Feeds

back to article Younger generation taking 'sledgehammer' to security

The new generation of "digital natives" coming into the workplace is going to blow apart existing security practices, Symantec's CEO Enrique Salem warns. In his keynote speech on Tuesday at the RSA 2012 conference in San Francisco, Salem said that the current young generation, born in the 1990s, has a radically different …

COMMENTS

This topic is closed for new posts.

Page:

Ru
Silver badge
Facepalm

"They even think differently"

What utter rubbish. As any teacher of teenage pupils will tell you, 'continuous partial attention' is nothing new.

Still, its nice to see a justification for letting people access the corporate network with their own devices of unknown provenance: it lets security companies sell you new systems for dealing with all the new problems that increasing your attack surface by an order of magnitude brings. Oh brave new world.

11
0
Silver badge

Re: "They even think differently"

The plan...

- We save money buy making everyone buy their own laptop/phone.

- We outsource IT to India

- We get some of that cloud stuff that everyone is talking about, it must be good.

Big money saved! IPads for all the exec!

What could go wrong?

8
1
FAIL

Re: "They even think differently"

Seconded here; these new "digital natives" are just like you and I physiologically; Mk I Caveman, in other words. They may be suffering from a mild sort of attention deficit disorder a lot of the time (which is what continuous partial attention is) and spend way too much time pratting about with devices designed to strongly appeal to the social-monkey in all of us, but fundamentally they're the same.

"Continuous partial attention" effectively means "Cannot concentrate on one thing exclusively", which translates as "Good luck getting a full day's work out of this numptie"! Furthermore, these digital natives are only people who have learned to work with the designed GUI interfaces of these digital devices; in many cases they are far inferior to older people who know and can hack around in the guts of digital systems, deep below the interface. In the Computing Department of the Uni I work for, considerable effort is put into making the front end of the RedHat variant they use as unlike a modern Windows/KDE/Gnome as possible, to discourage the use of point'n'drool interfaces as much as possible. Digital Natives, they have found, make lousy computer scientists unless you shock them out of using the standard interfaces and get them back to commandlines.

7
0
Bronze badge
Linux

@ Dr Dan - Re: Re: "They even think differently"

"In the Computing Department of the Uni I work for, considerable effort is put into making the front end of the RedHat variant they use as unlike a modern Windows/KDE/Gnome as possible, to discourage the use of point'n'drool interfaces as much as possible"

Oh, that sounds interesting, what does the front end look like? twm and terminal or something win2000 like?

Personally, I'm scavenging the fronts off old microwave ovens. Then I'm lining my classroom with the mesh, which I intend to earth bond. Sort of steampunk look Faraday cage...

2
0
Silver badge
FAIL

Buzzword Bullshit

that is all.

15
0
Silver badge
WTF?

"a freight train coming that will hit businesses like a sledgehammer"?

So, not like, oh, I don't know, a freight train, but only a sledgehammer...

22
0
Anonymous Coward

Re: "a freight train coming that will hit businesses like a sledgehammer"?

Or a toy freight train that is quite heavy, considering, and has a fair bit of momentum?

1
0
Anonymous Coward

Re: Re: "a freight train coming that will hit businesses like a sledgehammer"?

Not just like any old sledgehammer either, but like a sledgehammer of change!

I would like to announce the creation of the annual Opus the Penguin Memorial Award for Mixed Metaphors. And also its first winner.

4
0
Silver badge

Re: "a freight train coming that will hit businesses like a sledgehammer"?

Maybe it's a freight train made of that aerosol foam stuff, with aerosol foam freight.

0
0
Anonymous Coward

"He promised that Symantec would provide protection..."

Oh dear. I hope Moore's law remains good for a few more years at least then as Symantec software can grind most systems down to walking pace just dealing with simple security requirements. God knows what resources they'll be trying to commandeer from the systems that run it in order to deal with complicated issues.

5
0
Silver badge
Devil

Protection?

Nice young people with ADHD you got there... shame if something should happen to them...

1
0
Anonymous Coward

It all makes sense now....

...Symantec.

A load of products they bought, but only pay attention to one at a time for a short period until they get bored and move on.

Result, a complete fucking mess of things by the same company that spend most of the day interfering with each others operation resulting in a grinding dog of a machine.

Speaking as somone that is forced to suffer from their AV, Encryption and inventory shit.

Result: an i3 laptop with 3 gb of RAM that runs slow than a P4 1.8 1024 machine at home. The 1st 20 minutes of the day the drive is running at 100% i/o

6
0

Re: It all makes sense now....

you're making the mistake of thinking that kit is intended to accomplish something productive - stop it. It's there to feed this vicious circle of systems, system problems, system solutions involving more systems, which bring more system problems.... ad infinitum

0
0
Silver badge

I'm relieved that Symantec have our backs. Let's hope that guarding against da yoof is easier than looking after your own source code.

0
0
Silver badge

doesn't accept from single source

" ...the average US 21-year-old has sent over 250,000 emails, text messages, and IM sessions, has spent over 14,000 hours online, and doesn't accept information from a single source, but checks with his or her network instead. They use email rarely..."

"...has sent over 250,000 emails, text messages, and IM sessions... ...They use email rarely..."

Errr?

9
0
Happy

Re: doesn't accept from single source

"...has sent over 250,000 emails, text messages, and IM sessions... ...They use email rarely..."

I don't usually send email, but when I do, I *really* send email.

9
0
Bronze badge

Re: doesn't accept from single source

Maybe the coded message is "see those youngsters youngsters you're hiring? They bolstered their pocket money by running a spam ring on the side."

0
0
Anonymous Coward

Did you miss the "and"?

>""...has sent over 250,000 emails, text messages, and IM sessions... ...They use email rarely...""

Therefore most of those 250,000 must have been text messages and IM sessions and few of them were emails. What's so hard to parse?

0
0
Silver badge

Re: Did you miss the "and"?

How do you send an IM session?

0
0
Anonymous Coward

no. 1, really? Most 21 year olds I know can't form a coherent sentance let alone do anything useful with a server, and that's just the computer science and IT Forensic students.

no. 2, don't most of us already monitor the data that's leaving our networks if it is of concern to our business?

No. 3, Symantec, not the last company I'd trust on security but defenetly in the bottom group of companies.

6
1
FAIL

"Most 21 year olds I know can't form a coherent sentance..."

... says an AC who can't even spell "sentence", or use a spellchecker.

9
1
Silver badge
Childcatcher

Re: "Most 21 year olds I know can't form a coherent sentance..."

"no. 1, really? Most 21 year olds I know can't form a coherent sentance let alone do anything useful with a server, and that's just the computer science and IT Forensic students."

No worries mate - a couple of sites are down because of interest in the Pi thingy - those 21 year olds will be surpassed by spotty 15 year olds (no one-remembers how Codemasters started?)

All your data belong to us - 'coherent sentances' (sic) are not required, just coherent code.

0
0
Anonymous Coward

Inference not justified by observation.

So, the Raspberry Pi websites are down, agreed. But what on earth makes you think you know anything about the age distribution of the people whose browsing is overloading them? For all you know it's entirely middle-aged nerds going on a nostalgia trip for their long-lost 8-bit childhoods.

(Much though I admire the intentions behind Pi, I think the aforementioned nerds may end up forming the majority of its customers. I think the average reaction of most 15-year olds to a Raspberry Pi would be to look at it, look at their smartphones, look back at the Pi, then comment "What is this primitive shit?" before wandering off to play another round of Angry Birds.)

1
0
Unhappy

Re: "Most 21 year olds I know can't form a coherent sentance..."

I don't know any 21 year olds...........

0
0
Anonymous Coward

What bollox

"....doesn't accept information from a single source..."

Is he serious? Set my students any task that involves doing research and you'll get back practically verbatim cut'n'paste from Wikipedia. As far as most of them are concerned, there is no other source of information.

"...They even think differently, multitasking constantly in what he called "continuous partial attention..."

Translation: They have the attention span of a goldfish with Alzheimer's

19
0

Re: What bollox

No there are two sources. I looked something up on wikipedia and cut and paste it so did my mate. We then checked our aswers against each other and only if they matched do we submit them.

1
0
Bronze badge

Re: What bollox

It should have said - "Doesn't accept information from a single source unless it confirms the conclusion they already jumped to - otherwise will check with their self-affirming clique before coming to the conclusion they first thought of"

0
0
Anonymous Coward

BOFH time?

OK, hands (or thumbs) up: who wants to see an episode of BOFH where he and the PFY deal with an influx of 'partially attentive' kids with their own devices. I suspect they wouldn't remain their 'own' devices for long, and if by some miracle any survive they'll learn to pay more than partial attention - at least to things like fire axes and lift shafts.

21
0
Anonymous Coward

Meaningless techno waffle

I think he means use end-to-end encryption and impliment a full audit trail.

1
1
Meh

Bollocks to them

and their "bring your own device" approach.

Yeah right, if they want to endanger the company network & their own job then fine... just go ahead.

An article like this would run better on some newspaper's tech page - the Reg's readers would prefer something with a bit more substance, perhaps.

2
0

What's new?

Seems to be saying that you'll no longer be able to trust the client devices on your network - been like that since attacking the client-side became all the rage, oh say 10-15 years ago.

Apparently you need to watch what info/data your employees are leaking. We've been doing this for years, by restricting access to sensitive information to those who need it and have correspondingly high salaries to lose.

Nothing I hate more than a Norton/Symnatec/McAfee press-release reprint :(

0
0
Silver badge

Re: What's new?

You never could trust client devices - the only difference is that 10 years ago it was only the boss who had a laptop or a phone that could do email.

And they could insist on not having a password, on lending the machine to their teenage kid and then connecting the virus laden POS to my network, and they were exempt from having to run a virus checker, or not have admin rights and they had to have access to everything on the network (or thought they had!)

2
0
WTF?

The Sledgehammer, the Freight Train's natural enemy...

3
0
Anonymous Coward

Read above post to self in best hushed David Attenborough tones

for maximum lols.

0
0
Anonymous Coward

Choices

Change practices to meet the needs of the "new breed"

or

The "new breed" learn to accept and work within existing practices

Outside of small companies/startups it isn't likely to be the former. Why does he think everyone will just throw their security policies and procedures out of the window?

Yes there will be a shift, but it will be generational as these workers move into the workforce and move up in influence (as happens in plenty of fields, not just IT) , it isn't going to happen overnight.

2
0
Bronze badge

Re: Choices

Even better -- give them a "continuous partial salary".

People _do_ _not_ multitask in any higher cognitive functions. People only multitask in one higher function alongside other automatised functions. Split attention kills productivity, which is why always-on email is so corrosive in the workplace -- it breaks all sense of flow or concentration.

5
0
Silver badge
Coffee/keyboard

"continuous partial salary"

ROFL

0
0
Thumb Up

Re: Re: Choices

Agreed. The human brain seems much more similar to a mesh network than to a multitasking single core.

Not to mention multi-tasking is just a clever way of saying 'time-sharing'. If you try to do too much of it then you end up thrashing about doing endless task switching and paging (whether you are human or digital).

0
0

Inflated sense of entitlement

Companies should change the way they operate? How about these "me me me" children grow the hell up and learn that life doesn't revolve around them?

What company will really open up a network to a swathe of potentially compromised devices just so employees can use their new shiny lookit instead of a company controlled, trusted machine?

Continuous partial attention = easily distracted. Only 2% of people are capable of true multitasking, the rest just believe they are. Tabbing out of youtube every five minutes to check for updates on facebook isn't multitasking.

Automatic tagging of data? Yes, because AI is going to be able to accurately identify complex information in a wide variety of formats, some of them bespoke to the company. If CAPTCHA can defeat it, I doubt it will be able to cope with a scan of a bank statement or clinical record.

Users can't be trusted to tag data themselves? Not even when it is their job? People who can't be trusted to do their job get fired, simple as that. Or is that some kind of discrimination against the lazy and incompetent?

Cloud audit trails. Like who in the cloud provider has the ability to access data placed there, and where in the world the data is physically located at any one time? How do multi-nationals prevent breaking the law when German mailboxes get moved to a datacentre in Ireland? Who has liability and/or culpability in a case where a user claims actionable messages were not sent by them, but possibly an administrator?

Shut down access to information quickly. As in, the data stored on a personally owned device that was joined to a company network. A personal device that you may not have technical control over. That you may even find you can't legally touch once the employee has been terminated.

This "new generation" might have radically different approaches to the Internet, information and security. Doesn't make them correct, worthy of emulation or the new arbiters of company policy.

10
0
Silver badge
Pint

Re: Inflated sense of entitlement

This "new generation" might have radically different approaches to the Internet, information and security. Doesn't make them correct, worthy of emulation or the new arbiters of company policy.

Well said! As someone else said, there may be a slow generational change but there's never going to be a simple overnight change where businesses go "Security? Yeah fuck it let the kids do what they do best"

0
0
Anonymous Coward

Entitlement ?

Yeah they've heard of it and believe they are entitled. Very sad.

1
0
Anonymous Coward

more fear mongering to prevent the young from being hired

good job asshole.

0
3
FAIL

So, we are like a sledgehammer/freight train ... a sledgetrain? A freighthammer?

Standard press release template: Tech stuff is changing. This is a problem because waffle. Therefore buy our expensive shiny bauble.

I might have more sympathy if I hadn't spent so much time scraping their revolting faulty crudware off PCs that come pre infected with it, choking the machine to a crawl and blocking most Net access by mistake (the UI had stopped working, so everything was blocked pending a dialog box that never appeared). I've seen a lot of malware that's easier to uninstall cleanly, even before the AV tools have signatures for it!

In a sense, firewalls were always a stupid idea: most threats, statistically, come from inside anyway, rendering the firewall useless. To cap it all, these days we have increasing numbers of users outside the network anyway (telecommuting, distributed offices, all sorts) - and some of the services are off-site too. When it isn't between all the users and all the servers, or between all the users and the Internet, or between all the servers and the Internet, it does look rather like an overpriced fan heater in the racks...

Solution: bin the stupid packet filter, secure the servers properly like you have to anyway, make sure the client devices have decent AV protection where applicable. Symantec would probably like to think they can offer the latter, just like Saddam Hussein probably wanted to think he was a nice guy, and about as plausible.

0
1
Anonymous Coward

@James 100

"In a sense, firewalls were always a stupid idea"

No; it's only stupid to see them as the *only* defence mechanism. You obviously need to limit what outsiders can do in your network, so the firewall is an absolute neccessity; alongside anti-virus, access-control, effective authentication etc.

2
0
Bronze badge

Wherefore art thou, firewall?

The firewall is and always will be vital. The firewall's first and most important job is to prevent "exploratory" hacking -- someone getting on to the network and looking for exploits on the individual servers. You can't be sure you've eliminated all security holes, so you add an extra level of defence.

It's just like having a door on your building, and a gate on your campus, really.

1
0
Anonymous Coward

Firewall goes both ways...

"The firewall will also need to be reinvented, he said, so that it not only watches what data comes into an organization, but also what data goes out."

Most corporate firewall systems can already do this; does this guy know what he's talking about?

6
0
IT Angle

Re: Firewall goes both ways...

You expect more from a Symantec press release?

IT? coz I am not sure what value Symantec brings to the table.

2
0
FAIL

If ever you needed...

...a reason to dump Symantec and make the switch to a competent AV/Endpoint vendor, let this be it.

3
0

If you ask a burglar alarm salesman whether you should buy a burglar alarm, you are unlikely to be surprised by the answer.

0
0
Gold badge

14000 hours online?

21 years is roughly 140,000 hours. This guy is saying that the AVERAGE 21-year-old has spent 10% OF THEIR ENTIRE LIFE online.

Subtract school-time and sleeping time and the fact that presumably average parents don't let their offspring spend their lives glued to a screen during their pre-school years. I call "bull-shit".

I'll also call bull-shit on the notion that there might be productivity benefits for employers who take on someone who is incapable of concentrating on a single task.

2
0

Page:

This topic is closed for new posts.