Fox Fox

Niner since 2004


  • Michael Howard - When does threat modeling come into play?

    You seriously NEED to browse the internet on a server? Or even on a DC?

    I agree that turning off features rather than fixing security problems in them is not the right way to go. But disabling unnecessary features to increase security is something I'd definitely support.

    And I didn't understand this to be Microsoft's way of dealing with security issues in general but just as an example how you can minimize the possible area of attack. Especially as in this case (admin surfing the internet on a PDC) you don't even need a bug or a security problem to mess things up - the admin is doing all that on his own.
  • Michael Howard - What if we had an unattackable system?

    I agree that educating the end-user is one of the most important aspects in computer security but it only works if the system itself is secure enough.

    Take a look at the latest waves of email-viruses: They are disguised as error messages from email-servers or antivirus-filters and even educated users tend to open these messages. The more educated the users get, the "better" the viruses, trojans, etc. will get.
    At this point only the combination with secure software and a secure software will do the trick and provide an acceptable level of overall security. The important thing is not to wait for the users to get more educated before you make your systems more secure or the other aorund. This has to be a development that goes hand-in-hand.
  • Michael Howard - When does threat modeling come into play?

    I agree that browsing the internet on a DC or any other server is something you just don't do. And implementing a high security default in IE is certainly a good way to lower the risk of it, but why not go all the way and disable internet access via IE (or any other browser) on server systems completely? No "good admin" would use it anyway and it certainly would make life easier for those companies whose admins do.