|Main Archive Page > Month Archives > full-disclosure-uk archives|
>> the security on these boxes could be tightened/restricted to our heart's content as this would not impact the user's everyday use.
:) As someone who shares geographical commonality and is honored to be a 'padowan' of Valdis, when I brought up something very similar to this argument a while back, I was smacked down so bad by him and his peers, it still hurts to remember that day! :p
In any event, before ya'll make even more 'human' comments like the one above, please consider that:
To expand, design a model keeping the following factors in mind:
***###***###***###***###***###***### (there were more factors but after the 6th or 7th hit to the back of the head, you tend to lose way too many memory cells to remember all :p)
Now... Don't get me wrong, I totally agree with you, at first it sounds like a great idea to implement NAC/P like technology for the reg. Joe/Jill out there... But as you can all deduce it's just not pheaseable in the 'Real World'.
As for your original comment and why I singled it out...
So... Your scenario assumed successful implementation of the tech. by the user... And totally disregarded false-negatives and false-positives... So here's Joe Sixpack staring at this warning sign saying, 'according to our immature calculations 'something isn't right', so we're gonna let you figure that out by allowing you to only go to our approved 3rd party/marketing associate sites (which others can also join the network for a pheaseable fee) or by calling us at 800-OUTSRC-IT and wasting 2-3 hours on the phone to figure out that our central db doesn't include signatures for your AV/firewall/anti-malware combo yet...
Aras 'Russ' Memisyazici
Office of the Vice President for Research Virginia Tech