nanog mailing list archives
Re: OT: Re: User negligence?
From: Valdis.Kletnieks () vt edu
Date: Sun, 27 Jul 2003 01:08:05 -0400
On Sun, 27 Jul 2003 00:56:28 EDT, Len Rose <len () netsys com> said:
I humbly disagree. It is not user negligence, but rather neglgence on behalf of the entity's systems team, or perhaps the entity's failure to support their own systems team by hiring competent staff instead of relying on people who play office politik or look nice in a suit and tie. User's are not expected to be secure their machines, or even barely know more than how to use a handful of applications. In the bank's case hopefully they are supposed to be financial experts.
Right. The problem was that it was exactly that clueless *USER* machine that got trojaned. So for instance, if you are one of the people who got burned by the recent Kinko key-sniffer hacks, and the hacker used the info to logon to your bank account, in what way is the bank liable? What *realistic* steps is the bank supposed to take? (Hint - what percentage of *security professionals* use an S/Key or similar for remote logins?)
Attachment:
_bin
Description:
Current thread:
- User negligence? Sean Donelan (Jul 26)
- OT: Re: User negligence? Len Rose (Jul 26)
- Re: OT: Re: User negligence? Valdis . Kletnieks (Jul 26)
- Re: OT: Re: User negligence? Sean Donelan (Jul 26)
- Re: OT: Re: User negligence? Len Rose (Jul 26)
- Re: OT: Re: User negligence? Alex Rubenstein (Jul 26)
- Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Sean Donelan (Jul 26)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Rob Thomas (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Vinny Abello (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Vinny Abello (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Paul Vixie (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Patrick (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Paul Vixie (Jul 27)
- OT: Re: User negligence? Len Rose (Jul 26)