No, you're with normal. Several examples in this very threadOriginally Posted by Ronaan
"Silver bullet solutions are rare, silver bullet sales commonplace"
People are dumb. Hell they call cable tech support because their monitor says "No Signal" they are too dumb to know that the power failure kind of made their computer shut off and that they have to turn it on again when the wires get fixed and the power comes back on.
Today we sail
On the Solar Rail
For there's much we just don't know
So farewell with a kiss
Then it's fast for the mist
Till we're sleeping in the cold below
I just talked to a tech guy who, in the presence of his customer stated out loud, "I don't believe in anti-virus and don't think workstations should have it."
That reminds me of the guy who - against corporate policy - sticks his usb drive into my network, virus scanner lights up like a fucking christmas tree, plus the music he has on it is of questionable origin.
Fails to see the problem too, continues doing it. Has managed to kill two usb ports on our presentation notebook. Didn't notice. He also didn't notice that he had the plugs upside down.
He's been here for 25++ years so no way to have him sanctioned really. Time is on my side though.
Guy tries to plug a USB flash drive into a notebook computer's USB port, it's upside-down, so it doesn't go in easily. So what does he do? Does he back out and re-aim? No, he drives harder inwards, against the resistance, finally breaking through, destroying the usefulness of the USB port forever.
Ladies, do not EVER have sex with this man!
....
I'm just going to leave this here
George.jpg
"With your shield, or on it"
Pretty sure that is the working theory.
Has three daughters, heh.
This same guy has a notebook with 2 rows of dead pixels, each 10 px or so high, and a non-working optical drive that just slips out of its bay.
I refused to buy a new one for him because computers have feelings too, but with windows xp getting no support soon I had to. His desktop + notebook get replaced by a notebook + docking station.
The exchange is on monday and I might just call in sick, developing a cold.
You should be in - make sure that the newly delivered laptop has the USB ports disabled.
Just because they won't technically work doesn't mean the user wouldn't try jamming shit in there to try it.
Have a Stinkpad Craptop in the office that's older than fossilized shit - was an original XP system - which has one bent USB port and one with no contacts inside. Someone tried to jam the connector from a USB mouse because it wasn't working and he didn't hear the beep, so he kept jamming harder thinking it wasn't making contact.
Well, it wasn't.
Don't they sell plastic plugs to fill in an unused USB port? Pre-empt this mofo!
I'm the one doing the delivering so.... it's safe for now.
Re: those plugs - I plugged our new media notebook up good with those, added a usb hub for convenience, now they think I'm doing them a favor :-p
That's becoming more and more popular as the antivirus model of "detection by heuristics" becomes less and less effective.
Why pay a yearly licensing fee for something that doesn't do squat?
It's far safer to ensure users have NO local admin rights under any circumstances (psexec shortcuts for shitty apps that require it to run), use an external spam filter to strip things like executables or scripts inside of zip files from e-mail attachments (MX Logic, Securence, Postini, MailMax etc), set your group policy so that nothing can run inside of AppData unless it's specifically whitelisted by executable name, filter everything through a web proxy server that blocks all websites you don't specifically allow (best practice) or at least blocks common known vector sites, setting up your connection so your e-mail server uses one external IP and your internet traffic flows through another one, block all inbound and outbound ports that aren't 100% ACTUALLY necessary, etc, etc, etc.
The latest batch of viruses is already completely done doing damage by the time ANY modern antivirus can detect it.
Alternately, put everyone on locked down thin clients with citrix or terminal services, with a FULL LOCKDOWN POLICY IN PLACE so that the users can't do anything but work.
It's rapidly coming to the point that the loss of data and productivity from the newest batch of cryptolocker infections is causing the higher-ups to see beyond employee complaints and start looking towards actual security.
For copyright purposes, all of my posts are covered under the "Do What The Fuck You Want To Public License"
http://sam.zoy.org/wtfpl/
Noone should sue or be sued ambiguously.
I have to agree, it seems the way to stop the bad now is policy, security and for people who have the knowledge they do not need policy they practice safe hex.. Firefox+adblock alone does amazing things let alone when you toss in noscript.
Downside is a lot of companies are bound by the balls to IE and worse than that its IE6
Today we sail
On the Solar Rail
For there's much we just don't know
So farewell with a kiss
Then it's fast for the mist
Till we're sleeping in the cold below
The latter portion of your comment is incorrect.
http://www.modern.ie/en-us/ie6countdown
Aside from that, being bound to IE is not an entirely bad thing aside from the fact that new IE versions break legacy software and often re-work their plugin compatibility and UI, which causes no end of end-user headache.
It is, however, very difficult to push a group policy object that enforces proxy server settings to firefox or plain chrome. (You can do it with Chrome for Business, which respects AD Group Policy, though)
Companies are bound by the balls to IE because (and I risk sounding like Jonas here) it's the most efficient way to tie in the infrastructure because it's a microsoft product that's made to work with other microsoft (read: domain controller and programming languages for windows boxes) products.
I always love it when people say how inherently awesome and secure chrome is because it makes me laugh.
One of my coworkers had to yank the hard drive out of his girlfriend's PC so he could copy the relevant data onto a new one he already had with a new OS (busted laptop screen) and since he had to copy her data over, on a lark, he replaced his own chrome profile with hers.
BLAM!
Instant access (even though the session had been stale for days) to her facebook, her gmail, pretty much anything she had visited WITHOUT SAVED PASSWORDS.
Chrome apparently keeps session state alive for some sites via flat file data.
Oh, and then there's stuff like this that makes me laugh harder when people say they're secure because they use (insert browser here):
http://www.securityfocus.com/bid/63729
Software can't protect us.
Software is the attack vector.
Fixing bad computer behaviour in all computer users is the only solution.
For copyright purposes, all of my posts are covered under the "Do What The Fuck You Want To Public License"
http://sam.zoy.org/wtfpl/
Noone should sue or be sued ambiguously.
Good luck.
</96hours kidnapper voice>
So your example of Chrome being insecure involves someone having physical access to someone's hd? ... huh?
------------------------------------------
I *AM* the Chinpokomon master!
Yes, because noone ever in the history of anything has ever been able to gain access to the files on someone's hard drive remotely.
For copyright purposes, all of my posts are covered under the "Do What The Fuck You Want To Public License"
http://sam.zoy.org/wtfpl/
Noone should sue or be sued ambiguously.
Yes, but how does that make Chrome insecure? If someone has access to your drive that's pretty much game over you lose as far as security goes. It also has nothing to do with whether a browser is secure for browsing websites.
------------------------------------------
I *AM* the Chinpokomon master!
Wednesday drive-by stupid:
"what do you mean by the username can't be blank?"
Posting Permissions
Reply With Quote
