[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

RE: SOAP, plague, love

  • From: Eldar Musayev <eldarm@m...>
  • To: xml-dev@x...
  • Date: Mon, 8 May 2000 10:07:10 -0700

paranoia plague

Ken,

 > -----Original Message-----
 > From: Ken MacLeod [mailto:ken@b...]
 > Sent: Saturday, May 06, 2000 7:30 AM

In fact I agree with a lot of what you said. Like:

 > > The latest worm is not about firewalls, but about human stupidity,
 > Good firewalls can filter out those.  What a firewall can filter out,

First, that's not exactly firewalls, that's intelligent mail gateways.
And yes, they must filter it out. And I completely agree with you
that vbs and js attachments in corporate environments should be just
filtered out at all. In some cases ANY executable attachment should be
filtered,
because if you really need to transfer executable, you probably can zip it,
which also gives a victim (sorry, recipient) another chance to think, if 
he really wants to execute it.

But when I talk about human stupidity, the problem stays. The person
who runs unknown content from attachment can as easy download it from 
Internet or bring it on a floppy from home. Security holes are inevitable 
as long as there is human factor and useful function.

Continuing my autoindustry analogy, we cannot make highways safe
just by perfecting a car, we have to have traffic rules for that.
One of them on Internet is "Don't run unknown content", and a lot
of people would get the ticket last week.

 > > It may be good to be paranoid, when you are security admin and you
 > > have IT director or CEO nearby to kick you, if your paranoia starts
 > > to cost business, but it's certainly not good to share it with the
 > > whole world.
 > 
 > When it comes to a choice between known stronger Internet models and
 > known weaker Internet models, of course an admin, the IT 
 > director, and
 > CEO will go for the known stronger one.  But you're saying that if
 > something is known to be weak, but it's the most popular application
 > (Word, VBS), it's OK?

No, I am not. See:
 > > It may be good to be paranoid, when you are security admin and you

I agree, that it's a good idea to chop incoming executable content.

What I am saying is that:
 > > it's certainly not good to share it [paranoia] with the
 > > whole world.

When policeman in Texas thinks you look like a known criminal
he jumps out of car with a gun aimed at your head and say you to put 
hands on a wheel. Well, not nice, but it's probably his job.
But it's hardly appropriate for a journalist to propose that everybody 
should act like this. That's true for the work of a system admin as well.

 > Our local gas/electric utility's customer service locations were shut
 > down for this latest worm.  A policy of "we won't let in VBS or EXEs"
 > would be a good choice. Considering Word virii, a policy of "no Word
 > docs until Microsoft gives us a clear way of filtering macros" would
 > be good too. It's unfortunate Microsoft doesn't consider that an
 > issue.

I don't know about the last thing, I work for XML group, but as 
a former security expert with a good experience in this field, I can only
praise the measures you took. Yes, no executable content in attachments
is quite reasonable for corporate environments. I wonder why it did not 
become a common practice a long time ago.
But this does not argue with my point of view.

Best regards,
Eldar

***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@x...&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************

PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
Email
First Name
Last Name
Company
Subscribe in XML format
RSS 2.0
Atom 0.3
 

Stylus Studio has published XML-DEV in RSS and ATOM formats, enabling users to easily subcribe to the list from their preferred news reader application.


Stylus Studio Sponsored Links are added links designed to provide related and additional information to the visitors of this website. they were not included by the author in the initial post. To view the content without the Sponsor Links please click here.

Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.