls.com)
Subject: A rather newbie question


Dave...et al...


full-disclosure-admin@...ts.netsys.com wrote on 05/03/2004 05:28:43 PM:

> Harlan Carvey wrote:
> >
> >  Yes, I can agree with that...I do get the point. But who are the
> >  users? Say you're an admin at a law firm...if the users are supposed
> >  to be security-conscious (face it, a great many admins lack even the
> >  most rudimentary security awareness), then shouldn't the admins be
> >  required to have a law degree, also? How about a hospital...shouldn't
> >  each admin then have to have a medical degree?

SNIPS HERE AND THERE, but DAVE STARTS IN HERE WITH:
> 
> I admin a small Architectural Firm with a mix of OS's, mailservers, 
> webservers,
> specialized applications, workstations, laptops, plotters, printers... 
> etc...
> Basically anything that has electrons move through it I am expected to 
have
> knowledge of or at least have the number to someone who does (I don't do
> Copiers).  I am also to create and manage the electronic document 
> standards for
> the CAD applications and electronic document submittal, research new 
> means and
> methods, etc, etc, on and on.
> 
> Point of my rambling here is: When I am not doing one of the above (My
> primary job description) I am fully expected to fill in for 
> Architectural Design
> and do the job of a 1st or 2nd year Architectural Intern that has a 4 
year
> degree in Architecture.  I do all of this, for less than 30k yr and 
neither
> posses a Degree in any of the Computer Sciences nor in any of the 
> Architecture
> fields. (And for bonus points, if you carefully read my sentances you 
> will see
> that I do not possess a Degree in English either! :)   ) I am never 
> given time
> to research or practice the Architecture side of my job, but I am 
> expected to
> do it to a degree FAR greater than most admins ask the users to educate
> themselves about "The Computer" or "Windows" when they have spare time.
> 
> I would love to trade shoes with them for a week and see how we'd both 
fare.

Dave, I have to tell you that I'll bet you are in a very small minority 
here, vis a vis being expected to both IT and business contribute...and 
you are being rather seriously mistreated financially, by the way.

> 
> >  I agree that harmless joking is fine...but I've seen instances in
> >  which that harmless joking became part of the admin's vocabulary,
> >  even in front of those same users.
> 
> Well I think this may come from the frustrations of the modern American
> Business outlook that the "Computer" is nothing but a big typewriter 
> glued to a
> Fax machine that produces money when the right keys are pressed
> And perhaps in part because most "Admin's" are expected to fill many
> more shoes than the co-workers they support.
> 
> So I've called my users, lusers for years to ease the frustrations that 
> I must
> endure daily in slowly repeating attachment mantra's, how to sync your 
palm,
> how to change your background, why the "internet" is broke on their 
> laptop (hint:
> plug in the blue cable Boss)....
> 
> If *I* handled myself in an equal but opposite manner in regards to my 
> assumed
> "Architecture responcibilities", I'd be out of a job.

Going to go back here, based on your being in the minority, and say simply 
that it ain't your job to perform brain surgery, defend someone in a 
trial, or even tune up the chevy....and it ain't their job to know any 
more than they have to to make the "tool" that their PC really is do what 
they need it to do.  And...since I manage close to 5000 
desktops/users...as well as the CIRT that handles this corporate 
environment...trust me that my potential for frustration and aggravation 
exceeds yours by factors. Do we have moments around here where we would 
like to throttle someone? Of course.  Do we insult/belittle them? Of 
course....NOT.  Hey...Dave...incoming clue:  THESE PEOPLE ARE THE ONLY 
REASON YOU HAVE A JOB.  NO END USERS, NO COMPUTER INDUSTRY...AT 
ALL...ANYWHERE. If you can't deal with the fact that they do not, as a 
rule, "get it" about infosec...about netiquette, about the routine care 
and feeding of today's PCs...and that they don't want to have to "get 
it"...you may want to think about a place in the industry that does not 
involve end-user interraction.  Bearing in mind of course, that that job 
too is dependent on your "Lusers".

> 
> I just want that door to swing BOTH ways. Until then, they are the 
> Lusers and I am
> the Long Haired Freak giving up another Sunday evening tweaking the 
> Bayesian filter
> so sweet Edna over in Accounting can get her Amway newsletter.

And as long as you keep denigrating the people who are the reason you get 
to pay your rent and eat...that's probably all you'll ever be.

> 
> But Edna ain't so sweet
> when late is my timesheet,
> or even incomplete.
> 
> :)
> 
> -- 
> Dave

But Edna gets you paid, and I'm betting the check is on time or you are 
bitching about it.

Cheers

Bart

CONFIDENTIALITY NOTICE: 
This is a transmission from Kohl's Department Stores, Inc.
and may contain information which is confidential and proprietary.
If you are not the addressee, any disclosure, copying or distribution or use of the contents of this message is expressly prohibited.
If you have received this transmission in error, please destroy it and notify us immediately at 262-703-7000.

CAUTION:
Internet and e-mail communications are Kohl's property and Kohl's reserves the right to retrieve and read any message created, sent and received.  Kohl's reserves the right to monitor messages by authorized Kohl's Associates at any time
without any further consent.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040504/1c40862a/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ