North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT)
At Mon, Apr 19, 2004 at 08:22:48AM -0400, Chris Brenton wrote: > > Agreed. I think part of what makes 0-day easier to hide *is* the raw > quantity of preventable exploits that are taking place. In many ways we > have become numb to compromises so that the first response ends up being > "format and start over". If 0-day was a higher percentage, it would be > easier to catch them when they occur and do a proper forensic analysis. Right, they fit in with the noise. > <RANT> > I guess I have a hard time blaming this type of thing on the end user. > Part of the fall out from making computers easier to use, is making it > easier for end users to shoot themselves in the foot. One of the > benefits of complexity is that it forces end user education. I'm > guessing that if you had to load SQL as a dependency you would have > caught your mistake before you made it. > > Let me give you an example of the easy to use interface thing. Back in > 2000 I made it a personal goal to try and get the top 5 SMURF amplifier > sites shut down. I did some research to figure out what net blocks were > being used and started contacting the admins. Imagine my surprise when I > found out that 3 of the 5 _had_ a firewall. They had clicked their way > though configuring Firewall-1, didn't know they needed to tweak the > default property settings, and were letting through all ICMP > unrestricted and unlogged. > > IMHO its only getting worse. I teach a lot of perimeter security folks > and it seems like more and more of them are moving up the ranks without > ever seeing a command prompt. I actually had one guy argue that > everything in Windows is point and click and if you could not use a > mouse to do something, it was not worth doing. Again, I don't see this > as an end user problem because as an industry we've tried to make > security seem easier than it actually is. We want to make it like > driving a car when its more like flying an airplane. That's pretty sad, I can forgive users, but nobody doing 'security' should be living in a pure GUI world, to extend your analogy it would be like only knowing how to configure the autopilot and getting a pilot's license. As far as mainstream users.. * Software needs to patch itself, users aren't going to do it. * Software needs to be intuitive, people interact with computers as if they were doing 'real' things. Things like cut and paste are easy because they make sense... * Software patches need to WORK and not screw up Joe User's system, believe me they won't "understand" that software is never bug-free, they'll instead swear off installing patches in future. * Software needs reasonable defaults.. this doesn't necessarily mean turning every feature off. * Wizards and/or a choice of 'starter' confs can be great.