funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Security awareness?

From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rmslade () shaw ca>
Date: Fri, 15 Nov 2013 11:49:09 -0800
With security awareness month just past, I have been seeing a number of supposed 
attempts at security awareness, most by various security companies.  They've 
been, as many as I've been able to get through, very disappointing.

For example, Eugene Kaspersky (@e_kaspersky) tweeted about a free guide for 
small businesses:
http://t.co/tjzFOMzGm4:
(https://twitter.com/e_kaspersky/status/400705280477900800)

For the cost of you name, company name, country, email address (and your phone 
number, if you were foolish enough to fill in that field) you could download a 76 
page PDF "Simplifying IT Security For Dummies," apparenlty the Kaspersky Lab 
Limited Edition."  (Actually, although you were promised a download, initially you 
got a slideshow on a Web page.  You then had to find a very dim button on the 
bottom of the page, and select the right options, to actually get a PDF.)

There's nothing really wrong with the book, other than the fact that it is banal, 
generic, and presents very little in the way of actual useful advice (and takes a 
strong stance against freely available AV software.).  The sales pitch for 
Kaspersky is a rather modest five pages.  The only real danger is that anyone 
would think that reading the booklet would prepare them to do any security 
planning.  If it prompted them to do any actual study on the matter, that might be 
good.

But it's disappointing, nonetheless, to see our field brought down to this.  I came 
into it in the old days of virus research, when all of us were trying to help, and 
were eager to pass along anything we knew to anyone who would listen.  Some of 
that enthusiasm wore off when we finally figured out that nobody wanted to listen. 
 A lot more of it left when Certain Individuals, and then some large corps, figured 
out that "creating brands" was more profitable than actually trying to create useful 
security tools.  (I'm actually thinking more of other people when I say that, since 
Eugene has never had any problem with self-esteem issues, but he has also created 
some useful tools.)

Anyway, just another dull, depressing day in the security field, I guess ...

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
                Good judgment comes from experience.
                Experience comes from bad judgment.
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: