Attachment Security, Part Deux

hi-tech blog » Blog Archive » Human nature and email attachment security

Thu, 11 Dec 2008 06:41:35 GMT

PingBack from http://blog.hi-tech-sw.net/2008/12/11/human-nature-and-email-attachment-security/

Human nature and email attachment security | MS Tech News

Human nature and email attachment security | MS Tech News — Tue, 28 Oct 2008 01:22:52 GMT

PingBack from http://mstechnews.info/2008/10/human-nature-and-email-attachment-security/

Human nature and email attachment security

KC on Exchange and Outlook — Mon, 13 Oct 2008 20:07:07 GMT

Dare's post about human nature touches on UAC in Vista: How do you design a dialog prompt to warn users

re: Attachment Security, Part Deux

Dean Harding — Tue, 21 Jun 2005 05:15:03 GMT

Might be a bit late to chime here, but...

The problem (that I see) with blocking attachments by extension is that it means that ligitimate attachments which are .exe or whatever (it happens, I'll often find some cool tool on the net and forward it 'round to my team mates) means that we need to create "workarounds" like zipping the .exe first.

But of course, that just conditions users to open a virus in Winzip and run it from there... so then you block .exe-in-.zip files, and ligitimate people have to work around /that/ and that just conditions people to..., and so on.

It's kind of like that feature in OSX where if you run something that needs admin privileges, it pops up a dialog asking for the password. All that does is condition people to type in their admin password all time and all it takes is someone to create a copy of that dialog in their phishing app, and away it goes!

(By the way, I don't use OSX so maybe that dialog is just an urban legend, I don't know...)

Weekend reading

subject: exchange — Tue, 14 Jun 2005 19:26:41 GMT

re: Attachment Security, Part Deux

KC Lemson [MSFT] — Fri, 10 Jun 2005 03:26:47 GMT

Chaz: I saw on that blog that you found the new URL, sorry - I changed 'kc' to 'cynical' as I didn't want people who googled my name to find that one *first*, since they were probably looking for this one instead :-)

Peter: In general I agree, but it's difficult to ignore ignorance in such cases :-) I totally agree in the effectiveness of simple file-extension-blocking filters, both on the client and server. When we first did the Outlook block for attachments, it seemed like such a major step, to completely block access... now it's a given.

re: Attachment Security, Part Deux

Peter — Tue, 07 Jun 2005 12:23:37 GMT

I know you didn't write this post to rebut them, but Slashdot posters should generally be ignored.

Nothing cures user apathy about attachments like a good virus infection. After the owner of our company opened an unknown attachment and spread a virus throughout the network, the incidence of people doing that dropped to zero.

Also, a good Exchange-based attachment blocking by extension filter does wonders. We have been protected from several new viruses before the signatures were updated just by blocking executable attachments at the gateway.

re: Attachment Security, Part Deux

chaz — Tue, 07 Jun 2005 09:27:42 GMT

http://lemson.typepad.com/kc/
has been sitting in my bookmarks for a while. Also googled you and got the same url. Perhaps I'm just being a bit dim...

re: Attachment Security, Part Deux

KC Lemson [MSFT] — Mon, 06 Jun 2005 00:00:26 GMT

What URL are you using for typepad? I'm not having a problem.

re: Attachment Security, Part Deux

chaz — Sun, 05 Jun 2005 23:10:11 GMT

Good article.

Did you know your typepad blog is down?