On 2008-03-18 Mike Moratz-Coppins wrote: > I should point out one factor which I think makes a large difference > in the approach that one might take in encountering a security issue - > the vast majority of my customers are home users who just casually use > their machine.
You do realize that significant amounts of spam are deployed through zombified computers of exactly these "home users who just casually use their machine", don't you? [...] >> 2) Jon's point about reliability here is very key to the discussion. >> It is COMPLETELY irresponsible to warrant to a customer that you can >> certify a system safe after it has been infected with any manner of >> control-compromising code that has gone undetected/untreated for a >> period of time. > > Do you see this as applying in a joe average home user scenario? Even if he doesn't, I do. Unless you can determine without any doubt when and how the machine was compromised, and what exactly was altered afterwards, the only resonable and responsible way to deal with the problem is to backup the data and reinstall the machine. Period. http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
