[LINK] Study shows pop-up warnings are ineffective
Ivan Trundle
ivan at itrundle.com
Wed Oct 1 16:26:54 AEST 2008
On Wed, Oct 01, 2008 at 11:52:29AM +0930, Glen Turner wrote:
>
> I much prefer the SELinux approach. Deny the activity and audit it.
> Put an alert on the screen saying the activity was denied. Give a
> audit review tool which allows denied requests to be authorised in
> the future. This approach moves the consideration of security out
My brother-in-law tells me that this is exactly how his team manages
this activity in his (large) federal government department (but in MS
Windows). The review process takes up to four days, but this is better
than many other departments, which have no review process at all.
It was interesting to hear his views on the word 'trust', and what it
means in this context: given the thread discussion.
His view (and he is no Microsoft shill) is that Microsoft does a
better job of delivering the required security regime and patches (in
concert with Auscert) than Mozilla, and the level of trust and
obligation is markedly different.
iT
More information about the Link
mailing list