lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 22 Jun 2010 10:40:19 +0100
From: mrx <mrx@...pergander.org.uk>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: No anti-virus software? No internet connection

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I agree in principal, security does start with the user.

However, computers and connected computing devices with the advent of
locked down systems and cartoon like user interfaces, have become consumer devices.

These devices no longer require any knowledge of how they work nor skill beyond
basic reading and rudimentary hand eye co-ordination to operate. They are being
used by six year olds and grandmothers, IT security guru's and those with learning
difficulties.

This is true of the Internet also, it is a consumer playground.

Hardware, software and system developers have done a great job in making all this power
and connectivity available to those who can't or don't want to think. But a features first,
security second approach seems all too prevalent. It's only the stuff on show that sells!

Should the security of complex consumer devices be the responsibility of a potentially incompetent user,
or the developers of such systems who are fully aware of the failings in their target audience?

regards


On 22/06/2010 09:56, Christian Sciberras wrote:
> I completely agree with Tom. A good fraction of all vulns out there rely on
> the user taking the wrong action, and it's way common (just face the truth).
> 
> How many people install cracked OSes? I was once incredulous that a person
> willingly installed a virus because he claimed it was harmless (while the
> anti-virus shouted "trojan").
> 
> Sometimes I get to fix people's computers. I'm always amazed by the amount
> of crap I get in contact with.  Hundreds of browser toolbars, antiviruses,
> shareware, adware, trials, torrent clients, media players etc.
> That not counting the local IT shops which format PCs replacing (typically)
> Windows OS with a cracked one.
> 
> 
> 
> 
> On Tue, Jun 22, 2010 at 9:42 AM, Tom Grace <tom@...thbycomputers.co.uk>wrote:
> 
>> In a way having a requirement that end-users take some responsibility
>> for their own computer is a good thing.
>> Similar to prosecuting people for fraud if they fall for one of the cash
>> scams.
>>
>> On 06/22/2010 05:37 AM, Ivan . wrote:
>>> yep, your tax $$$ at work....
>>>
>>> Don't forget there Internet filter as well.. With these rocket
>>> scientist running the show, what's there to worry about
>>>
>>>
>> http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_protection_against_spams_and_scams
>>>
>>> On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka
>>> <vpn.1.fanatic@...il.com>  wrote:
>>>> They had a committee working on this for a year and that's the best they
>>>> could come up with? HAHAHAHA.
>>>>
>>>> Belinda Neal - With idiots like you and your colleagues tackling this
>> issue,
>>>> tax payers deserve to burn you at the stake. BTW... are you really a
>> du0d?
>>>>
>>>> --
>>>> ciao
>>>>
>>>> JT
>>>>
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


- -- 
Mankind's systems are white sticks tapping walls.
Thanks Roy
http://www.propergander.org.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBTCCFA7Ivn8UFHWSmAQKPywf8CmdPJvwibGI2f6/3dJKMo2glRAvGzWNi
9VY6cU0ymjEGdC53gcbz7pb/D60aotU5xu6LvSx4qqQLJnvjFl2yKPGleT8VVvP8
UUqe891ZLnWDtWTHrdhP8REoSdsdyuQpZisnvBmb7r4gZVdhnzZVaoZcF5okn5wI
Wm7XWrNFjj4fJkXCsv1r/3g2CDgRpHLDgTfd4xt5t2hqYUcnusjb9CO+6lRABtOW
sbBDXa3y4PTAzAkD0MdlIXmEzjQsGopkNKJt1Uw6X57h1rjg31KOjCZea+/S9ozn
0CedmA7DT257hJpKOssboP1LyaLyvmEhVwBfsu4eeH490TE18NKIZQ==
=pUSe
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ