[Cialug] Home DLP, Anyone?
Scott Yates
Scott at yatesframe.com
Tue May 6 13:38:46 CDT 2014
> Anyone else ever own a punch for 5 1/4“ floppies?
/me raises hand
On Tue, May 6, 2014 at 1:17 PM, jim kraai <jimgkraai at gmail.com> wrote:
> Physical read-only switches on hardware storage devices would help with
> that, also.
>
> Anyone else ever own a punch for 5 1/4“ floppies?
> On May 6, 2014 12:53 PM, <j.bengtson at mchsi.com> wrote:
>
> > If we didn't need to persist SOME data, we could just use a live CD and
> > reboot every couple of hours or so. You don't have to worrry so much
> about
> > viruses, worms, and other miscellaneous malware because they're gone when
> > you reboot.
> >
> > ----- Original Message -----
> > From: jim kraai
> > To: Central Iowa Linux Users Group
> > Sent: Tue, 6 May 2014 11:57:36 -0500 (CDT)
> > Subject: Re: [Cialug] Home DLP, Anyone?
> >
> > I have relatives, a couple, who have explicitly, intentionally done what
> > you suggested on the, arguably flawed, assumption that they have nothing
> to
> > hide and nothing worth stealing. They now pay best buy $300/yr on some
> > blanket security/repair plan, $100+/yr on cloud backup, and I spend about
> > 50 hrs/yr helping them deal with the problems that aren't covered by the
> > commercial services
> >
> > So, that's my current mental model for how wanton neglect benefits normal
> > users.
> > On May 6, 2014 11:42 AM, "Dave Hala" wrote:
> >
> > > My day job is fairly dull this time of year, so I guess you could say
> > > those thoughts are born of boredom.
> > >
> > > :) Dave
> > >
> > > On Tue, May 6, 2014 at 11:25 AM, jim kraai wrote:
> > > > If that was very zen or sarcastic, I get it :-)
> > > >
> > > > I remember an old sci-fi story about a world that was polluted with
> > > > quadrillions of little surveillance lense/transmitter things. There
> > was
> > > no
> > > > way to tell who produced a given lens or even whether one was of
> > civilian
> > > > or commercial origin. The protagonist struggled with the problem of
> > > > keeping all of them out of his house, meticulously vacuuming, etc.,
> > > > spending a significant portion of his time and resources on the
> > problem.
> > > > In the way that such stories end, he finally gave up and dove into a
> > > > swimming pool sized pile of them.
> > > >
> > > > You raise a good point. Who's paying you to say such things? Does
> it
> > at
> > > > least pay the mortgage? :-)
> > > > On May 6, 2014 11:09 AM, "Dave Hala" wrote:
> > > >
> > > >> Try approaching the problem from a different perspective, by asking
> > > >> the question: What If do nothing? or What if I do the same thing as
> > > >> everyone else?
> > > >>
> > > >> (I'm *not* suggesting doing nothing.)
> > > >>
> > > >> :) Dave
> > > >>
> > > >> On Tue, May 6, 2014 at 10:57 AM, jim kraai wrote:
> > > >> > This email contains fever-induced, half-baked thoughts. Proceed
> with
> > > >> > caution.
> > > >> >
> > > >> >
> > > >>
> > >
> >
> http://it.slashdot.org/story/14/05/06/1343210/anti-virus-is-dead-but-still-makes-money-says-symantec(uh
> > > >> ,
> > > >> > I guess I'm obligated to say, "Slashdot sux" or something like
> that)
> > > >> >
> > > >> > The piece says "Meanwhile, other security firms including FireEye,
> > > >> RedSocks
> > > >> > and Imperva are casting doubt on AV, suggesting a focus on data
> loss
> > > >> > prevention might be better."
> > > >> >
> > > >> > I used to work at a DLP company.
> > > >> >
> > > >> > I came to view DLP is an interesting, but terribly ineffective
> > thing.
> > > >> > Rather, it's effective against terribly naive agents/hackers.
> > > >> >
> > > >> > What's the general consensus here on using DLP as a way to secure
> > home
> > > >> and
> > > >> > small business networks?
> > > >> >
> > > >> > Here's a weird way of looking at it long term:
> > > >> > 1. Passive: Door locks and windows are passive security. One time
> > > cost
> > > >> > plus infrequent replacement.
> > > >> > 2. Active: Home firewall/DLP/whatever that actively burns
> Watt/hrs
> > > >> > constantly which must be constantly updated against new threats
> > > >> > 3? Aggressive: Due to the rapidly increasing rate of change, in
> the
> > > >> future
> > > >> > will we have to install things that actively, preemptively hunt
> down
> > > >> > threats, or fund some company or agency that does that for us?
> > > >> >
> > > >> > If the internet ever gets fixed via to aggressive, knee-jerk
> > > >> overreactions,
> > > >> > it might really, really suck.
> > > >> >
> > > >> > I probably need to step away from the keyboard for a bit
> > > >> > _______________________________________________
> > > >> > Cialug mailing list
> > > >> > Cialug at cialug.org
> > > >> > http://cialug.org/mailman/listinfo/cialug
> > > >> _______________________________________________
> > > >> Cialug mailing list
> > > >> Cialug at cialug.org
> > > >> http://cialug.org/mailman/listinfo/cialug
> > > >>
> > > > _______________________________________________
> > > > Cialug mailing list
> > > > Cialug at cialug.org
> > > > http://cialug.org/mailman/listinfo/cialug
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
More information about the Cialug
mailing list