Re: [Full-disclosure] [inbox] Re: Fwd: Comment on: USB devices spreading viruses

["Mike C" <mike.cartall@xxxxxxxxx>]

On Sun, Nov 23, 2008 at 7:20 PM, imipak <imipak@xxxxxxxxx> wrote:

> Exibar wrote:
>
> > wow, disabling files to run from the root of all drives would never, ever
> > fly in a corporate environment.  Although I do like the idea on stopping
> > autorun malware, it would work... but oh the calls to the helpdesk! ;-)
> >
>
>
> Each of those support calls is an opportunity to find out why a user's
> trying to run unauthorised software and either help them to find a way
> to do what they want with existing apps, or get a new app reviewed and
> authorised for use -- if it's a genuine business need. Alternatively,
> sometimes they need an introduction to Doctor Cluestick, if they're
> trying play poker online, install dancing hamster screensavers or what
> have you.


According to the article, lots of important data was lost. Its not hard to
conclude what *kind* of data. Such a thing happening inside an intelligence
agency is indeed worrying (as n3td3v pointed out)


>
>
> Of course, blindly thwacking people / dragging them to HR by the hair
> when they're really just trying to do their jobs is
> counter-productive. The calls also show us where we, security, are
> falling down. Perhaps it's poor awareness training (if the user didn't
> know that they shouldn't run unapproved software, or why we have that
> rule, or how to get a new app approved); or could be that the official
> route is being seen as too slow or bureaucratic, in which case it
> needs fixing. And so on.
>

All I hope is we can fix the issue. Hopefully in the near future.

MC

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/