>>>>> "Ken" == Ken MacLeod <[EMAIL PROTECTED]> writes:
Ken> I generally agree with the content of this article (policy and
Ken> education), but it is amazingly hypocritical and potentially
Ken> damaging.
Thanks for your consideration of the article. I think you might be a
bit harsh in your assessment. For example,
Ken> The introduction to this article lambasts "experts" who jump
Ken> first to firewalls and anti-virus software as part of a
Ken> solution, then turns right around and provides "expert" opinion
Ken> that policy and education are The Only Solution.
When the article itself actually states
Apparently everyone is looking for a solution to the problem of
rogue software. When asked how to defend against such attacks, some
``experts'' will immediately jump into a discussion of firewalls,
intrusion detection systems, and anti-virus software. Commonly,
you'll also hear the word ``vigilance'' thrown in there someplace.
Observe that it states "some `experts'". In the conclusion, you'll
note that The Only Solution includes tools (including anti-virus
software) that will assist people. Herein is the real point:
technology can help, but it's not the solution. Too many people think
of technology as the solution.
How many times do we see things like:
Q: How do I keep bad guys out of my network?
A: Get a firewall?
Q: How do I keep my system from getting hit with malware?
A: Use anti-virus software.
These are excessively simplistic views because they overlook the whole
issue of policy, which is the articulation of the organization's
acceptable level of risk. Education is also critical because systems
trust their users. If people don't know better, they'll be fooled
into doing something stupid, i.e., falling victim to the "Linux
version" of ILOVEYOU:
find / -name "*.mp3" -type f -exec rm -f {} \;
Ken> This article can harm sites with less experienced security
Ken> people by leading them to believe that security is focused only
Ken> on certain areas when in fact it covers a broad spectrum.
I'd like very much to see how exactly this is the case. A call to
stop thinking about anti-virus software, firewalls, etc. for a moment
and to think about education and policy is certain to _broaden_ the
viewpoint of the reader, not to narrow it.
--
Matt Curtin [EMAIL PROTECTED] http://www.interhack.net/people/cmcurtin/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
