[Cialug] Home DLP, Anyone?

David Champion dchamp1337 at gmail.com
Tue May 6 13:13:45 CDT 2014 

Symantec AV has been dead for a long time. I've seen several PC's running
Symantec that have all kinds of virus / spyware on them. It's nearly as
worthless as McAffee.

-dc


On Tue, May 6, 2014 at 12:52 PM, <j.bengtson at mchsi.com> wrote:

> If we didn't need to persist SOME data, we could just use a live CD and
> reboot every couple of hours or so.  You don't have to worrry so much about
> viruses, worms, and other miscellaneous malware because they're gone when
> you reboot.
>
> ----- Original Message -----
> From: jim kraai
> To: Central Iowa Linux Users Group
> Sent: Tue, 6 May 2014 11:57:36 -0500 (CDT)
> Subject: Re: [Cialug] Home DLP, Anyone?
>
> I have relatives, a couple, who have explicitly, intentionally done what
> you suggested on the, arguably flawed, assumption that they have nothing to
> hide and nothing worth stealing.  They now pay best buy $300/yr on some
> blanket security/repair plan, $100+/yr on cloud backup, and I spend about
> 50 hrs/yr helping them deal with the problems that aren't covered by the
> commercial services
>
> So, that's my current mental model for how wanton neglect benefits normal
> users.
> On May 6, 2014 11:42 AM, "Dave Hala"  wrote:
>
> > My day job is fairly dull this time of year, so I guess you could say
> > those thoughts are born of boredom.
> >
> > :) Dave
> >
> > On Tue, May 6, 2014 at 11:25 AM, jim kraai  wrote:
> > > If that was very zen or sarcastic, I get it :-)
> > >
> > > I remember an old sci-fi story about a world that was polluted with
> > > quadrillions of little surveillance lense/transmitter things.  There
> was
> > no
> > > way to tell who produced a given lens or even whether one was of
> civilian
> > > or commercial origin.  The protagonist struggled with the problem of
> > > keeping all of them out of his house, meticulously vacuuming, etc.,
> > > spending a significant portion of his time and resources on the
> problem.
> > > In the way that such stories end, he finally gave up and dove into a
> > > swimming pool sized pile of them.
> > >
> > > You raise a good point.  Who's paying you to say such things?  Does it
> at
> > > least pay the mortgage?  :-)
> > >  On May 6, 2014 11:09 AM, "Dave Hala"  wrote:
> > >
> > >> Try approaching the problem from a different perspective, by asking
> > >> the question: What If do nothing? or What if I do the same thing as
> > >> everyone else?
> > >>
> > >> (I'm *not* suggesting doing nothing.)
> > >>
> > >> :) Dave
> > >>
> > >> On Tue, May 6, 2014 at 10:57 AM, jim kraai  wrote:
> > >> > This email contains fever-induced, half-baked thoughts. Proceed with
> > >> > caution.
> > >> >
> > >> >
> > >>
> >
> http://it.slashdot.org/story/14/05/06/1343210/anti-virus-is-dead-but-still-makes-money-says-symantec(uh
> > >> ,
> > >> > I guess I'm obligated to say, "Slashdot sux" or something like that)
> > >> >
> > >> > The piece says "Meanwhile, other security firms including FireEye,
> > >> RedSocks
> > >> > and Imperva are casting doubt on AV, suggesting a focus on data loss
> > >> > prevention might be better."
> > >> >
> > >> > I used to work at a DLP company.
> > >> >
> > >> > I came to view DLP is an interesting, but terribly ineffective
> thing.
> > >> > Rather, it's effective against terribly naive agents/hackers.
> > >> >
> > >> > What's the general consensus here on using DLP as a way to secure
> home
> > >> and
> > >> > small business networks?
> > >> >
> > >> > Here's a weird way of looking at it long term:
> > >> > 1. Passive:  Door locks and windows are passive security. One time
> > cost
> > >> > plus infrequent replacement.
> > >> > 2. Active:  Home firewall/DLP/whatever that actively burns Watt/hrs
> > >> > constantly which must be constantly updated against new threats
> > >> > 3? Aggressive:  Due to the rapidly increasing rate of change, in the
> > >> future
> > >> > will we have to install things that actively, preemptively hunt down
> > >> > threats, or fund some company or agency that does that for us?
> > >> >
> > >> > If the internet ever gets fixed via to aggressive, knee-jerk
> > >> overreactions,
> > >> > it might really, really suck.
> > >> >
> > >> > I probably need to step away from the keyboard for a bit
> > >> > _______________________________________________
> > >> > Cialug mailing list
> > >> > Cialug at cialug.org
> > >> > http://cialug.org/mailman/listinfo/cialug
> > >> _______________________________________________
> > >> Cialug mailing list
> > >> Cialug at cialug.org
> > >> http://cialug.org/mailman/listinfo/cialug
> > >>
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>

More information about the Cialug mailing list