Re: Does Microsoft Need a New Source Code for the Future?
- From: "Kerry Brown" <kerry@xxxxxxxxxxxxxxxxxxx*a*m>
- Date: Tue, 29 Jul 2008 07:07:56 -0700
"Dan" <Dan@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:394D204B-1869-46CB-AB1E-3E4B0F265A6B@xxxxxxxxxxxxxxxx
Much of what is spoken of as "security" (even in these security circles)
isn't so much about securing X for Y but against Z, but is about safety,
i.e. making sure that unwanted situation S should never arise.
When I first dropped into security newsgroups and elists, I expected to
see 95% networking and domain-centric user admin, and little that was
relevant to my interests. Instead, I found much discussion of the same
malware attacks and safety failures - the problems I see in my terrain.
To me, that means "malware" is far from being a "solved problem",
despite the resources that professionally-managed IT can throw at it.
As someone with one foot in both camps - support corporate networks, support home users and very small networks. Let me add my perspective.
A lot of IT pros are only concerned with the health of the network not individual computers. When something goes wrong with a computer it is removed from the network and fixed. Their security is designed to protect the network not only from outside attack but from malicious (or even just dumb) users as well. They aren't concerned with saving data on individual computers so it's usually easier and much more cost effective just to nuke a computer that has any problems. This can lead to problems where the IT Pro really has no idea how dangerous malware is or how to really protect users from it.
Supporting individual users or very small p2p networks requires a totally different mindset. In these situations data is scattered anywhere and very rarely is all the data backed up. To lose one computer could be catastrophic. At the same time these users expect to be able to do whatever they want with their computer. To support these users you need to intimately understand how malware works and how to defend against it.
Of course there is a lot of overlap between the two security paradigms. I generalised with a very broad brush. I do think there are two very different mindsets when it comes to computer security and this often leads to one mindset disregarding the other as not relevant. This is a mistake. The reality is understanding both mindsets, analysing what the current situation requires, and applying whatever works from each mindset in this situation is the best security.
Malware will never be a solved problem. There is too much money in it. As OS's become hardened social engineering attacks will get better. Attacks against other pieces of the infrastructure will become more common. The current DNS problems illustrate this. You can have an invulnerable system but if you are redirected to hacker.com instead of bank.com and enter your credentials what good did all that security do you?
Security means different things in different situations and is always a moving target.
--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
http://vistahelpca.blogspot.com/
.
- Follow-Ups:
- References:
- Prev by Date: Re: Does Microsoft Need a New Source Code for the Future?
- Next by Date: RE: Credential Roaming + EFS - how to cleanup user certificates ?
- Previous by thread: Re: Does Microsoft Need a New Source Code for the Future?
- Next by thread: Re: Does Microsoft Need a New Source Code for the Future?
- Index(es):
Relevant Pages
|
