General discussion

Locked

The Six Dumbest Ideas in Computer Security

By jdclyde ·
This came in a security newsletter I recieve. I read it and some of the ideas I thought were pretty obvious to me, yet some others made me have to think about them for a while as they are counter the conventional "wisdome" about computer security.

"Marcus Ranum released any interesting editorial entitled "The Six Dumbest Ideas in Computer Security." He gives his views on common security misconceptions that seem to be perpetuated throughout corporate IT environments. You can read this and other editorials at:
http://www.ranum.com/security/computer_security/editorials/dumb/"

After reading this, what is your take? Are we just chasing our tails so vendors can continue to make a profit?

Is this approach something that you use, or could use?

This conversation is currently closed to new comments.

127 total posts (Page 2 of 13)   Prev   01 | 02 | 03 | 04 | 05   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Enumerate goodness of users

by DMambo In reply to Recieving exe files

Another way to control attachments is to group users by level of confidence. The ones with enough training will have rights to pull the executables from quarentine. Too hard to administer? What part of the title SysAdmin let's you not be aware of users' abilities? (to paraphrase the article).

JD, the correlary to "well, I got an attachment so I HAD to see what it was" is "I only opened it for a second." :)

Collapse -

And ever better

by jdclyde In reply to Enumerate goodness of use ...

is when they DENY opening that attachment that gave them sircam or whatever. X-(

Or when they open it, it does nothing so they open it again and again. Hmmm, maybe there is something wrong? ?

"Only opened if for a second!" Too funny! (Sounds like what my future ex-wife would do [in bed]).

Collapse -

blocking exe not a great idea

by Scott.Geiger In reply to Recieving exe files

Ok so you've blocked .exe, have you blocked .pif, .bat, .avi, .swf, (and on and on and on...)? It goes back to point #1 of the article - Default Permit. If you are going to block - block all and allow few. Or better yet set up a quarantine server/ftp server in a DMZ.

Simply changing the extension is not a real solution and one that can be circumvented. We've seen viruses that embed javascript/vbs in HTML formatted email messages. It would not be very hard to write a script to change the extension after it gets past the block.

I work at a place that blocked/blocks .zip, but they didn't block .tar.gz or .tgz (both of which can be opened via almost any windows based compression tool).

Collapse -

You do what you can with what you have

by jdclyde In reply to blocking exe not a great ...

I am the Net admin, not the mail admin.

The only thing I CAN do is what the firewall able to do for me. Anything more than that is seen as encroaching on someone elses area, and if you don't think that creates problems then you haven't been in IT for long. I am not going to create a war with people I have to spend 1/3 of my life with, over this.

I can make suggestions, but that is as far as that goes.

I am seen as "paranoid" because I am concerned with security. Oh well, politics as usual.

Collapse -

yup, me too

by gadgetgirl In reply to You do what you can with ...

I'm sure someone changed the dictionary definition of security to paranoia at some stage.

Hey, that's an idea, jd!

Shall we start the TR Paranoia Club?

GG

Collapse -

Were you watching me?

by jdclyde In reply to yup, me too

I know you people are up to something, I JUST KNOW IT! (takes his meds, and the shaking stops)

I would take a membership in that club as I have lots of credentials in paranoia! Ask any of my co-workers! B-)

Any administrator that doesn't have SOME paranoia will not stay on top of the security game.

Their coming to take me away, ha ha
Their coming to take me awAY, ho ho

Collapse -

I'm not paranoid...

by Hardware Queen In reply to Were you watching me?

they really are after me!

Seriously, the admins at our county think our school district is paranoid because we have things locked down so tightly. But guess who doesn't get infected with the Worm of the Month?

I would like to take this author's approach, but I'm overridden by my supervisor. He's the "fun uncle" who lets the kids do what they want, then mops up after them later.

Collapse -

Paranoia

by birgirsch In reply to Were you watching me?

Just because you're paranoied,
that does not nececeraly meen that,
they're not out to get you!!!

Collapse -

to the funny farm...

by NickNielsen In reply to Were you watching me?

When was the last time you saw clean white shirts in an IT shop?

Collapse -

fun uncles..

by shadowpassword In reply to Were you watching me?

yep. I've got a director whose idea is "We can't cause any hate, pain or discontent with the users". So I find myself constantly trying to do things in some roundabout way taking me twice as long throwing me into the syndrome of "I'll secure it later". Later never comes because later it will cause even more hate, pain and discontent and the vicious circel continues...

Back to Security Forum
127 total posts (Page 2 of 13)   Prev   01 | 02 | 03 | 04 | 05   Next

Related Discussions

Related Forums