You do that. Do you enforce that down to your users? All of that? What is an untrusted source?
On Wed, Apr 17, 2013 at 4:42 PM, Kurt Buff <[email protected]> wrote: > On Wed, Apr 17, 2013 at 1:19 PM, Jonathan Link <[email protected]> > wrote: > > On Wed, Apr 17, 2013 at 4:07 PM, Kurt Buff <[email protected]> wrote: > >> > >> On Wed, Apr 17, 2013 at 12:27 PM, Ben Scott <[email protected]> > wrote: > >> > On Wed, Apr 17, 2013 at 2:43 PM, Michael B. Smith > >> > <[email protected]> wrote: > >> >> IOW: Security is for the MANAGEMENT of risk and MITIGATION of same. > For > >> >> real > >> >> world systems, and usage of them, there is no such thing as perfect > >> >> security. > >> > > >> > That's true, too, but the point Munroe is trying to make is that a > >> > lot of people lose track of the forest for the trees. They get so > >> > caught up in protecting the computer that they forget why they're > >> > protecting it. > >> > >> If that's the case, then he didn't make his point at all clear. > > > > It was pretty clear to me, and coincidentally (or not!) his image looks > like > > a tree. Nevermind the fact that most professionals are saying don't run > as > > admin. OK, so they're not. Does that mean they are protected? > Protected > > from what? Not getting a more pervasive infection, sure. But malware > > writers are dropping the .exe's in userland and doing stuff with the data > > they access. How do you protect that data, when the person who's been > > infected, is the person who needs access to the data? > > > > Thought it was pretty clear, to be honest. > > Apparently I'm dense, then. > > I protect all of my accounts, privileged or not, in the same ways, and > have been doing so for so long that it's completely natural to me. It > just feels unnatural not to do so. > > No running executables from untrusted sources, turn off scripting in > my browsers, view all email as plain text, no remembering/caching of > passwords in browsers, using a unique password per web site and per > other accounts, regular clearing of cookies, no linking of accounts > between web sites, running current AV, no browsing with elevated > accounts, laptops have full disk encryption, etc., etc., etc. > > Kurt > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
