nanog mailing list archives
Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT)
From: Brian Russo <brian () entropy net>
Date: Mon, 19 Apr 2004 10:51:18 -0400
At Mon, Apr 19, 2004 at 08:22:48AM -0400, Chris Brenton wrote:
Agreed. I think part of what makes 0-day easier to hide *is* the raw quantity of preventable exploits that are taking place. In many ways we have become numb to compromises so that the first response ends up being "format and start over". If 0-day was a higher percentage, it would be easier to catch them when they occur and do a proper forensic analysis.
Right, they fit in with the noise.
<RANT> I guess I have a hard time blaming this type of thing on the end user. Part of the fall out from making computers easier to use, is making it easier for end users to shoot themselves in the foot. One of the benefits of complexity is that it forces end user education. I'm guessing that if you had to load SQL as a dependency you would have caught your mistake before you made it. Let me give you an example of the easy to use interface thing. Back in 2000 I made it a personal goal to try and get the top 5 SMURF amplifier sites shut down. I did some research to figure out what net blocks were being used and started contacting the admins. Imagine my surprise when I found out that 3 of the 5 _had_ a firewall. They had clicked their way though configuring Firewall-1, didn't know they needed to tweak the default property settings, and were letting through all ICMP unrestricted and unlogged. IMHO its only getting worse. I teach a lot of perimeter security folks and it seems like more and more of them are moving up the ranks without ever seeing a command prompt. I actually had one guy argue that everything in Windows is point and click and if you could not use a mouse to do something, it was not worth doing. Again, I don't see this as an end user problem because as an industry we've tried to make security seem easier than it actually is. We want to make it like driving a car when its more like flying an airplane.
That's pretty sad, I can forgive users, but nobody doing 'security' should be living in a pure GUI world, to extend your analogy it would be like only knowing how to configure the autopilot and getting a pilot's license. As far as mainstream users.. * Software needs to patch itself, users aren't going to do it. * Software needs to be intuitive, people interact with computers as if they were doing 'real' things. Things like cut and paste are easy because they make sense... * Software patches need to WORK and not screw up Joe User's system, believe me they won't "understand" that software is never bug-free, they'll instead swear off installing patches in future. * Software needs reasonable defaults.. this doesn't necessarily mean turning every feature off. * Wizards and/or a choice of 'starter' confs can be great.
Current thread:
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT), (continued)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Petri Helenius (Apr 18)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Henry Yen (Apr 18)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Peter Galbavy (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Michael Painter (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Patrick W . Gilmore (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Paul Vixie (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) John Kristoff (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Chris Brenton (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Brian Russo (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Chris Brenton (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Brian Russo (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Jeff Shultz, WIllamette Valley Internet (Apr 19)
- RE: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Geo. (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Alexei Roudnev (Apr 19)
- Re: Lazy network operators - NOT Paul Vixie (Apr 19)
- Re: Lazy network operators - NOT Sean Donelan (Apr 19)
- Re: Lazy network operators - NOT Matt Hess (Apr 18)
- Re: Lazy network operators - NOT Alexei Roudnev (Apr 18)
- Re: Lazy network operators Joel Jaeggli (Apr 14)