North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: OT: Re: User negligence?

  • From: Sean Donelan
  • Date: Sun Jul 27 01:27:49 2003

On Sun, 27 Jul 2003, Len Rose wrote:
> Not calling it a breach of security is simply.. ridiculous. It is a
> most flagrant breach of security if they can't even secure their own
> internal networks and systems. Host level security should be the
> easiest thing to accomplish given competent systems staff.

It a breach of security of the *USER'S* computer, not the *BANK'S*

How many people do you know have a full-time systems staff mainaining
their home PCs?

If they are lucky, they might have a clever teenager in the house which
helps their parents set the clock on the VCR and unpack the PC they bought
at Best Buy.  If they aren't lucky, it was probably the same clever
teenager that downloaded the trojaned software on the parent's PC.

Is the Bank or ISP supposed to send suppport staff to each customer's
house to maintain host level security on customer's home PCs?  The bank
didn't sell the customer the computer or the Microsoft software, didn't
install software on the home PC, and doesn't maintain the home PC.

Outlook, the exploding Pinto on the information superhighway.