Not Your Average IT Blog...

As if dumb and blind seizing of computers for nefarious purposes weren’t bad enough, we now have people intentionally choosing to be part of attacks. In our ITER discussions, we struggle with the amount of focus that IT has on human behavior (much more problematic than computer behavior); and that is within the corporate walls. Do we expect IT folks to modify and human behavior outside the corporate walls as well? Of course not. But how else can this be slowed or stopped?

Consider the possibilities of what these accounts may be used for? I have had “friend requests” from people that I do not know who are already linked with other mutual friends – sometimes dozens of them. After suspecting a couple of them – I couldn’t find any commonality in our supposed mutual friends and the new contact’s activities – I unfriended them. Now I wonder if they could be these sorts of accounts. I’m an “open networker” on LinkedIn (meaning I’ll link with anyone); but not in Facebook. For open networkers in Facebook, this could spell serious trouble when combined with a good FB attack of some sort.

McAfee anti-virus debacle: poor QA allowed an anti-virus update to functionally wipe-out Windows XP-SP3 systems. They admitted the problem. And are paying for some of the computer repair. Hard to know who to trust when the ones you trust cause this damage. Also brings to question “patch early and often”; if we are to wait to roll out anti-virus updates, we risk zero-day attacks even further. Turns out security IS in your own hands and there is no panacea.