[LINK] Study shows pop-up warnings are ineffective

Ivan Trundle ivan at itrundle.com
Wed Oct 1 16:26:54 AEST 2008


On Wed, Oct 01, 2008 at 11:52:29AM +0930, Glen Turner wrote:
>
> I much prefer the SELinux approach. Deny the activity and audit it.
> Put an alert on the screen saying the activity was denied. Give a
> audit review tool which allows denied requests to be authorised in
> the future.  This approach moves the consideration of security out

My brother-in-law tells me that this is exactly how his team manages  
this activity in his (large) federal government department (but in MS  
Windows). The review process takes up to four days, but this is better  
than many other departments, which have no review process at all.

It was interesting to hear his views on the word 'trust', and what it  
means in this context: given the thread discussion.

His view (and he is no Microsoft shill) is that Microsoft does a  
better job of delivering the required security regime and patches (in  
concert with Auscert) than Mozilla, and the level of trust and  
obligation is markedly different.

iT



More information about the Link mailing list