[126959] in North American Network Operators' Group
Re: Nato warns of strike against cyber attackers
daemon@ATHENA.MIT.EDU (Chris Adams)
Wed Jun 9 09:05:34 2010
Date: Wed, 9 Jun 2010 08:05:21 -0500
From: Chris Adams <cmadams@hiwaay.net>
To: nanog@nanog.org
Mail-Followup-To: Chris Adams <cmadams@hiwaay.net>, nanog@nanog.org
In-Reply-To: <4C0F11A0.8000303@gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Once upon a time, JC Dill <jcdill.lists@gmail.com> said:
> I'm still truly amazed that no one has sic'd a lawyer on Microsoft for
> creating an "attractive nuisance" - an operating system that is too
> easily hacked and used to attack innocent victims, and where others have
> to pay to clean up after Microsoft's mess.
Many of the problems are PEBKAC, as evidenced by the massive responses
to phishing scams. I can't tell you the number of our users that have
sent their password to Nigeria to be used to log in to our webmail and
spam.
Users open attachements, follow links, and click "OK" with alarming
ease. As long as that is the case (and I don't see that changing),
blaming one vendor is not going to help.
Something like the NSA's SELinux helps (because you can have all browser
plugins run in sandboxes, have saved attachments non-executable, etc.),
but users will still follow the instructions to override it.
--
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
