[Dshield] 0wnlng Windows machines

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Mon Feb 26 02:57:39 GMT 2007


On Sun, 25 Feb 2007 19:52:17 EST, "John B. Holmblad" said:
> the issue is not so much that consumers are clueless, as it is the fact 
> that, unlike the sysadmins who are PAID to maintain the security of 
> their systems, the average end user, clueless or not, does not get paid 
> to do so.  Consequently it does not happen, as much as it should, and 
> especially in those cases where, as you suggest, a friend/relative, will 
> come in to clean up the situation and not charge them for the cost of so 
> doing.

Bruce Schneier has written about the fact that the *cost* of computer
security is an "externality" (i.e. the people who make the decisions aren't
the ones who bear the cost of the decisions). Unfortunately, nobody had a
good idea on how to change this in a tolerable way.

> In the fine tradition of using the U.S. tax code to achieve greater 
> social "good", how about if we incent better computer hygiene by 
> providing a tax credit for users who keep their computers malware free 
> for the prior year?

I have to show the IRS special forms listing mortgage interest paid,
receipts for charitable donations, proof of business expenses, and so on.
How do you propose we do that in a world where we can't even agree how
many *digits* are in the number of zombied machines?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.sans.org/pipermail/list/attachments/20070225/bc4c1dc2/attachment.bin 


More information about the list mailing list