CERN re-opens 'Animal Shelter for Computer Mice' CERN has re-opened its “Animal Shelter for Computer Mice”, a place where CERN staff can take mice experiencing ill health and offers a warm and stimulating environment in which they can return to health. As you'll see from the screen shot below, the Shelter is really an initiative of CERN's security team, which uses it to …
The accusatory tone should be deployed towards system administrators who *LET* users open exe files attached to emails and then blame them for running trojans and compromising their networks.
Hint. Use a Software Restriction Policy and disallow exe files from running in the temp directories. Poof, no more trojan infections from e-mails because they can't run.
You could even set the default level as disallowed and allow /program files and legitimate applications on your network by path, and never see another virus again.
You don't require anything other than group policy and mmc, both of which come with windows. So why haven't you done it?
Its so easy when you work in an office that uses computers purely for administration and standard software isn't it. Out in research land they develop and tweak software to enable them to perform the research and analyse the results, or do you think that you can do everything with off the shelf software, or perhaps Excel macros and a pivot table?
This post has been deleted by its author
There is nothing like the IT dept for preventing doing any work in universities
Our computer use policy prohibits reading any file outside your home directory! Quote = "Having read permission on any file DOES not imply permission to read it"
So how do I log in then?
>blank stares
What about the compiler, does it have permission to read /usr/include?
>"any other use of the computer is only allowed as specified by your course tutor"
I'm the head of the fscking research group !
This attitude almost made sense when we had a mainframe, so we bought Sun workstations, then Linux boxes to escape from them. Now we all use Windows they are back in control
Its so easy when you work in an office that uses computers purely for administration and standard software isn't it. Out in research land they develop and tweak software to enable them to perform the research and analyse the results, or do you think that you can do everything with off the shelf software, or perhaps Excel macros and a pivot table?
. . . Which has what to do with an SRP denying access to execute from %temp%? Other than nothing, obviously. Straw man argument.
Microsoft overview of SRP's for those people who have just heard of them for the first time:-
http://technet.microsoft.com/en-gb/library/bb457006.aspx
because we all know that viruses only come as compiled binaries and never anything like a java package, a PDF, or really any other file format (None are safe). Most e-mail / internet borne viruses are just using scripting in PDFs or Java applets to infect the machines.
Just add "JAR" extensions to your designated file types to block it as well if it's appropriate in your enviroment?
I maintain that you cannot rationally allow users run executable code sent as attachments on emails and then write a policy saying that the end user is responsible for not running stuff they are sent. Doing so is patently absurd and deserves all the riddicule that can be thrown at it given the number of infections via this entry vector.
User education is important, but it should not be the sole line of defence.
If you want to knock holes in SRP's, the appropriate place to start would be the utterly absurd handling of shortcuts which limits their usefulness in locking systems down completely. This does not inhibit their effectiveness in blocking preventing software from running from specific folders like %temp%, however! Like anti-virus software, SRP's are not a cure all, but should be considered an important tool.
because we all know that viruses only come as compiled binaries and never anything like a java package, a PDF, or really any other file format (None are safe). Most e-mail / internet borne viruses are just using scripting in PDFs or Java applets to infect the machines.
Hell, there are text editors that can be exploited by putting the EOF character in the middle of a TXT file with the malicious code following that character; the text editor only counts the file size until it hits the EOF character but the OS might load the whole thing in memory, stomping over the rest of the editor's code.
lol nice one Cern. Back in the day I sent out a message asking the recipients to check a sales report for any errors with a link at the bottom. The link redirected to page with the definition of social engineering along with a fictitious offer for some infomercial product (slap chop iirc). Thankfully, no one took the bait to enter in their personal bits but I did have a few people ask what happened to the sales report. Maybe I should have offered two slap chops for the price of one. :P
At least I got the receptionists trained not to answer calls about what office equipment we had. It gets really old having to return toner and office supplies.
Why did you have to return the toner and office supplies? You just phone the supplier, tell them they were very stupid to send goods that had not been ordered and that they have 30 days to collect them before they get thrown away and that your handling and storage fee must be paid before collection.
Err, let me correct that last post having read the The Consumer Protection Regulations. The regulations preserve the spirit, more or less, of the original Act. Basically if the sender makes no effort to retrieve their property within 6 months, or 30 days after requested by the recipient, then the 'goods' become property of the recipient.
Exactly, no purchase order = no payment.
I've never had an issue with people sending me free toner, that would be quite useful I do get lots of calls asking to speak to the office manager, I just say he died last week and that tends to end the call. Theres also lots of fax spam for small business loans, because of course I would use a company that is so successful it has to resort to fax spam.
Obviously it's intended for April 1. Easy to explain how it reached we oridnary mortals early: not only did CERN announce superluminary neutrinos last year, but another Reg story today says “The fluctuations of the photon propagation time are estimated to be on the order of 50 attoseconds per square meter of crossed vacuum, which might be testable with the help of new ultra-fast lasers.” So you can work out how many square metres the announcement, sent on 1 April 2013, crossed to get here yesterday.
Just this week a user managed to get her machine infected. Great thing is of course, it was suggested that somehow it was my fault in the first place (as opposed to an appalling IT policy and monumental ignorance). No apology for the inconvinience caused, and no thanks for fixing it. Just a hard stare presumably compaining 10 minutes of not being able to use the machine was the final straw.
They'll claim it's all the IT group's fault, despite freely admitting to ignoring warnings by the antivirus software and overriding everything in order to open an attachment - because it might be important.
The last user who did that got to wait 10 days for her computer to be returned, with management approval. The only reason security wasn't escorting her off the premises is because she's the site union rep.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
