Re: The home user problem returns

[Chris Blask <chris () blask org>]

At 06:01 PM 9/13/2005, Mason Schmitt wrote:
> > TBird opined:

Hey folks (hullo TBird! :)!

.d.
> > so for me, the question is, how do we influence the *consequences* of
> > badly configured or managed machines - wherever they are, on
> > corporate networks or the internet - in order to create the change we
> > want? how do we create a beneficial sort of pain?
>
> It's already happening, we don't have to do anything to cause further
> pain.  What we need to do is to have solutions and answers ready for
> when people start looking for them.  That's why I said earlier that we
> need to keep pushing forward, while still reaching out to see if anyone
> is ready to listen yet.

I think I agree with the spirit of your position.

We as a group have a lot of roles to play and scaring the pants off 
of people is, sometimes, appropriate, so I don't gainsay those who 
fulfill that need.

However, I think another more common role we need to play is the 
damping rod.  There is an often frenetic cloud of activity, emotion 
and motivation in many of the stressful rooms we walk into.  We also 
need to spend a lot of time bringing people down out of the rafters 
(where they tend to lobby for insane and self destructive 
legislation) and making them believe that they will be All Right so 
long as they Stay Calm and Do At Least These Things.  Military 
leadership has lived with this forever and been able to keep a 
straight face while knowing the subtext ("and some of you will die, 
but we might win the war").

> > when i'm dealing with my relatives, i just change the configuration of
> > their computer when i'm visiting. that's not exactly a motivator, 
> but hey, their
> > machines are fully patched :-)
>
> I do the same thing.  I usually also follow up by telling my mom or dad
> why I did it and take that as an opportunity to tell them a bit about
> what other things they may want to think about to help protect themselves.

My mom and her husband are here now and I just gave them another 
little edu bit.  It's very very interesting to work over a long 
period of time with very bright but Generationally-Challenged folks, 
trying to get the basic memes into their heads so they can understand 
what they can do (much less what the risks are).  The Mom Test has 
*always* been my litmus for the underlying state of the Great 
Unwashed.  Currently it is "better than before but still a long way 
to go", and so my postion on all this remains consistent...

> > it's why i'm so interested in NAC and NAP and other sorts of enterprise
> > technologies that let me use network connectivity as the bribe to get
> > machines configured the way i want them. .d.
>
> Arrogant maybe.  Intrusive probably.  However, I still think it's a
> great idea.  That's kind of what I've been looking at except that I have
> to be more reactive than proactive, so I'm planning to go with the leper
> colony or penalty box idea.

Exactly what Tina said: "use network connectivity as the 
bribe".  It's not even so much a bribe, it's Resonsibility coming 
home to Roost.  There are (and will be) ways to push responsibility 
(in phases, perhaps) out to the endpoint, which will make a lot of 
problems solvable...

-cheers!

-chris



Real courage is risking something you have to keep on living with, 
real courage is risking something that might force you to rethink 
your thoughts and suffer change and stretch consciousness. Real 
courage is risking one's cliches.

-Tom Robbins

Chris Blask
chris () blask org
http://blaskworks.blogspot.com

+1 416 358 9885