>What certificates are you going to tell your browser to accept?
And what plugins do you accept? Same issue (for me at least)...
>The point is that properly signed controls from trusted sources can be
>used for evil purposes.
I imagine that people will figure out a way to use plugins for evil too.
They've already released Word macros for evil purposes. There's no way
I'm going to stop people from using Word... And if it can be done with
Word, I imagine it can be done with just about any macro language - I
remember showing people how to watch for (and write!) macros in Word
Perfect that could do bad things. I showed them how to write and edit
the macros so that they could recognize when someone gave them one that
was dangerous. Comes back to that user knowledge thing again. I do my
best to educate my users, because I know that there is no way *I*
personally can watch everything. If I block activex at a firewall, well,
someone will send an attachment in email. If I block attachments, then
they'll use floppies. If I tell them no floppies, then they'll just
sneak around behind my back!
I used to work in a mainframe environment where the priesthood had TOTAL
control. That didn't last because everyone wanted their own computers.
The priesthood tried to dictate what could and couldn't be done with those
computers, but do you think that mattered to the user that had the latest
game or the latest After Dark plugin? After a while, you just have to
tell people what may happen to them if they use "unauthorized" software
and do your best to contain any possible resultant damage.
>>Isn't the bigger issue really about user knowledge though?
>But they're not deciding "for themselves", they're making decisions
>which could have disastrous effects for the entire organization.
Well, I don't know about where you are, but if some piece of software
comes in and trashes one of my user's personal computers, I don't think
("wishful thinking?" he asks, pulling his head out of the sand...) ;-)
that it will have much impact on any of the other computers in my
organization. Maybe I'm lucky in the sense that I don't have any data
("corporate secrets") that have to be protected... (I don't think
anyone would steal precipitation data off of my computer, especially
when they can get it from a web page...! Heck if they want it, I'll
even hand it to them, compressed and uuencoded!)
>That's where firewalls come in, no? (Check the name of the mailing
>list you're using here.)
Yes, I believe in firewalls. Call me a UNIX bigot, but I only try to
protect my workstations from harm. I don't (and can't!) control all
software on people's personal computers. I do my best to keep them
all compartmentalized, so that problems on one don't propagate to any
others. I don't use NFS or CAP or Samba, so I know that my users
aren't leaving stuff on my servers. I don't run web browsers on my
Unix boxes (Can't get either Netscape OR Explorer for a Data General
anyway!), so I'm not concerned about some web page taking down a server,
and even if someone logged in and loaded something up in their home
directory, it wouldn't affect the rest of the system. Unix and WinNT
are great for "compartmentalizing" damage. Win95 and MacOS aren't
designed to be "robust, secure" OS's... They are great for surfing
and word processing, etc, and it has no real impact upon the whole
organization if one of them succumbs to a virus, a bad web page, or
even a brain fart. Of course, it IS a tremendous pain to the owner
of that box!
At home, my personal answer is to keep all of my working files on Zip
disks, so only the operating system and the programs I use are on the
hard disk. I don't keep the Zip disk mounted when I surf, so even if
I did run into a bad web page, I wouldn't lose my data. (I'm ordering
all new computers with Zips, and I show people how to copy their work
to them and I suggest that they do that at the end of the day, and
after any significant editing...) It isn't that hard to load things
back up from CD, although I haven't (fingers crossed!) had to worry
about it yet.
>How big is your user community? Thousands spread across 6 continents?
Well, I do work for the US Government... ;-)
>And you trust each and *every* one of them to possess a) the evolving
>technical knowledge, b) the skills, c) the foresight, d) the interest,
>and e) the initiative to protect the corporate jewels before
>downloading the lastest control/applet/browser/protocol-of-the-month?
f) None of the above! ;-)
Actually, I don't usually let them play with Netscape or IE. I put
Mosaic or Lynx up for general use. I figure that those who can figure
it out will get Netscape anyway, and why stop them? I have an internal
web page that I use to provide my users with enough information to
protect themselves. I give them some general info in the beginning
when they get their connections, and periodically I send out email
talking about potential threats. Some listen, some don't. That is
out of my hands. Seems to be a prudent level of action...
System and Network Administrator
US Geological Survey, Tucson, AZ Project Office
According to proposed Federal guidelines, this message is a "non-record".
Hmm, I wonder if _everything_ I say is a "non-record"...?