I use a similar criminality theme when describing updates and antivirus to the lovely home users I have to deal with.
Antivirus is like a burglar alarm, but installing updates is like locking your doors and windows. AV will alert you to the intruder, but without the updates, the intruders will just come back again. On 11 October 2011 12:35, Erik Goldoff <[email protected]> wrote: > I wonder why something like Sandboxie is not included as standard issue ( I > know, if it was widespread, it would be attacked too) ... > > and for the layperson, I liken the definition update requirement like > updating a mugshot book. You cannot catch all the current criminals if your > mugshot book doesn't include their 'picture' ... I see the lightbulb come on > for many with that analogy. > > On Tue, Oct 11, 2011 at 7:32 AM, Alan Davies <[email protected]>wrote: > >> Exactly - the "average" user runs a browser with Java and Adobe plugins. >> This gives a much greater scope for exploitation than any subtle >> differences between browsers. I'd worry far less about what browser they >> run, and far more about their user privs and ability to keep all of their >> software up to date. IE's smartfilter (is that what it's called? Can't >> remember!) blocks a lot of bad stuff and it's a great addition to the >> browser. I'm glad that it exists and the malicious software removal tool, >> etc. since there are so many users out there who never renew that 3 month >> free trial of AV that came from the OEM! >> >> >> a >> >> -----Original Message----- >> From: Kurt Buff [mailto:[email protected]] >> Sent: 11 October 2011 05:36 >> To: NT System Admin Issues >> Subject: Re: AV and malware protection? >> >> On Mon, Oct 10, 2011 at 21:01, Ben Scott <[email protected]> wrote: >> <snip> >> > Now, >> > I regard ActiveX as a really bad idea to begin with -- allowing a web >> > page to push binary executables to my PC is *not* a good idea, IMO, >> >> Java, too. >> >> > and I think history would support me on this one -- but if you're >> > going to allow it, you need something a bit better than just requiring >> > a bit of crypto thrown at it. More reasonable would be denying >> > install to anything but Trusted Sites. If the user can't type the >> > site name that's a fair bet they shouldn't be installing it, one way >> > or the other. There are a number of other things, too, such as the >> > ability to run an EXE from the web in two clicks, or allowing scripts >> > to manipulate the browser window (Firefox does that too, I might add). >> >> Allowing anything running in a browser to write to disk or touch other >> running programs or other hardware is poor design, IMHO. >> >> But I'm a paranoid freak, and don't like computers, so what do I know... >> >> Kurt >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < >> http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> >> >> ************************************************************************************ >> WARNING: >> The information in this email and any attachments is confidential and may >> be legally privileged. >> >> If you are not the named addressee, you must not use, copy or disclose >> this email (including any attachments) or the information in it save to the >> named addressee nor take any action in reliance on it. If you receive this >> email or any attachments in error, please notify the sender immediately and >> then delete the same and any copies. >> >> "CLS Services Ltd × Registered in England No 4132704 × Registered Office: >> Exchange Tower × One Harbour Exchange Square × London E14 9GE" >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ****** IMPORTANT INFORMATION/DISCLAIMER ***** This document should be read only by those persons to whom it is addressed. If you have received this message it was obviously addressed to you and therefore you can read it, even it we didn't mean to send it to you. However, if the contents of this email make no sense whatsoever then you probably were not the intended recipient, or, alternatively, you are a mindless cretin; either way, you should immediately kill yourself and destroy your computer (not necessarily in that order). Once you have taken this action, please contact us.. no, sorry, you can't use your computer, because you just destroyed it, and possibly also committed suicide afterwards, but I am starting to digress...... * * The originator of this email is not liable for the transmission of the information contained in this communication. Or are they? Either way it's a pretty dull legal query and frankly one I'm not going to dwell on. But should you have nothing better to do, please feel free to ruminate on it, and please pass on any concrete conclusions should you find them. However, if you pass them on via email, be sure to include a disclaimer regarding liability for transmission. * * In the event that the originator did not send this email to you, then please return it to us and attach a scanned-in picture of your mother's brother's wife wearing nothing but a kangaroo suit, and we will immediately refund you exactly half of what you paid for the can of Whiskas you bought when you went to Pets** ** At Home yesterday. * * We take no responsibility for non-receipt of this email because we are running Exchange 5.5 and everyone knows how glitchy that can be. In the event that you do get this message then please note that we take no responsibility for that either. Nor will we accept any liability, tacit or implied, for any damage you may or may not incur as a result of receiving, or not, as the case may be, from time to time, notwithstanding all liabilities implied or otherwise, ummm, hell, where was I...umm, no matter what happens, it is NOT, and NEVER WILL BE, OUR FAULT! * * The comments and opinions expressed herein are my own and NOT those of my employer, who, if he knew I was sending emails and surfing the seamier side of the Internet, would cut off my manhood and feed it to me for afternoon tea. * ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
