[AntiVirus + Ubuntu] was - Re: And another Ubuntu convert!
Knapp
magick.crow at gmail.com
Thu Jan 22 14:30:40 UTC 2009
On Thu, Jan 22, 2009 at 3:23 PM, Brian McKee <brian.mckee at gmail.com> wrote:
> On Wed, Jan 21, 2009 at 11:50 PM, NoOp <glgxg at sbcglobal.net> wrote:
>
> Hey NoOp,
>
> I promised I wouldn't comment on the last thread but you started a new
> one, so... :-)
>
> Let me put it this way.
>
> 1 - There is no such thing as a completely secure system.
>
> 2 - Computer security is process, not a destination.
>
> 2.1 - Determine acceptable risk level (e.g. does this control
> nuculear warheads? or is it a throwaway VM?)
>
> 2.2 - Determine risk level of each part of the system (is gedit more
> likely to cause security issues than Firefox?)
>
> 2.3 - Apply effort in the areas that will most likely to reduce risk.
> Lather, rinse, repeat until level is below that determined in 2.1
>
> 2.4 - Return to 2.1 - things change constantly
>
> The system in question was an out of the box desktop in the hands of
> an inexperienced user with a few typical internet apps added. In my
> mind and the the mind of the OP, installing an AV product *ON THAT
> SYSTEM* would be wasting the time of the user and the installer. If
> the acceptable risk level was too high for the user or installer,
> they'd get a lot better return of security for time spent by working
> on user training and automating system updates.
>
> Does this more formal statement make any more sense to you? I liked
> the asteroid shield comment better :-)
>
> Brian
In someways you have this backwards. Noobs are the perfect targets for
these criminals.
--
Douglas E Knapp
Amazon Gift Cards; let them choose!!
http://www.amazon.com/gp/product/B001078FFE?ie=UTF8&tag=seattlebujinkand&linkCode=as2&camp=1789&creative=9325&creativeASIN=B001078FFE
More information about the ubuntu-users
mailing list