lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: rliebsch at stoneyamashita.com (Robert J. Liebsch)
Subject: [OFFTOPIC] Zone Alarm

worse than HTML email... Exchange

*eep*

I have mixed emotions about making ppl understand security. Users are rather
stupid by nature.
Otherwise, I wouldn't have a job. 

I think however, having them use the software and equipment, making natural,
and letting them 
watch the news and read the magazines, and talk to the clients about "oh,
that worm/virus/hack,
didn't affect us.

I cannot make users understand why they need to change passwords. They argue
and whine and 
cry alot, but they do change those passwords.

My wife, my family are not tech savvy folks. But they humor me and they take
precautions, then 
they patiently listen to their friends and collegues complain about virii,
ftp and irc servers they were
unwittingly running on thier systems. Then I get to overhear my family say
things like "well why don't 
you have a Router/Firewall thingy... it works for me"

9out of 10, that silly little NAT on the linksys is enough to ward off
penetrations to home computers, for
home manual non-reading users.

Ferrari?!? Um, need a son, or another admin... I don't even own a car *grin*



> ----------
> From: 	Schmehl, Paul L
> Sent: 	Wednesday, June 4, 2003 6:44 PM
> To: 	Robert J. Liebsch; Michael Reilly; Kurt Seifried
> Cc: 	Ben Tyson-Norrman; full-disclosure@...ts.netsys.com
> Subject: 	RE: [Full-Disclosure] [OFFTOPIC] Zone Alarm
> 
> >-----Original Message-----
> >From: Robert J. Liebsch [mailto:rliebsch@...neyamashita.com] 
> >Sent: Wednesday, June 04, 2003 6:45 PM
> >To: Michael Reilly; Schmehl, Paul L; Kurt Seifried
> >Cc: Ben Tyson-Norrman; full-disclosure@...ts.netsys.com
> >Subject: RE: [Full-Disclosure] [OFFTOPIC] Zone Alarm
> >
> >
> >I have on asbestos underwear, so I am prepared for your flames...  
> >
> You should be, since you're using HTML email. :-)
> >
> >However, Because security is inconvenient does not make it 
> >irrelevant. You do have your car serviced? You do go see a 
> >doctor regularly? You do perform maintenance to your home?
> >   ....don't you? 
> 
> Yes, but I don't expect my 20 year old daughter to jump in my Ferrari
> and drive it safely either.  She drives the Honda Civic, and after she's
> got some experience under her belt and has gone to driving school *then*
> I'll consider giving her the keys to the Ferrari.
> 
> I'd rather have an inexperienced user behind a PFW any day than expect
> them to understand and *properly* implement NAT *and* a firewall.  I'd
> rather have them introduced to the concept of security in a way that
> they understand than to shove it down their throats with technology they
> don't comprehend and can't possibly use correctly.
> 
> Paul Schmehl (pauls@...allas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
> 
> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030604/b3d82a67/attachment.html

Powered by blists - more mailing lists