[69756] in North American Network Operators' Group
Responsibility: user or OS? (Re: Microsoft XP SP2)
daemon@ATHENA.MIT.EDU (E.B. Dreger)
Mon Apr 19 17:22:18 2004
Date: Mon, 19 Apr 2004 21:21:43 +0000 (GMT)
From: "E.B. Dreger" <eddy+public+spam@noc.everquick.net>
To: "'nanog@merit.edu'" <nanog@merit.edu>
In-Reply-To: <20040419173911.7BBD610DBC@gateway.wvi.com>
Errors-To: owner-nanog-outgoing@merit.edu
JS> Date: Mon, 19 Apr 2004 10:39:10 -0700
JS> From: Jeff Shultz
JS> > Also, do you realize how much the 'average technical school
JS> > graduate type' makes just from acquaintances who complain
JS> > that their computers are slow, by simply removing whatever
JS> > "flavor of the month backdoor spam proxy virus"
JS>
JS> Ah, now you are talking about why I happily promote Ad-Aware
JS> and Spybot.
They're a start. However, I've encountered many systems with
suspicious/malicious ActiveX controls or BHOs that neither
AdAware nor Spybot caught. I can't think of many other people
who are willing to rip out chunks of the Registry manually.
How savvy should users be expected to be? Education is good, but
there comes a point where the OS/software need to make abuse a
bit more difficult. I'm curious to see how Win2003 Server and
its executable restrictions fare. Not a silver bullet, of
course, but a good start.
I've given several presentations where I ask an audience member
to stand up and blindly do whatever I instruct. Nobody has been
willing yet. Most people will only perform certain "whitelisted"
actions in a public crowd.
Perhaps software should observe similar defaults. Java applets
are scored for "safety" based on what calls the execute; why not
extend the approach to all applications? Why not run with safe
defaults?
Eddy
--
EverQuick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
DO NOT send mail to the following addresses :
blacklist@brics.com -or- alfra@intc.net -or- curbjmp@intc.net
Sending mail to spambait addresses is a great way to get blocked.
