[Shop-talk] PC GESTAPO
    John Miller 
    jem at milleredp.com
       
    Tue Mar 11 14:51:28 MST 2008
    
    
  
> This of course, Inch  does not apply to you or anyone serving this company.
> I'd hope that IT directors would give preferential treatment to anyone who is
> issued an M-16.
Having been on the other end, that is the end responsible for 
establishing policies like this (or not, as the case may be):
There are some very good reasons for not letting users fiddle much with 
their systems.  There's equally good reasons to keep personal machines 
off corporate networks.
Believe me, everyone in IT really wishes the whole company were 
self-supporting, knew what they were doing when installing software, 
editing the registry, disabling the virus-checker because it won't let 
them open that wonderful email attachment from their friend in 
Engineering (never mind the SMTP headers say it came from Azerbaijan), 
setting the machine to automatically log them on to their laptop at boot 
and disable the password lock on their screensaver because it's just too 
much work to log on again after they leave their machine at their table 
at Starbucks and go take a whizz...
Most of the really good attacks these days start as social-engineering 
efforts - tiny success ratio x enormous volume = enough success to kill 
a company.  Even just letting a mail client load images referenced in an 
HTML email message from an off-site server can tell the sender of the 
message (friendly or not) a whole lot about who/when/where/how the mail 
message was read.
John.
    
    
More information about the Shop-talk
mailing list