[thelist] Security... Please Make It Easier For Us Non-Tech Types!

Jorah Lavin madstone at madstone.net
Wed Aug 13 10:26:44 CDT 2003


At 10:22 08/13/03, you wrote:

>Anybody serious about maintaining security on their systems should be
>subscribed to the BugTraq mailing list, at the very least.

The thing is... unless this is your job, how many people have the time? For 
instance, I work full time, spend about 10 hours a week commuting, am 
taking a college course online, am trying to wrap my head around XML/XSLT 
technologies (enough so that I can talk with our staff programmers), am 
trying to learn more about IA so that I can discuss site structure 
intelligently, try to keep up with CSS and XHTML discussions, have yard 
work to do, and should be packing and cleaning for the move to our new 
house later this fall. Hobbies? I try to keep up with my reloading and 
shooting, but have only been to the range a few times this year. Then there 
is news of current events and political issues to read about. After all 
that, I'm not going to (want to or be able to) spend huge amounts of time 
learning the tech details of networks security.

I doubt that I'm alone in this level of involvement.

I've got to depend on things like Zone Alarm, Norton Anti-Virus, visiting 
the Windows Update site once a week, and on the corporate security and 
firewall teams at work.

The situation is even worse for the people I see at work, who don't have a 
clue how the "helpful" spyware toolbar got installed in the outdated 
version of IE they are running, people who can't tell a legitimate warning 
from the network administrator from a fraudulent ad on a web page...

The security people, the OS people, the firewall people... all of them have 
to try to make protection more transparent to the end user. Just in the 
last few days, I've heard that some router I'm supposed to install before I 
go to cable internet access will protect me, and then that, in fact, the 
router or whatever it is WON'T protect me... if the tech people on this 
list can't agree, I don't have a prayer of understanding what I should do 
to protect my family's computers.

Okay, this is badly off topic. I'll try to think of a decent tip to send to 
make up for it.

-Jorah




More information about the thelist mailing list