ranum.com — What are they? They're the anti-good ideas. They're the braindamage that makes your $100,000 ASIC-based turbo-stateful packet-mulching firewall transparent to hackers. Where do anti-good ideas come from? They come from misguided attempts to do the impossible - which is another way of saying "trying to ignore reality."
Apr 18, 2008 View in Crawl 4
dsmxApr 19, 2008
That such a waste, the disks make nice coasters and enough of them can make a very nice lamp.
jonjonr6Apr 19, 2008
yeah, some of the ideas in the article basically support only one idea: don't want to get viruses or hacked? don't have a computer or internet access.That hardly works in a large enterprise.More importantly, when you do have $100,000 employees bombarding your helpdesk because they can't get to youtube, or maybe an inhouse application developed for s pecific department, or a vendor's website, you only increase the cost of your tech support department. It becomes cheaper to fix the computers on the back end, cause, as the article agrees, you'll never be successful educating the end luser.
elliamApr 19, 2008
You obviously missed the point that this is aimed at the people who make the operating systems and networks that other people use.Not that I should be responding to a post with the word 'fanboy' or 'noob' in it...
Closed AccountApr 20, 2008
Vista in the workplace? You name me ONE enterprise level corporation (aside from microsoft) that's running vista on their workstations.
m60dude5Apr 20, 2008
I still say a post-it-note with passwords stuck to the monitor is the number one.
esc27Apr 21, 2008
Some good concepts at first, but overall his suggestions vary from impractical to outright stupid.Blocking attachments for example. In this day and age, any attachment can be a threat: JPegs, PDFs, mp3s, word documents (with macros...) Blocking all attachments would break the day to day operations of many businesses, colleges, etc.Secure by design software: again, a good idea, but no design, no matter how well though out is perfect, and anyone who thinks otherwise and publishes software without doing tests (such as penetration testing) is an idiot.Educating users: Users are the weakest link in security. So what if they can't open attachments, install exes, run untrusted programs. Go ahead and lock everything down. Just a few phone calls is all it takes for social engineering.
neoncodeApr 21, 2008
Yes but in a large network environment where all the computers are networked together, the application 'white list' could be compiled by the sysadmins.
awmitchellApr 22, 2008
Outstanding. If we would all read (and absorb) this article, who knows where we'll be in 12 months !
lucutusApr 24, 2008
Actually they are. Of course on a random digg comment I honestly don't give a s**t about punctuation or spelling. Of course when it comes to covert ISO process docs, tech specs, procedure docs, or QC/QA design then I actually punctuate and spell check. Hell I might even read what I wrote more than once. Here? Who cares other than useless grammar/spelling trolls?
Closed AccountApr 26, 2008
Your comment validates the point I was trying to make.