Stories
Slash Boxes
Comments
typodupeerror delete not in

Comments: 1 +-   Antivirus Inventor: Security pros are wasting time-> on Thursday February 07 2008, @12:20AM talkinsecurity

Submitted by talkinsecurity on Thursday February 07 2008, @12:20AM
security
talkinsecurity writes "Peter Tippett, chief scientist at the ICSA and the inventor of the progam that became Norton Antivirus, had some interesting things to say Monday about the state of the security industry. In a nutshell, Tippett warned that about a third of the work that security departments do today is a waste of time. Tippett goes on to systematically blow holes in a lot of security's current best practices, including vulnerability research/patching, strong passwords, and the product evaluation process. Some of his arguments are definitely debatable, but there is a lot of truth to what he's saying as well. It definitely makes you think. http://www.darkreading.com/document.asp?doc_id=145224&WT.svl=news1_1"
Link to Original Source
submission

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More
Loading... please wait.
  • Probably the way that effort is spent could be improved but comparing vulnerabilities to the possibility of someone shooting an arrow through a sunroof is a gross exaggeration. There is a black market for finding and attacking vulnerabilities and last I heard there is no black market for finding new ways to kill car drivers.

    Regarding effectiveness, the biggest bang for the buck is user education for preventing social engineering, but you can also waste insane amounts of effort trying to eradicate human stup
"If anything can go wrong, it will." -- Edsel Murphy