We prevent computer problems
The iPad Hype: Much Ado About Nothing?
Apple Computers (yes, that is what it originally was) recently announced a new iPhone-like mobile computing device called the iPad. Unless you live in the most remote of Islands, I'm sure that is all you've heard or read about in the past week. As neat as many of its features are, it is still missing a lot. As with anything made by Apple, the hype get to you. While the tablet form factor has b...
Astaro Releases Free Edition for Small Businesses
Astaro Corporation, a leading network security vendor, recently announced the launch of the Essential Firewall edition of its flagship security solution Astaro Security Gateway (ASG), available for free to all organizations worldwide. The Essential Firewall edition is claimed to include all the necessary functionality that all organizations need to secure their networks and operate a successful bu...
Software Vendors Encourage Security Lapses
I am now convinced that computer software vendors, knowingly or otherwise, help perpetuate insecure computer practices. They do this by the ridiculous practice of pushing out updates through executable files which ninety-eight percent of the time will get blocked by the security software we encourage users to install on their systems. You get a notification that an update is available, and you cli...

Software Vendors Encourage Security Lapses

Posted By: Daniel on January 21, 2010 in Ethics, Featured, Malware, Vulnerabilities, Web Technology - Comments: No Comments »

I am now convinced that computer software vendors, knowingly or otherwise, help perpetuate insecure computer practices. They do this by the ridiculous practice of pushing out updates through executable files which ninety-eight percent of the time will get blocked by the security software we encourage users to install on their systems. You get a notification that an update is available, and you click on the “update now” button and sit there and wait, and wait, and wait….

Then it suddenly hits you that the update process may not be working and sure enough, when you check the application log, a firewall blocked the download of an exe file – which is what we want our firewall to do. At this point, most users will either allow the download of the executable file, or those who have some form of central management will change their security policy to allow .exe files so they can update all computers at home or at work. The problem is that many do not remember to turn the policies back on or re-apply the block policy at the desktop level. What follows is a free-for-all for drive-by downloads.

I just spent the past week cleaning up computers that were infested with all kind of viruses and rootkits. Investigation revealed that security policies were relaxed so the client could “get rid of the damn popups”. There has to be a better way of pushing out updates than through exe files – and it is not enough for vendors to force “download managers” on users either because a centrally managed security policy will still block the executable file. It used to be safe to add vendor sites to safe lists, but with web address spoofing and hijacking getting more sophisticated, that is not as clear-cut as it once was.

Remember, we are talking about small business environments here. The big corporations have dedicated support staff that will take the update process through its paces and test to make sure they are safe before deploying to users. Small businesses do not have that luxury. Many are self-managed environments and most do not have the patience to vet every software that prompts for an update. Worse still, if the vendor is a “known” name like Microsoft and Adobe, they are trusted.

Post to Twitter Tweet This Post

Tags: , , , , , , ,

Leave a Reply

Spam Protection by WP-SpamFree

Powered by 7feeds

Categories

Recent Posts

Blogroll

Archives

Tech Prognosis Blog
© 2010 Tech Prognosis. All Rights Reserved | Designed By Appchain