-
July 13th, 2005, 03:10 AM
#11
you're lucky to update once a year.
Hell, I am still on Win2k SP2, which is the same as at my work. We ony patch for functionality, not security. Any security patch should only fix security issues that are easily foreseen and should have been subsequently isolated. Oddly enough this is true. Microsoft hasn't had any uncontainable/catastrophic security issues in many, many years (can't even rememeber the last one)
cheers,
catch
-
July 13th, 2005, 04:04 AM
#12
Gee catch, so you don't patch for security and don't run AVs...
Let me ask you on how you dealth / are dealing with the jpg/gif/png overflows that have been discovered more or less recently that are exploitable by just opening a picture file?
Ammo
Credit travels up, blame travels down -- The Boss
-
July 13th, 2005, 04:10 AM
#13
All his pron is Ascii
-
July 13th, 2005, 04:46 AM
#14
Originally posted here by gore
All his pron is Ascii
Haha! lol good one!
Credit travels up, blame travels down -- The Boss
-
July 13th, 2005, 05:13 AM
#15
Although I do have some mighty fine ASCII porn, I do still view regular images as well. My prefered image viewer is Irfan (somthing about the run over cat that does it for me) however... in ascking about my vulnerability to malware you have asked the wrong question.
I deal with all malware in the same ways. I don't prevent, I merely contain to a non-dangerous level. Exploits will happen, just accept the fact and ensure that when they happen no rights are gained.
cheers,
catch
-
July 13th, 2005, 02:04 PM
#16
Protecting your own machine may be easy to do in a non patched environment, but what about all my end users that have no clue what they are doing.
xmad
-
July 13th, 2005, 02:59 PM
#17
Great perspective Gore, thank you.
xmadness has a good point tho, users will be users. "This would be a great job, except for all these damned users."
I think your ideas have their place, but this mindset simply will not work across the board for all companies, agencies, and organizations. What about not-for-profits that can't afford one box for FTP, one for Apache, one for Qmail, etc? They have to combine these services onto one system.
I'm not refuting your position, I just think it's a bit idealistic. It has it's place, but (at least in a corporate for-profit situation) security is not always the most valued end-goal. Mitigated risk, accepted risk, and ROI are critical factors that have to be considered. As a security guy, I will always demand security first. I won't get my way (most of the time), but I will be heard.
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
-
July 13th, 2005, 03:07 PM
#18
The suggestion that using software that "doesn't suck" is an wise one. However, even the most robust applications occasionally have exploits. For example: Apache on Linux, while tending to be more secure than IIS on Windows, does occasionally have exploits developed. I doubt that Sun Tzu would advise in favour of never checking the walls and gates of your fortress
\"The future stretches out before us, uncharted. Find the open road and look back with a sense of wonder. How pregnant this moment in time. How mysterious the path ahead. Now, step forward.\"
Phillip Toshio Sudo, Zen Computer
Have faith, but lock your door.
-
July 13th, 2005, 04:28 PM
#19
Originally posted here by xmaddness
Protecting your own machine may be easy to do in a non patched environment, but what about all my end users that have no clue what they are doing.
xmad
Users can be taught, but not with books. Voltage works best.
-
July 13th, 2005, 05:37 PM
#20
Heh, half the users here, even after being taught, still have no clue. I guess i will go get that old welding machine and some jumper cables.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|