lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <a3a7d6660811230550m5524d38cxa07677f1e952b826@mail.gmail.com>
Date: Sun, 23 Nov 2008 13:50:04 +0000
From: imipak <imipak@...il.com>
To: Exibar <exibar@...lair.com>
Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: [inbox] Re: Fwd: Comment on: USB devices
	spreading viruses

Exibar wrote:

> wow, disabling files to run from the root of all drives would never, ever
> fly in a corporate environment.  Although I do like the idea on stopping
> autorun malware, it would work... but oh the calls to the helpdesk! ;-)
>


Each of those support calls is an opportunity to find out why a user's
trying to run unauthorised software and either help them to find a way
to do what they want with existing apps, or get a new app reviewed and
authorised for use -- if it's a genuine business need. Alternatively,
sometimes they need an introduction to Doctor Cluestick, if they're
trying play poker online, install dancing hamster screensavers or what
have you.

Of course, blindly thwacking people / dragging them to HR by the hair
when they're really just trying to do their jobs is
counter-productive. The calls also show us where we, security, are
falling down. Perhaps it's poor awareness training (if the user didn't
know that they shouldn't run unapproved software, or why we have that
rule, or how to get a new app approved); or could be that the official
route is being seen as too slow or bureaucratic, in which case it
needs fixing. And so on.


=i

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ