Full Disclosure mailing list archives

RE: Off topic rant to my friends

From: "Cassidy Macfarlane" <cmacfarlane () Drummond-Miller co uk>
Date: Fri, 10 Jun 2005 11:14:16 +0100

Agreed.

In ICT/Security, I commonly encounter an attitude of 'technocracy' - in
that skilled professionals look down upon and patronise the plain
(relatively unskilled) user.

In business, this attitude is immensely counter-productive, as unless
ICT/Security staff are approachable, they are not going to learn of
day-to-day issues encountered by 'their' users.  

I am a strong believer in the 'support through training' ideal, as the
users have to learn what it is they are either doing wrong, or just not
in the 'right way' (such as checking a suspect mail from phishing
attributes: incorrect URLS/suspect text, etc).  These users cannot be
expected to see through all the varied and nefarious ways malware can be
presented, unless they are shown/trained how to do so.

Not OT at all, imho.

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of James
Tucker
Sent: 09 June 2005 22:01
To: Randall M
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Off topic rant to my friends


Quite right too, and IMO it is not completely off topic. I might point
out that (certainly on windows platforms) teaching users the F1 key is
also a damn good start, as the modern documentation is now quite
mature.

On 6/5/05, Randall M <randallm () fidmail com> wrote:

Sorry to rant to this list. This list though has the only people on it

who

totally understand this ranting.

Every morning before heading for work I read all my security alert

emails

and website collections about possible Trojans, worms and viruses

found.

Being a faithful worker I do this on the Weekends too.

Once at work I check my web appliances, gateway, Exchange boxes and

data

servers for dat updates and check log files. I spend the first

two-three

hours of my work day doing this every day.

Why do I do this? I do it to protect my company's investment. To

ensure that

the employee's have a job that day. To make sure that customers will

have on

time delivery and so new customers can make orders, etc., etc.

Today I read this article:

http://www.eweek.com/article2/0,1759,1823633,00.asp?kc=EWRSS03129TX1K000
0614


For some reason, maybe the coffee, I sat there thinking what the hell

am I

doing all this for? Am I being paid by my company to set up and

protect only

for some future use as a botnet for some organized crime boss!!

I continually spend time, money and research on ways to protect. All

of my

mechanisms I use are actually as helpless as I am!! It's the blind

leading

the blind!!

Then, like a message from God, a memory of a phone call from one of

our

users came to me:

"Hey, I received this email about my account being suspended for

security

reasons, I immediately deleted it but just wanted to let you know".

My small employee awareness program was slowly paying off. A year ago

that

same phone call would have been the "I think I did something bad"

type. I

now realize that my investments and my time have been spent MORE in

the

wrong place. I'm turning that around and heading back to the user.

They are

MY PROACTIVE, PREEMPTIVE protection!! I am no longer depending on the
Anti-Virus dats or the front-end Appliances or the Gateways because a

simple

"Click" by the user makes them all useless. And it looks as though I

can't

depend on them to keep that "click" opportunity from the user.

Praise be to God for the User! They are powerful! They are trainable!

They

are my BEST defense!

There. I fell better now.


thank you
Randall M



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Off topic rant to my friends Randall M (Jun 05)
- Re: Off topic rant to my friends J.A. Terranson (Jun 05)
  - Re: Off topic rant to my friends John Goh (Jun 05)
  - Re: Off topic rant to my friends Steve Kudlak (Jun 09)
- Re: Off topic rant to my friends James Tucker (Jun 09)
- <Possible follow-ups>
- RE: Off topic rant to my friends Cassidy Macfarlane (Jun 10)