 |
 |
Testing... |
 |
|
|
Main Menu |
|
|
|
Topics |
|
|
|
Voice Over IP |
|
|
|
Last 10 Articles... |
|
|
|
Search this site |
|
|
| |
|
This blog is no longer updated.
Since I own the domain name for a couple more years, and the hosting was paid-in-advance, it's still here. But I've moved on to Hawaii, and no longer have the need to publish all the sorts of neat stuff that made up the contents of this website.
If you've linked to me, you are invited to unlink, as your readers will no longer be presented with new content. Thanks, Steve
AOL (and all Internet) Users: Education first
Wednesday, December 29, 2004 : Stephen D. Carroll, rokus.net
|
|
Tom Liston, SANS' ISC handler on duty, writes in the Daily Diary (scroll down to "Up on My Soapbox"):
Every time I see one of the current spate of AOL television ads portraying their customers as clueless morons I want to scream. It’s not that I have some sort of deep-seated respect for the intelligence of AOL users, but rather, these ads represent, far too well, the current industry mindset, which treats computers as home appliances.
"Don’t worry about viruses and spyware," AOL explains, "we’ll take care of that for you... Plug it in, turn it on, and disengage your brain..."
Pay attention, you’re about to read something vitally important: COMPUTERS ARE NOT APPLIANCES. THEY ARE TOOLS. Tools require that their user be skilled. Tools require education and training to use. Tools require a level of involvement beyond that of an appliance because "tool use" carries with it an inherent danger.
And yet, over the past decade, the computer industry has deliberately ignored the nature of its product. It has attempted to grind off the sharp edges, to put padding on the corners, and to make a "consumer safe" appliance from these inherently dangerous tools.
The current state of security on the Internet is simply reaping the seeds we have sown.
Indeed.
I went home for Thanksgiving, and was amazed that my father, Unix Guru Extraordinaire since I was a wee lad, didn't have XP SP2 (yet), his antivirus definitions were almost a year old, there was no firewall nor spyware-fixer installed, and he hadn't locked down the box.
I was unprepared - my fix-it CD's were at home, and I spent more time than necessary downloading and installing stuff.
Lesson learned: a guy that can singlehandedly manage a huge datacenter with one eye closed needed a XP 101 crash course (no pun intended).
Another series of posts to follow about XP 101, but for starters, read Robert Scoble's 14 point article on The layers of security I use to keep criminals at bay. Excerpt:
Let's get out of the computer world. Let's talk about heirloom jewelry. My wife, Maryam, has a bit of jewelry. Does she store it here in the house? No. Why not? It's not secure enough. Where does she store it? In a safe deposit box in a bank. Let's talk about a bank's security and how many layers it has.
Explaining IT stuff using metaphors like "heirloom jewelry" is immediately grasped by non-tech folks. More to follow.
And if you think you've got nothing on your machine worth protecting - "I just surf the internet" - you might be surprised what an unprotected box is worth to the dark side of the 'net.
Update 2005.03.20: Changed link for locking down XP from DISA [.mil/.gov users only] to NSA [open to all].
|
|
Permalink | Mail this...
|
|
| AOL (and all Internet) Users: Education first | Login/Create an account | 0 Comments |
|
| | Comments are owned by the poster. We aren't responsible for their content. |
| |
|
|
|
