Re: [Full-Disclosure] [Fwd: Last Critical Update]
From: Damian Gerow (damian_at_sentex.net)
Date: 09/24/03
- Previous message: gregh: "Re: [Full-Disclosure] Just when you thought Macafee stuff was safe!"
- In reply to: Richard M. Smith: "RE: [Full-Disclosure] [Fwd: Last Critical Update]"
- Next in thread: Jason Coombs: "[Full-Disclosure] Swen Really Sucks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Tue, 23 Sep 2003 18:34:28 -0400
Thus spake Richard M. Smith (rms@computerbytesman.com) [23/09/03 17:40]:
> No user education is required. Any Windows email reader worth its salt
> should be automatically deleting all incoming attached files which are
> executable programs. Outlook has been doing this since the fall of
> 2000. Outlook Express 6 also has this option, but it was off by default
> until recently. :-(
And that action prompts not only user interaction, but administrator
interaction. Think outside the scope of your happy little Corporation, with
tightly controlled desktops. Think ... ISP. The Wild West of Computing.
</daydream>
See, the problem is, as an ISP, we have to provide multiple types of
services -- spam scanning, AV scanning. content filtering, etc. So we do,
both for our sanity, our customer's sanity, and the sanity of the 'Net as a
whole.
It's become a not-too-uncommon ocurrence for the end user to send us a
message, demanding that we turn off the filtering on their account, because
we're blocking their attachments. Yes, OE is popping up, saying, 'Hi! I've
blocked access to an unsafe attachment. This is for your security.'
It's too late to just *stop* all attachments in their tracks. End users
have gotten far too used to having what they have, to go backwards.
Especially those who 'upgrade' from Win95 to WinXP, and then claim that they
don't have the same functionality that they used to have. And the burden of
this often falls on /our/ shoulders; the Providers.
At this point, I would suggest that instead of outright blocking it, a
message comes up that says, 'Hi. You're about to run something unsafe. You
shouldn't do this, no exceptions. If you really want to, you may
permanently damange your computer. Click OK to heedlessly run this program.'
And when that happens, pop up an exclamation box that says, 'Running unsafe
attachment, possible system damange may occur'. Something straightforward
and simple, that will scare the pants off of them. Make them /want/ to not
run attachments, I say!
Problem is, I know that users will just get used to those warnings, and
start to ignore them. Just like people learn to ignore the oil warning
light on older cars, or the funny sound that their wheel wells make, or the
fact that every time they turn on their computer, they do a checkdisk ('Does
it always do thi?' 'Oh yes, this is normal.').
IMHO, Microsoft has shoved the MUA market into a tight corner, with few
readily visible roads out. And outright attachment blocking is /not/ one of
them, unfortunately.
</rant -- it's been a long day>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: gregh: "Re: [Full-Disclosure] Just when you thought Macafee stuff was safe!"
- In reply to: Richard M. Smith: "RE: [Full-Disclosure] [Fwd: Last Critical Update]"
- Next in thread: Jason Coombs: "[Full-Disclosure] Swen Really Sucks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
