[Cialug] Home DLP, Anyone?

j.bengtson at mchsi.com j.bengtson at mchsi.com
Tue May 6 12:52:15 CDT 2014


If we didn't need to persist SOME data, we could just use a live CD and reboot every couple of hours or so.  You don't have to worrry so much about viruses, worms, and other miscellaneous malware because they're gone when you reboot.

----- Original Message -----
From: jim kraai 
To: Central Iowa Linux Users Group 
Sent: Tue, 6 May 2014 11:57:36 -0500 (CDT)
Subject: Re: [Cialug] Home DLP, Anyone?

I have relatives, a couple, who have explicitly, intentionally done what
you suggested on the, arguably flawed, assumption that they have nothing to
hide and nothing worth stealing.  They now pay best buy $300/yr on some
blanket security/repair plan, $100+/yr on cloud backup, and I spend about
50 hrs/yr helping them deal with the problems that aren't covered by the
commercial services

So, that's my current mental model for how wanton neglect benefits normal
users.
On May 6, 2014 11:42 AM, "Dave Hala"  wrote:

> My day job is fairly dull this time of year, so I guess you could say
> those thoughts are born of boredom.
>
> :) Dave
>
> On Tue, May 6, 2014 at 11:25 AM, jim kraai  wrote:
> > If that was very zen or sarcastic, I get it :-)
> >
> > I remember an old sci-fi story about a world that was polluted with
> > quadrillions of little surveillance lense/transmitter things.  There was
> no
> > way to tell who produced a given lens or even whether one was of civilian
> > or commercial origin.  The protagonist struggled with the problem of
> > keeping all of them out of his house, meticulously vacuuming, etc.,
> > spending a significant portion of his time and resources on the problem.
> > In the way that such stories end, he finally gave up and dove into a
> > swimming pool sized pile of them.
> >
> > You raise a good point.  Who's paying you to say such things?  Does it at
> > least pay the mortgage?  :-)
> >  On May 6, 2014 11:09 AM, "Dave Hala"  wrote:
> >
> >> Try approaching the problem from a different perspective, by asking
> >> the question: What If do nothing? or What if I do the same thing as
> >> everyone else?
> >>
> >> (I'm *not* suggesting doing nothing.)
> >>
> >> :) Dave
> >>
> >> On Tue, May 6, 2014 at 10:57 AM, jim kraai  wrote:
> >> > This email contains fever-induced, half-baked thoughts. Proceed with
> >> > caution.
> >> >
> >> >
> >>
> http://it.slashdot.org/story/14/05/06/1343210/anti-virus-is-dead-but-still-makes-money-says-symantec(uh
> >> ,
> >> > I guess I'm obligated to say, "Slashdot sux" or something like that)
> >> >
> >> > The piece says "Meanwhile, other security firms including FireEye,
> >> RedSocks
> >> > and Imperva are casting doubt on AV, suggesting a focus on data loss
> >> > prevention might be better."
> >> >
> >> > I used to work at a DLP company.
> >> >
> >> > I came to view DLP is an interesting, but terribly ineffective thing.
> >> > Rather, it's effective against terribly naive agents/hackers.
> >> >
> >> > What's the general consensus here on using DLP as a way to secure home
> >> and
> >> > small business networks?
> >> >
> >> > Here's a weird way of looking at it long term:
> >> > 1. Passive:  Door locks and windows are passive security. One time
> cost
> >> > plus infrequent replacement.
> >> > 2. Active:  Home firewall/DLP/whatever that actively burns Watt/hrs
> >> > constantly which must be constantly updated against new threats
> >> > 3? Aggressive:  Due to the rapidly increasing rate of change, in the
> >> future
> >> > will we have to install things that actively, preemptively hunt down
> >> > threats, or fund some company or agency that does that for us?
> >> >
> >> > If the internet ever gets fixed via to aggressive, knee-jerk
> >> overreactions,
> >> > it might really, really suck.
> >> >
> >> > I probably need to step away from the keyboard for a bit
> >> > _______________________________________________
> >> > Cialug mailing list
> >> > Cialug at cialug.org
> >> > http://cialug.org/mailman/listinfo/cialug
> >> _______________________________________________
> >> Cialug mailing list
> >> Cialug at cialug.org
> >> http://cialug.org/mailman/listinfo/cialug
> >>
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug



More information about the Cialug mailing list