[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <OFD8B04D07.23A65411-ON86256E7B.00725C93-86256E7B.007385F8@kohls.com>
From: Bart.Lansing at kohls.com (Bart.Lansing@...ls.com)
Subject: Super Worm
"...without those dimwits..." "...stupidity of end users..."
sheesh....ok...show of hands please; how many of us systems wizards can do
the jobs the "dimwits" are doing? You infosec guys at hospitals...do any
heart transplants lately? Infosec guy at investment bank...you structure
any billion dollar mergers last week? No? Well what not?? Are you some
kind of dimwit?? Are you stupid???
I could go on ad nauseum but hopefully most of us are bright enough to get
a clue.
NO USERS....NO JOBS...THEY ARE WHY WE EXIST. (For those of you out there
thinking that you serve no customers, hence this does not apply to
you...bzzzzzzzzzz...thank you for playing...wrong answer. Everyone
ultimately does their work for the end users...who do not want to know
about how it works and do not care how it works. This is just a majic box
to him/her for the most part...not a livlihood or passion. Even the black
hats..d00dz...no end users, nothing to sploit...) Can we please save the
insults and just focus on what we're doing? I'm tired of "stoopid luser
this..." "stoopid luser that"...insulting the reason you have a job
is...well..."stoopid".
Bart Lansing
Manager, Desktop Services
Kohl's IT
full-disclosure-admin@...ts.netsys.com wrote on 04/19/2004 02:26:10 PM:
> sean01@...net.com.au wrote:
> > >On the other hand....without those dimwits I would be out of
> > >a job...God
> > >bless the dill's..
> >
> > Yeah, but with the problems and the stupidity of end users,
> <snip>
>
> > Make a good list wich people can check for themselves. A
> > knowledge base
> > maybe with good understandable descriptions of threats and
> > info on new
> > things wich might hit them. If they did not obey the list with checks
> > they can be hold for ignorant, unhelpful, dumb, or any names you can
> > think off (still stay polite). Prioritize those people by
> > filtering who
> > is helpful and sticks with the rules, and people who are just simply
> > ignorant and not willing to learn from what you tell them. In
> > the end
> > it is their own fault and they have to feel how it is to not being
> > helped that quick.
>
> Good points. I have developed just such a list at our organization. In
> addition to quickly responding to these individuals when they need help,
I
> take the extra time to educate them in security including conducting
> voluntary classes, put them on an email list that I keep updating with
the
> latest worms and threats and fixes, and even take extra time to do
> one-on-one to make them feel part of the team. I have even dubbed our
group
> "the white-hats".
>
> In return, they have taken it to heart and have become my un-official
> deputies, keeping their eyes open for security problems from physical
(an
> unknown person walking around suspiciously or a co-worker pasting their
> password on a monitor) to informational (notifying me of a virus getting
> through the gateway filter or being able to access something they know
they
> shouldn't). I have found that my time spent has paid me back in a user
base
> (at least part of it) that has become an asset not a liability, as we
often
> think of them.
>
> Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
> Information Security Engineer
> DP Solutions
>
> ----------------------------------------
>
> If you spend more on coffee than on IT security, you will be hacked.
> What's more, you deserve to be hacked.
> -- White House cybersecurity adviser Richard Clarke
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040419/757f767d/attachment.html
Powered by blists - more mailing lists