[unisog] Initial Observations of the Microsoft AntiSpyware Be ta1

jef moskot jef at math.miami.edu
Mon Jan 10 17:49:14 GMT 2005

On Fri, 7 Jan 2005, Gary Flynn wrote:
> Whether the customers can or will handle the complexity of the
> information supplied by the HIDS/application firewall/ outgoing firewall
> software will be the question. In most corporate settings I think the
> best answer is a white list of applications allowed to run rather than
> continually trying to come up with a black list.

This will be fine for moderately sophisticated users, but in my
experience, the average user in my department will click just about any OK
button in front of them if it claims to be a helpful thing.  Actually,
most of my users would probably click the button even it said "Hey, check
it out, I'm about to erase your hard drive, and install a virus that will
load your machine with child porn.  You MUST click the OK button to
proceed." given the way they respond to legit warnings.

Jeffrey Moskot
System Administrator
jef at math.miami.edu

More information about the unisog mailing list