Full Disclosure mailing list archives
RE: Who's to blame for malicious code?
From: Tobias Weisserth <tobias () weisserth de>
Date: Thu, 22 Jan 2004 01:42:04 +0100
Hi Paul, a few last words since this is going into "repetitive mode" now ;-) Am Do, den 22.01.2004 schrieb Schmehl, Paul L um 00:44: ...
It's an impossible goal.
I know :-) Of course it's impossible. It's as impossible as trying to change end users. Yet we have to try because it is still _easier_ than to change end users. We can't control end users. As long as "Basic Internet Security" isn't being teached in Kindergarten then there will always be new uneducated users who will make the same stupid mistakes time and again. The products we design are in our hand. We can adapt them, we can change them according to users behaviour. The ultimate ideal of the perfect "fool-prove" product design may never be reached but we can't load off responsibility in front of users doors ("You haven't patched!!!") when a simple measure on our side would have eased the situation (like turning off risky features by default). Of course it's not wrong (but pretty useless) to tell people to use personal firewalls and anti-virus software but not before you have done everything on your side to improve things. I will leave you with this since I have basically stated my position and the private replies I got from some people here on the list reassure me that this discussion has not been in vain. kind regards, Tobias W. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Who's to blame for malicious code?, (continued)
- RE: Who's to blame for malicious code? Steve Wray (Jan 21)
- Re: Who's to blame for malicious code? Ron DuFresne (Jan 21)
- Re: Who's to blame for malicious code? Tobias Weisserth (Jan 21)
- Who's to blame for malicious code? Schmehl, Paul L (Jan 20)
- RE: Who's to blame for malicious code? Brent Colflesh (Jan 20)
- RE: Who's to blame for malicious code? Schmehl, Paul L (Jan 21)
- RE: Who's to blame for malicious code? Tobias Weisserth (Jan 21)
- Re: Who's to blame for malicious code? Vlad Galu (Jan 21)
- RE: Who's to blame for malicious code? Ron DuFresne (Jan 21)
- RE: Who's to blame for malicious code? Schmehl, Paul L (Jan 21)
- RE: Who's to blame for malicious code? Tobias Weisserth (Jan 21)