24 Nov
2003
24 Nov
'03
5:01 p.m.
On Mon, 24 Nov 2003 21:50:48 GMT, "Stephen J. Wilcox" said:
Nor does it stop the user inviting an exploit to run on their PC, eg web download, email attachment.. based on seeing plenty of virused/exploited machines at companies I've worked at which all had AV, FW, NAT etc they still had the human factor who would override a warning because they got sent what looks like a joke email with an attached .scr that later turns out to be a new virus/worm..
The average user will say "OOH! SHINY!! [clicky-click]" when offered content promising either dancing hampsters or pop stars wearing less clothing than appropriate. Any security model that doesn't allow for this is doomed to failure.