[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Super Worm

To: sean01@xxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Super Worm
From: Aschwin Wesselius <full-disclosure@xxxxxxxxxxxxxx>
Date: Mon, 19 Apr 2004 14:12:49 -0100

Sean Crawford wrote:

Phil wrote------------->

Nor their arrogance. I had two people tell me this weekend that they had got a virus from Windows Update. No way would they listen to what I told them. And it was a complete waste of time enumerating the various attack vectors which could lead them to believing that that was what happened. Whatever I told them, they still refused to believe any other explanation than that Microsoft had sent them a virus from the Windows Update site.

FFS.....I can just hear them now..
I do support for a small company(about 150 end users)and these are the same
issues I go through daily, don't even try and explain exploits, it leads to
another whole world of frustration/pain..most people don't even want to
understand..
I say it all the time to my boss...IT support is a thankless job as the only
time I/we get a call is when someone's not happy...
On the other hand....without those dimwits I would be out of a job...God bless the dill's..

Yeah, but with the problems and the stupidity of end users, the curve of complexity gets steeper. Dimwits can be good, because it keeps you awake and focussed. But too many, gives you headaches and makes you go off schedules.

True control (to keep your job) is to have control on the dosis of knowledge about security. Keep them wellinformed, but not into the sticky details, so you have tasks left for yourself.

Make a good list wich people can check for themselves. A knowledge base maybe with good understandable descriptions of threats and info on new things wich might hit them. If they did not obey the list with checks they can be hold for ignorant, unhelpful, dumb, or any names you can think off (still stay polite). Prioritize those people by filtering who is helpful and sticks with the rules, and people who are just simply ignorant and not willing to learn from what you tell them. In the end it is their own fault and they have to feel how it is to not being helped that quick.

If people are refusing to listen, or just ignore your job as what it means (to prevent and solve problems) you don't have to help them, since in their view you don't exist, or are not important to them. Turn it around and hold them for not being important either, since it works both ways. You have to do it together and you are not Cinderella.

Kind regards,

Aschwin Wesselius

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] Super Worm
  - From: Curt Purdy

References:
- RE: [Full-Disclosure] Super Worm
  - From: Sean Crawford

Prev by Date: RE: [Full-Disclosure] Super Worm
Next by Date: [Full-Disclosure] Zaep AntiSpam Cross Site Scripting
Previous by thread: RE: [Full-Disclosure] Super Worm
Next by thread: RE: [Full-Disclosure] Super Worm
Index(es):
- Date
- Thread