Scott Granneman, 2003-10-22
Colapse all |
Post comment
It's true, but who pays?
2003-10-22
HellCat (3 replies)
HellCat (3 replies)
It's true, but who pays?
2003-10-23
CTRL-O
CTRL-O
To me this articles looks a lot more just like a 'call to arms' in trying to be good citizens (before being security pros) and help our friends, neighboors, etc...
[...] We've got to educate our parents, our other family members, our boyfriends and girlfriends, our wives and husbands and partners...
[ more ] [ reply ]
[...] We've got to educate our parents, our other family members, our boyfriends and girlfriends, our wives and husbands and partners...
[ more ] [ reply ]
It's true, but who pays?
2003-10-25
Mark Rohrer <mark.e.rohrer@lmco.com>
Mark Rohrer <mark.e.rohrer@lmco.com>
So, HellCat, tell us how you REALLY feel.
In the end, we all pay. Yeah, pie in the sky, and you're right. Until we, as a professional community, begin to be good ambassadors of AT&T and reach out and help the folks--friends, family, neighbors--we are accomplishing a tremendous disservice in hel...
[ more ] [ reply ]
In the end, we all pay. Yeah, pie in the sky, and you're right. Until we, as a professional community, begin to be good ambassadors of AT&T and reach out and help the folks--friends, family, neighbors--we are accomplishing a tremendous disservice in hel...
[ more ] [ reply ]
Who is going to pay for it?
2003-10-22
Dennis Jugan
Dennis Jugan
We're all paying for it, and paying more as time goes on.
Home users pose a dilemma, but small and medium size businesses can manage risk with the assistance of a trained information security professional.
Some time ago, Fram ran a TV commercial for their oil filters -- a customer in an auto s...
[ more ] [ reply ]
Home users pose a dilemma, but small and medium size businesses can manage risk with the assistance of a trained information security professional.
Some time ago, Fram ran a TV commercial for their oil filters -- a customer in an auto s...
[ more ] [ reply ]
Teach a man to fish.....
2003-10-22
Dennis Jugan (1 replies)
Dennis Jugan (1 replies)
I'm currently toiling in the vineyard that you so well describe, using all of your suggested techniques and more.
I concur that working with small business and the home user is a niche that must be filled. However, don't bother to visit if you're seeking instant gratification in terms of $$$$.
...
[ more ] [ reply ]
I concur that working with small business and the home user is a niche that must be filled. However, don't bother to visit if you're seeking instant gratification in terms of $$$$.
...
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-22
Anonymous (5 replies)
Anonymous (5 replies)
You don't need to be an educator- you need to be *educatED*!! You use FUD like "mega-patch" and expound how 2003 has 9 advisories since its release. To blindly ignore the drove of patches released for *nix and other open source products is simply irresponsible. You MUST know that they far outnumb...
[ more ] [ reply ]
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-23
Anonymous (1 replies)
Anonymous (1 replies)
Of course the open source community releases more patches than microsoft, the open source community releases more software than microsoft. If Microsoft releases 1000 applications in one year, and the open source community releases 100,000 applications in one year (69,673 hosted on sourceforge.net al...
[ more ] [ reply ]
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-24
Anonymous
Anonymous
I think that the reason that the article focused on Microsoft so much is that to your average user the Apple Machintosh is a small OS that they have heard about and Linux is way off in techy land. So while it is all well and good saying that the open source community releases more patches, however ...
[ more ] [ reply ]
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-24
Anonymous
Anonymous
I have to agree with the article, if M$ would do its homework, the whole exercise wouldn't be necessary. You as an obvious M$ fan should appreciate the fact that the people in the know (not you) are footing the bill to make the Internet more secure for the buggy OS you're defending right now....
[ more ] [ reply ]
[ more ] [ reply ]
You're missing the point...
2003-10-24
Anonymous (2 replies)
Anonymous (2 replies)
It's natural to focus on Windows because that's the OS that causes most of the problems. Let's just say, hypothetically, that Windows had one tenth the security holes Linux did. It would *still* cause far more problems for the Internet than any other OS! Why? Because of the sheer number of Windo...
[ more ] [ reply ]
[ more ] [ reply ]
No you are
2003-10-25
Anonymous (1 replies)
Anonymous (1 replies)
Of course focusing on MS because it's the biggest makes sense. However Granneman goes well beyond that. When he says things like:
"Because like or not, Windows ain't going away for a while. Probably not ever, totally (calm down, Linux and Mac OS X users - I'm on your side, but let's be realistic ...
[ more ] [ reply ]
"Because like or not, Windows ain't going away for a while. Probably not ever, totally (calm down, Linux and Mac OS X users - I'm on your side, but let's be realistic ...
[ more ] [ reply ]
No you are
2003-10-31
Elvinas Piliponis
Elvinas Piliponis
If user chooses something other than was preinstalled on his PC - he is at a higher level. Such user is curiuos about other chioces and he will search answers to his questions and learn.
Of course changing OS for dumb user and saying: "This is Linux use it and youl be saved..." won't help much. T...
[ more ] [ reply ]
Of course changing OS for dumb user and saying: "This is Linux use it and youl be saved..." won't help much. T...
[ more ] [ reply ]
RPC obsolete?
2003-10-27
Anonymous
Anonymous
RPC is obsolete? Pray tell what the replacement is for negotiating a port between servers and clients.
Using fixed port numbers? Sweet for services that have low port numbers assigned, and only need to run one instance per IP. However, fixed high port numbers is one of the leading causes of netw...
[ more ] [ reply ]
Using fixed port numbers? Sweet for services that have low port numbers assigned, and only need to run one instance per IP. However, fixed high port numbers is one of the leading causes of netw...
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-27
Anonymous
Anonymous
Naw, I think he made it quite clear that Linux isn't perfect either, but that the focus of his column is Microsoft. For the simple reason that most home users who don't understand security are Windows users. Not only its shipped with new PCs 99% of the time but it also has the biggest market penetra...
[ more ] [ reply ]
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-28
Anonymous
Anonymous
Actually it's bigot's like you that need to be educated - learn to READ.
1) Comparing the number of patches for a linux distro to the number of patches for a Microsoft O/S is like comparing apples to oranges. Check out http://www.gnu.org to find out what Linux really is and you'll see by that...
[ more ] [ reply ]
1) Comparing the number of patches for a linux distro to the number of patches for a Microsoft O/S is like comparing apples to oranges. Check out http://www.gnu.org to find out what Linux really is and you'll see by that...
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-23
koto
koto
Re- Who Pays
The article already told you who pays...we all do. I was sorry to see your post to this article. I, myself, have just gotten into security. I am just starting to study for my CompTIA security+ cert. This is my first trip to Security Focus, and it shows you how dumb I am as I thou...
[ more ] [ reply ]
The article already told you who pays...we all do. I was sorry to see your post to this article. I, myself, have just gotten into security. I am just starting to study for my CompTIA security+ cert. This is my first trip to Security Focus, and it shows you how dumb I am as I thou...
[ more ] [ reply ]
Maybe ISPs should take a more active role
2003-10-23
Anonymous (1 replies)
Anonymous (1 replies)
Maybe ISPs should take a more active role in educating their customers about security. After all, compromised machines cause problems on their networks. Something as simple as an email or printed newsletter to customers could be helpful. So would including firewall and antivirus software in the s...
[ more ] [ reply ]
[ more ] [ reply ]
Maybe ISPs should take a more active role
2003-10-24
Anonymous
Anonymous
This sounds awefully like the Internet Police. OR
If we bundle everything together for security reasons, we won't have anything left to take Microsoft to court over.
If you protect your PC, what is the problem?
Stupid people will not be able to access the Internet anymore, because their PC's wi...
[ more ] [ reply ]
If we bundle everything together for security reasons, we won't have anything left to take Microsoft to court over.
If you protect your PC, what is the problem?
Stupid people will not be able to access the Internet anymore, because their PC's wi...
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-23
faraonej@bellsouth.net (2 replies)
faraonej@bellsouth.net (2 replies)
I am also glad to read this article. The answer to Hellcat's question is, sooner or later we will all pay.
If anti-virus, UPS and backups are installed at many small businesses, all they have to do is install ZoneAlarm, BlackIce or Norton firewall, for free or at a nominal charge.
Many ISPs o...
[ more ] [ reply ]
If anti-virus, UPS and backups are installed at many small businesses, all they have to do is install ZoneAlarm, BlackIce or Norton firewall, for free or at a nominal charge.
Many ISPs o...
[ more ] [ reply ]
ISP roles
2003-10-24
Anonymous (2 replies)
Anonymous (2 replies)
ISPs can also help by policing their own networks. If a machine is spewing viruses, it ought to be shut down until it's cleaned up. But reporting such machines rarely gets any response from the ISP, which I assume is more worried about ticking off a customer than about the impact on the rest of th...
[ more ] [ reply ]
[ more ] [ reply ]
ISP roles
2003-10-28
Matris (1 replies)
Matris (1 replies)
I know what you mean. We have recently been recieving spam from a particular ISP. I tracked it back to them, they asked me a million questions because they don't know who I am just like all of you do not know who I am. After sending them some tcpdump statistics showing that they were sending a sp...
[ more ] [ reply ]
[ more ] [ reply ]
ISP roles
2003-11-02
z123
z123
I feel that ISP's should play no role in internet security for the average home user. Alot of you may not agree with me. But I feel that people get what they pay for. If you are paying for a commercial package for your internet then sure. Have the ISP help you out with firewalls, AV software, and ed...
[ more ] [ reply ]
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-27
chris@remove.starforge.co.uk
chris@remove.starforge.co.uk
I have ADSL from Zen Internet in the UK. While their website does have some advice on locking down machines, using virus checkers and so on the big problem I've encountered isn't that people don't "take advantage of it" - it's that they don't even *know* it is there.
Zen has contact addresses fo...
[ more ] [ reply ]
Zen has contact addresses fo...
[ more ] [ reply ]
The altruism here is inspiring...
2003-10-23
Anonymous (1 replies)
Anonymous (1 replies)
The altruism here is inspiring. I?m glad we have a group of highly paid security folks willing to give their time and money away for free. Just don?t go into business for yourself. And while it warms my heart to see everyone rally behind network security, the point of the article has been missed?...
[ more ] [ reply ]
[ more ] [ reply ]
The altruism here is inspiring...
2003-10-24
Wayne Fielder
Wayne Fielder
True enough...the vast majority of folks out there have no clue what "secured computing" means. I would wager that they cannot explain the differences between security and privacy.
I appreciate the notion of teaching people to fish but if they don't know they're hungry they won't pay attention...
[ more ] [ reply ]
I appreciate the notion of teaching people to fish but if they don't know they're hungry they won't pay attention...
[ more ] [ reply ]
'3 steps to protect your pc' SIC
2003-10-23
Anonymous (1 replies)
Anonymous (1 replies)
Easy,
shrike-i386-disc1.iso
shrike-i386-disc2.iso
shrike-i386-disc3.iso
Works fine, kids love it, won't get rooted, it's free...
If only everything was this easy!...
[ more ] [ reply ]
shrike-i386-disc1.iso
shrike-i386-disc2.iso
shrike-i386-disc3.iso
Works fine, kids love it, won't get rooted, it's free...
If only everything was this easy!...
[ more ] [ reply ]
'3 steps to protect your pc' SIC
2003-10-27
Anonymous
Anonymous
On the contrary ... using something like RedHat is a guarenteed "r00ting". Use something that's a tad more secure out of the box (at least) ...
This comment just proves that people are ignorant about what having "security" takes. If you install something like RedHat, you're just furthering the ...
[ more ] [ reply ]
This comment just proves that people are ignorant about what having "security" takes. If you install something like RedHat, you're just furthering the ...
[ more ] [ reply ]
Wait, are we sure this is real?
2003-10-23
Ace-2-Grind
Ace-2-Grind
I can't believe this was actually written. This is the most logical, TRUE, in-your-face article I have seen in a LONG time. It didn't sugar coat anything, didn't kiss anybody's butt, and certainly didn't cater to anyone (accept his own resume.. haha)
Bravo on a well pointed, well thought out, a...
[ more ] [ reply ]
Bravo on a well pointed, well thought out, a...
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-24
Damon McMahon <inst_karma@hotmail.com>
Damon McMahon <inst_karma@hotmail.com>
I have a 'security' mailing list to which I send Microsoft patch details [since they mostly use the Windows/IE/Office combination]. Here's a sample:
* * *
Subject: Fix for critical flaw in (Windows) Internet Explorer
Greetings,
Microsoft have released a fixed for a critical flaw in t...
[ more ] [ reply ]
* * *
Subject: Fix for critical flaw in (Windows) Internet Explorer
Greetings,
Microsoft have released a fixed for a critical flaw in t...
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-24
Anonymous
Anonymous
ISPs are not any better at security than MS. SWBell (my ISP) recently sent me an email saying that they would suspend my account for 'potential spamming' and spreading viruses. I run ZoneAlarm and Norton so I contacted them about this allegation. I was concerned. I found out that they had no evi...
[ more ] [ reply ]
[ more ] [ reply ]
Simple and straightforward.....
2003-10-24
Dennis Jugan
Dennis Jugan
Well done!
For additional value added service:
Consider maintaining an up-to-date record of each client's audit of all hardware and software currently in use in their shop.
You can benefit as a businessperson by developing a relationship and keeping in touch. The benefits to your clients are...
[ more ] [ reply ]
For additional value added service:
Consider maintaining an up-to-date record of each client's audit of all hardware and software currently in use in their shop.
You can benefit as a businessperson by developing a relationship and keeping in touch. The benefits to your clients are...
[ more ] [ reply ]
This could of been a decent article....
2003-10-25
Anonymous (1 replies)
Anonymous (1 replies)
Let's face it, the idea that "Joe average" doesn't know squat about computer security is hardly original. Heck, just read the comments from Granneman's previous column.
However, instead of sticking with that premise Granneman decided to go on yet another anti-MS tirade. Basically the article boil...
[ more ] [ reply ]
However, instead of sticking with that premise Granneman decided to go on yet another anti-MS tirade. Basically the article boil...
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-25
Chuck M.
Chuck M.
Although still young in the ways of the internet, computers, and all of today's technology, I feel this article to be "right-on" as far as the "geeks to the rescue" are concerned. Having taken typing class some 25+ years ago, and JUST taken it as an elective course, knowing I would probably NEVER us...
[ more ] [ reply ]
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-28
Home and Small Business Altruist
Home and Small Business Altruist
Kudos on the article.
Yes, we'll never make money at it (helping Joe User), but that's why we keep our day jobs, and thus have the resources there to keep learning.
EDUCATION is key, no matter how you slice it.
In my experience, Joe User is simply unaware.
Community awareness sessions at your lo...
[ more ] [ reply ]
Yes, we'll never make money at it (helping Joe User), but that's why we keep our day jobs, and thus have the resources there to keep learning.
EDUCATION is key, no matter how you slice it.
In my experience, Joe User is simply unaware.
Community awareness sessions at your lo...
[ more ] [ reply ]
It's not just Joe Average
2003-10-28
Anonymous
Anonymous
I've found that IT professionals (I'm talking non-security pros) are as bad as the general public and these people should know better.
What it basically boils down to is that people either do not believe it will happen to them or they justify it by saying that if someone wants to get your informa...
[ more ] [ reply ]
What it basically boils down to is that people either do not believe it will happen to them or they justify it by saying that if someone wants to get your informa...
[ more ] [ reply ]
Joe Average User Is In Trouble
2003-10-28
Chris Nehren (apeiron@comcast.net)
Chris Nehren (apeiron@comcast.net)
Personally, I don't think the problem is educating users. The problem is convincing bullheaded users who are too stuck in their ways to ever change anything and who don't _want_ to learn the right (or at least, a better) way to do things. I have many relatives and acquaintances whom this describes p...
[ more ] [ reply ]
[ more ] [ reply ]
Joe Average User Has Better Things to Do
2003-10-28
LelandGaunt
LelandGaunt
Than worry about MS security each and every day. That's what we have software engineers and systems administrators for. When an 18 year old kid (Parsons)can write a worm and make all of MS look ridiculous, even though the kid in question is dumb enough to lead the Feds right back to his own website,...
[ more ] [ reply ]
[ more ] [ reply ]
The problem is human nature
2003-10-29
blacklight
blacklight
Humans don't like discipline, and some necessary, recurring security activities don't loook like just discipline but B&D. Humans drink and drive, sign contracts without bothering to read them, ingest controlled substances and get themselves shot with their own guns.
The lack of attention to secu...
[ more ] [ reply ]
The lack of attention to secu...
[ more ] [ reply ]
ISP roles and IS pro roles
2003-10-30
gshollingsworth
gshollingsworth
ISP's serving consumers and small business should take on the same role as a corporate network department. At my company insecure protocols are blocked between the 'net and the LAN by the networking department. Egress filtering is in effect. They also block spam by a number of methods. Compromised s...
[ more ] [ reply ]
[ more ] [ reply ]
slowing of the internet
2003-11-03
Anonymous
Anonymous
I think the internet slows down just as much or more every time microsoft deploys one of its massive security patches through windows update as it does when the latest worm, trojan or virus sweeps the globe. So there is a multiplier to the slowdown effect that follows later...a second wave that is t...
[ more ] [ reply ]
[ more ] [ reply ]
And in the small biz market it?s impossible to kn...
[ more ] [ reply ]