[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] A rather newbie question

To: Harlan Carvey <keydet89@xxxxxxxxx>, "Schmidt, Michael R." <Michael.Schmidt@xxxxxxxxxxxx>, "'Ethan Vaughn'" <evaughn@xxxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] A rather newbie question
From: David Hane <dlhane@xxxxxxxxxxxxx>
Date: Mon, 3 May 2004 12:34:59 -0700

Harlan,

On Monday 03 May 2004 10:31, Harlan Carvey wrote:
> Ethan,
>
> > I just wanted to point out that this is probably the
> > no.1 security fallacy I hear among my endlusers.
>
> Having done vulnerability assessments for a long time,
> one of the biggest issues I run up against is admins
> who refer to users as "lusers".  Funny joke, yeah, but
> a lack of discretion points to an underlying attitude,
> which can be a real problem.

While I think you have a point I also think Ethan has one too. It is important 
to remember that users are generally clueless and/or unconcerned with 
security. Of course I'm grossly generalizing but I think you get my point. 
Keeping in mind that the weakest link can be the average user is always a 
good idea. And who would argue with idiot proofing any system, computer or 
otherwise?

So I think a little harmless joking amongst ourselves isn't necessarily all 
bad :-) After all, how many ID10T errors have you fixed in the last week ;-P

Dave

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] A rather newbie question
  - From: Harlan Carvey

References:
- RE: [Full-Disclosure] A rather newbie question
  - From: Harlan Carvey

Prev by Date: [Full-Disclosure] Re: New LSASS-based worm finally here (Sasser)
Next by Date: Re: [Full-Disclosure] A rather newbie question
Previous by thread: RE: [Full-Disclosure] A rather newbie question
Next by thread: Re: [Full-Disclosure] A rather newbie question
Index(es):
- Date
- Thread