I don't know who I hate more...
-
As any protection measure, it raises the required skill level and the cost of breaching them. It can't completely prevent intrusion by a skilled and motivated attacker.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
Sure, I get that. The old saying, you can't prevent access, merely increase its cost has never been more true. What is also true however, is that if you flaunt your distrust for those you rely upon, you're simply scheduling the time they'll bite you when they can. People that need said measures in order not to steal the company data weren't the best hires in the first place. Oh. Right. Recruitment firms and HR. Nevermind. I'm thinking about some alternate universe where these entities aren't dumber than a firehose. :doh:
-
Sure, I get that. The old saying, you can't prevent access, merely increase its cost has never been more true. What is also true however, is that if you flaunt your distrust for those you rely upon, you're simply scheduling the time they'll bite you when they can. People that need said measures in order not to steal the company data weren't the best hires in the first place. Oh. Right. Recruitment firms and HR. Nevermind. I'm thinking about some alternate universe where these entities aren't dumber than a firehose. :doh:
And consultants. Too many firms hire consultants as temporary workers, and consulence companies foster a mercenary environment - they parade us to customers singing our praises and overselling us , just like a pimp would do - so trust is hard to give.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
-
Eddy Vluggen wrote:
If you need to neuter the machine because you cannot trust your employees means you have a bigger problem
Or more than one. There are many "engineers" and "developers" who blindly click and fall for any phishing scam they see, or use their work computers for personal and potentially risky activities (gaming, sketchy p**n sites, sketchy "dating" sites, P2P, streaming...).
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
Quote:
use their work computers for personal and potentially risky activities
Therein lies a problem, more so if you can't block stuff like yahoo mail. We do so at the firewall but that is only on site. A "well protected" corp laptop: Highly interlocked, protected device, with limited compute capabilities. :sigh:
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
-
Quote:
use their work computers for personal and potentially risky activities
Therein lies a problem, more so if you can't block stuff like yahoo mail. We do so at the firewall but that is only on site. A "well protected" corp laptop: Highly interlocked, protected device, with limited compute capabilities. :sigh:
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
It's honestly a question of employee training and selection. If an employee has not the honesty, intelligence and integrity necessary to not f* around with company's equipment he has to go. When unapologetically laying off any employee stupid enough to not grasp the basic computer security concepts after 40 years of PC existance becomes the norm, computer security becomes the norm as well. Dura lex, sed lex.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
-
It's honestly a question of employee training and selection. If an employee has not the honesty, intelligence and integrity necessary to not f* around with company's equipment he has to go. When unapologetically laying off any employee stupid enough to not grasp the basic computer security concepts after 40 years of PC existance becomes the norm, computer security becomes the norm as well. Dura lex, sed lex.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
I love your perfect world. :) Alas, mine has a few very smart people who occasionally make dumb mistakes.
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
-
It's honestly a question of employee training and selection. If an employee has not the honesty, intelligence and integrity necessary to not f* around with company's equipment he has to go. When unapologetically laying off any employee stupid enough to not grasp the basic computer security concepts after 40 years of PC existance becomes the norm, computer security becomes the norm as well. Dura lex, sed lex.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
Quote:
Dura lex, sed lex
Maybe that's where Monty Python got "Cruel, but fair." :laugh:
Robust Services Core | Software Techniques for Lemmings | Articles
The fox knows many things, but the hedgehog knows one big thing. -
Eddy Vluggen wrote:
If you need to neuter the machine because you cannot trust your employees means you have a bigger problem
Or more than one. There are many "engineers" and "developers" who blindly click and fall for any phishing scam they see, or use their work computers for personal and potentially risky activities (gaming, sketchy p**n sites, sketchy "dating" sites, P2P, streaming...).
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
-
Slacker007 wrote:
My laptop is currently the most secure digital device I have had in my entire life, I think. :laugh:
Exporting text is usually trivial. Moreso if a compiler is on the machine. If you need to neuter the machine because you cannot trust your employees means you have a bigger problem :)
Bastard Programmer from Hell :suss: "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
-
I love your perfect world. :) Alas, mine has a few very smart people who occasionally make dumb mistakes.
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
Occasional dumb mistakes are one thing, many people though cultivate a path of willfull ignorance and criminal negligence.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
-
glennPattonContracting2 wrote:
the Work lappy will not see things plugged into the usb ports!
this is a great security feature as some employees like to steal source code, etc. and put them on thumb drives. My company has the laptop encrypted with Bitlocker and so if you store something on a USB device, it encrypts it, so that only the laptop can read it back again. My company also installed extra security software to prevent uploading anything to non approved repos, etc. so stealing source code, etc. and uploading it to a personal drop box, cloud storage, git repo, etc. can't be done either. My laptop is currently the most secure digital device I have had in my entire life, I think. :laugh:
Now is a good time to remind you of one Wolfgang Amadeus Mozart and Allegri’s “Miserere mei Deus”, which the Vatican absolutely forbid to be copied, and prelates looked out for anyone who might be doing just that while it was being sung. However, the teenage Mozart went to the Tenebrae and listened. That night at home he wrote out the whole thing. note perfect, in full, all parts, in all its contrapuntal glory. So, if you code to 'Mozart' standards ... :~ :-\
-
Quote:
Dura lex, sed lex
Maybe that's where Monty Python got "Cruel, but fair." :laugh:
Robust Services Core | Software Techniques for Lemmings | Articles
The fox knows many things, but the hedgehog knows one big thing. -
Well, John Cleese was a latin teacher...
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
Makes sense!
Robust Services Core | Software Techniques for Lemmings | Articles
The fox knows many things, but the hedgehog knows one big thing. -
I love your perfect world. :) Alas, mine has a few very smart people who occasionally make dumb mistakes.
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
Also known as the Inverse Stopped Clock
Wrong is evil and must be defeated. - Jeff Ello
-
Occasional dumb mistakes are one thing, many people though cultivate a path of willfull ignorance and criminal negligence.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
Here, we refer to them as politicians. :laugh:
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
-
Hi All, Trying and failing to work from home due in part to the wet string broad band connection and the laptop I have, locked for my security. Having to use a 'Mini Hub' due to the broadband being unstable I find I can't use the mini-hub as the Work lappy will not see things plugged into the usb ports! So I have go to go into the Office to winge at IT and attend an Online meeting. I wanted to work from home today! :sigh:
glennPattonContracting2 wrote:
I can't use the mini-hub as the Work lappy will not see things plugged into the usb ports!
We have the McAfee virus at work. Its primary faults are two-fold. First, every time you plug a removable device it that isn't encrypted, it offers to do so. You can say no, but it's not the default choice. The encryption typically bricks the device. The other is in insane. Any application that writes executable files is subject to their "Adaptive Threat Protection". This is a heuristic mechanism that locks the file being written and then scans it for malware. Unfortunately, if the original writing process closes the file and then re-opens it, it's now broken. Visual Studio's manifest embedding and Inno Setup get caught in this a lot. I've had stern words with our IT department over the whole thing, with less than pleasant results.
Software Zen:
delete this; -
glennPattonContracting2 wrote:
I can't use the mini-hub as the Work lappy will not see things plugged into the usb ports!
We have the McAfee virus at work. Its primary faults are two-fold. First, every time you plug a removable device it that isn't encrypted, it offers to do so. You can say no, but it's not the default choice. The encryption typically bricks the device. The other is in insane. Any application that writes executable files is subject to their "Adaptive Threat Protection". This is a heuristic mechanism that locks the file being written and then scans it for malware. Unfortunately, if the original writing process closes the file and then re-opens it, it's now broken. Visual Studio's manifest embedding and Inno Setup get caught in this a lot. I've had stern words with our IT department over the whole thing, with less than pleasant results.
Software Zen:
delete this;McAfee?, I went in now it appears to be working apart from I log into the VPN, but I have to go in tomorrow to run some tests (if the hardware is ready..!). I've only had the weirdness with it (McAfee) not running the VPN software, being updated runs fine, McAfee won't run the VPN. I thank :bob: I haven't had to Vis Studio yet...
-
It's honestly a question of employee training and selection. If an employee has not the honesty, intelligence and integrity necessary to not f* around with company's equipment he has to go. When unapologetically laying off any employee stupid enough to not grasp the basic computer security concepts after 40 years of PC existance becomes the norm, computer security becomes the norm as well. Dura lex, sed lex.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
What you are missing is that some of these people were hired for things other than their computer skills. That guy who is dumber than a firehose around IT may be the companies best lawyer. The IT systems are (unfortunately) configured for the average person - not developers. Unfortunately IT might not have enough resources to solve more than the average - and developers get caught up in it. . . and to be fair - I've seen my fair share of developers doing pretty stupid things as well. Agree you need to trust people to drive safely - but enforcing seat belts is not such a bad thing. You might even find yourself thanking the seatbelts at some point when you had an "In a hurry, not thinking, just send this file, brain fade." On the other side of the fence - provided you are not a cowboy - most IT staff (given the time) would be happy to set you up better. Speak with them - they should be your friends - not your enemies. Most of the time they can come up with something.
-
Hi All, Trying and failing to work from home due in part to the wet string broad band connection and the laptop I have, locked for my security. Having to use a 'Mini Hub' due to the broadband being unstable I find I can't use the mini-hub as the Work lappy will not see things plugged into the usb ports! So I have go to go into the Office to winge at IT and attend an Online meeting. I wanted to work from home today! :sigh:
If it was just Home Office which suffers from paranoid IT. I had several cases of my work code being marked as malware by some paranoia "solution" (which does exactly as much against malware as Defender does, except with more false positives). I had an API, which according to Microsoft documentation, works just fine, only work when started as administrator. I once had the whole of our worldwide IT chiefs meet at the head quarters just because I've used robocopy (which is such an evil and forbidden tool, the IT didn't even bother lock it with group policy because hey, since when do IT chiefs need to know what's available on a stock Windows machine).
-
Hi All, Trying and failing to work from home due in part to the wet string broad band connection and the laptop I have, locked for my security. Having to use a 'Mini Hub' due to the broadband being unstable I find I can't use the mini-hub as the Work lappy will not see things plugged into the usb ports! So I have go to go into the Office to winge at IT and attend an Online meeting. I wanted to work from home today! :sigh:
"Keys don't lock doors, they only lock locks" - me. I hate it when they give me a new laptop that is locked down. I do like getting a new laptop. What I don't like is the time I waste figuring out how to get it back to a state that serves my needs; so that I can do what I am paid to do.
Nothing succeeds like a budgie without teeth.
-
glennPattonContracting2 wrote:
the Work lappy will not see things plugged into the usb ports!
this is a great security feature as some employees like to steal source code, etc. and put them on thumb drives. My company has the laptop encrypted with Bitlocker and so if you store something on a USB device, it encrypts it, so that only the laptop can read it back again. My company also installed extra security software to prevent uploading anything to non approved repos, etc. so stealing source code, etc. and uploading it to a personal drop box, cloud storage, git repo, etc. can't be done either. My laptop is currently the most secure digital device I have had in my entire life, I think. :laugh:
