nanog mailing list archives
Responsibility: user or OS? (Re: Microsoft XP SP2)
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Mon, 19 Apr 2004 21:21:43 +0000 (GMT)
JS> Date: Mon, 19 Apr 2004 10:39:10 -0700 JS> From: Jeff Shultz JS> > Also, do you realize how much the 'average technical school JS> > graduate type' makes just from acquaintances who complain JS> > that their computers are slow, by simply removing whatever JS> > "flavor of the month backdoor spam proxy virus" JS> JS> Ah, now you are talking about why I happily promote Ad-Aware JS> and Spybot. They're a start. However, I've encountered many systems with suspicious/malicious ActiveX controls or BHOs that neither AdAware nor Spybot caught. I can't think of many other people who are willing to rip out chunks of the Registry manually. How savvy should users be expected to be? Education is good, but there comes a point where the OS/software need to make abuse a bit more difficult. I'm curious to see how Win2003 Server and its executable restrictions fare. Not a silver bullet, of course, but a good start. I've given several presentations where I ask an audience member to stand up and blindly do whatever I instruct. Nobody has been willing yet. Most people will only perform certain "whitelisted" actions in a public crowd. Perhaps software should observe similar defaults. Java applets are scored for "safety" based on what calls the execute; why not extend the approach to all applications? Why not run with safe defaults? Eddy -- EverQuick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _________________________________________________________________ DO NOT send mail to the following addresses : blacklist () brics com -or- alfra () intc net -or- curbjmp () intc net Sending mail to spambait addresses is a great way to get blocked.
Current thread:
- RE: Microsoft XP SP2 (was Re: Lazy network operators - NOT), (continued)
- RE: Microsoft XP SP2 (was Re: Lazy network operators - NOT) David Schwartz (Apr 19)
- RE: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Vivien M. (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Valdis . Kletnieks (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Scott Weeks (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Gregh (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) John Neiberger (Apr 19)
- RE: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Drew Weaver (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Jeff Shultz, WIllamette Valley Internet (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Dan Hollis (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) John Osmon (Apr 19)
- Responsibility: user or OS? (Re: Microsoft XP SP2) E.B. Dreger (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Alexei Roudnev (Apr 19)
- Ordering Windows Security Update CD (was Re: Microsoft XP SP2) Sean Donelan (Apr 19)
- Re: Ordering Windows Security Update CD (was Re: Microsoft XP SP2) Adrian Chadd (Apr 19)
- Re: Ordering Windows Security Update CD (was Re: Microsoft XP SP2) Alexei Roudnev (Apr 19)
- Re: Ordering Windows Security Update CD (was Re: Microsoft XP SP2) James Edwards (Apr 20)
- Re: Ordering Windows Security Update CD (was Re: Microsoft XP SP2) Sean Donelan (Apr 20)
- Re: Ordering Windows Security Update CD (was Re: Microsoft XP SP2) Alexei Roudnev (Apr 21)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Jeff Shultz, WIllamette Valley Internet (Apr 19)
- Message not available
- Re: Ordering Windows Security Update CD (was Re: Microsoft XP SP2) Alexei Roudnev (Apr 21)
- Re: Ordering Windows Security Update CD (was Re: Microsoft XP SP2) Dan Hollis (Apr 20)