[AntiVirus + Ubuntu] was - Re: And another Ubuntu convert!
magick.crow at gmail.com
Thu Jan 22 14:30:40 UTC 2009
On Thu, Jan 22, 2009 at 3:23 PM, Brian McKee <brian.mckee at gmail.com> wrote:
> On Wed, Jan 21, 2009 at 11:50 PM, NoOp <glgxg at sbcglobal.net> wrote:
> Hey NoOp,
> I promised I wouldn't comment on the last thread but you started a new
> one, so... :-)
> Let me put it this way.
> 1 - There is no such thing as a completely secure system.
> 2 - Computer security is process, not a destination.
> 2.1 - Determine acceptable risk level (e.g. does this control
> nuculear warheads? or is it a throwaway VM?)
> 2.2 - Determine risk level of each part of the system (is gedit more
> likely to cause security issues than Firefox?)
> 2.3 - Apply effort in the areas that will most likely to reduce risk.
> Lather, rinse, repeat until level is below that determined in 2.1
> 2.4 - Return to 2.1 - things change constantly
> The system in question was an out of the box desktop in the hands of
> an inexperienced user with a few typical internet apps added. In my
> mind and the the mind of the OP, installing an AV product *ON THAT
> SYSTEM* would be wasting the time of the user and the installer. If
> the acceptable risk level was too high for the user or installer,
> they'd get a lot better return of security for time spent by working
> on user training and automating system updates.
> Does this more formal statement make any more sense to you? I liked
> the asteroid shield comment better :-)
In someways you have this backwards. Noobs are the perfect targets for
Douglas E Knapp
Amazon Gift Cards; let them choose!!
More information about the ubuntu-users