First: I think it would be appropriate that you grew up and learned a decent language, I have a hard time understanding your need to explicitly attempt to offend people.

Secondly: I believe that you are confusing the word incompetent with lack of resources. Faculty IT-staff are actually usually quite competent while not security experts.

Finally, that tool is actually a brilliant, although not a silver bullet, obviously relying on such a system alone will not solve your problems. Whenever you have a compromise the first thing you want to do is to isolate it and prevent spread. Being able to identify such hosts and isolate them automatically buys IT-staff time.

Let me give you a real life story - yet another - a medium-big corp with more than 1000 employees was laid down a whole day because a traveling employee had disabled the virus scanner on his laptop while in Russia visiting a client. How much does that cost? 1000 employees unable to work a day is not cheap.

Educating the users is not enough - if he is clever enough to disable the virus scanner he should also be clever enough to now basic security.

Back to the faculty example: In particular when dealing with peoples personal pc's you have no right to install software. You cannot go in and actively set the privileges and security settins. Further with the myriad of systems it would be an imposible task for university IT-staff to support all such systems, and keep up when students reinstall their system, ensure that they apply patches etc.

All you can do is block access for those who abuse the connection or pose a threat to other connected units, educating the users is not so much about educating home security experts as giving the IT-staff the ability to say, "don't say we didn't warn you" and cut connection.

Reading your replys I can only conclude that you are among those who are regularly being cutoff because of network abuse. (assuming you're the same Anonymous as previous post).

If you really are so clever it should be easy for you to give some constructive critics about why this won't work, instead of calling people idiots.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/267/28502#28502