| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 3 Nov 2008 10:08:01 +0000
From: mcwidget <mcwidget@...il.com>
To: Valdis.Kletnieks@...edu
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Securing our computers?
>
> What we *don't* know how to do is make a system that Joe Sixpack is allowed
> to screw around with, and yet prevent security issues from happening.
>
This is the real problem. There are *some* things that can be done, I'd
like to see some form of NAP built into home routers that verifies your home
PC against a baseline before allowing you to go online. You want to go to
Google? Sure, but your AV's out of date and you've missed this week's
patches, how about I only let you to norton.com and microsoft.com until
you've updated? Let users do what they want with their PCs and put some of
the security logic in the 'other' machine they have at home. What if they
want to go online without updating though?
Therein is where most solutions will fall down. Either end/home users are
allowed full control of their machines to do with what they will or that
control is completely taken away from them - there's no middle ground.
Given that, even though the user is currently the weakest link in the
security chain it's a link that should be regarded as inherently insecure.
Fixing the user is the obvious solution but it's also the least likely.
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists