FW: FYI: Are you still looking for an excuse to block executable attachments?

From: Eric Johnfelt (ejohnfel_at_IC.SUNYSB.EDU)
Date: 01/28/04

  • Next message: Jeff Wright: "Re: Are you still looking for an excuse to block executable attachments?" 
    Date:         Tue, 27 Jan 2004 18:10:16 -0500
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    > Indeed, and as a result it looks as if some of us (well, some of the
    > assembled "you" reading this and many more who aren't) will,
    > come maybe
    > 2008-2010 (??), end up stuck with computer systems designed in Redmond
    > as the (then) modern day version of Orwell's 1984 due to NGSCB and its
    > offspring only allowing them to run Redmond-certified software because
    > it appears that "we" are too stupid to (safely) use general purpose
    > computers.

            Was there a point there???

            If MS doesn't attempt stop problems like this, then everyone blames
    MS for causing it. If they try to stop it, everyone calls them big
    brother and starts spewing trash about another world domination plot
    and says, "Not in my backyard", giving self-righteous pundits and
    The unwashed masses license to ignore their efforts wholesale.

            No amount of technology, AV software or dislike of
    MS will change the fact that we are experiencing technological
    Growing pains, nor will any effort from any one vendor
    completely stop it.

            Bad-People (blackhats, virus writers, etc...), like weather,
    are a force of nature. They will not simply throw their collective hands
    in the air one day and say "wow... Its getting too tough, we surrender...".

            End-Users are, Doctors, engineers, moms, children, police,
    students, truck drivers, teachers, artists and WHAT HAVE YOU. The
    focus of their lives, unlike us, are not on computer technology or
    security, nor should it have to be to the extent it is with us.

            It would be ideal if they "had-a-clue" but I do not expect
    My end-users to, not because I have surrendered to the immutable
    Law of "end-user stupidity", but because I accept the law of
    averages. If they get a clue today, how many more are waiting
    For them down the road???? By the time they are done, they
    Will effectively not be end-users...

            Griping about MS or End-User proficiency cannot fix this
    predicament.

            The only real solution at the moment is to, educate those
    Who will except it and encourage them to share that knowledge with
    Their co-workers and friends without being judgemental; but even
    that will not stop certain individuals from engaging in high risk
    activity, some people are just thick... (and they deserve the grief
    The generate for themselves). Where possible, layer the
    defenses... Block attachments, Use firewalls, use AV software,
    try to keep everything as up to date as possible, don't expose
    Devices that have no business being exposed to unfiltered network
    traffic, use monitoring systems (even if only for perfomance
    Evaluation)...

            HAVE CONTINGENCY PLANS AND ENGAGEMENT IN RISK MANAGEMENT.

            Prepare for the big "splat" sound when the crap hits the
    Firewall, because its always going to be waiting around the corner
    For each and every one of us to some degree.

            And most of all, DROP THE ATTITUDE about the users. There
    Is nothing more expedient for closing a mind then by insulting it
    First. It serves to no purpose to make the "problem" tune you out.

                                                                    EJ

    -----
    NTBugtraq Editor's Note:

    Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.
    -----

  • Next message: Jeff Wright: "Re: Are you still looking for an excuse to block executable attachments?"