Worm never seen before

On Tue, 04 Jan 2005 15:48:23 +0000, Greg Hennessy
On Tue, 04 Jan 2005 16:23:19 +0200, "cquirke (MVP Win9x)"
wrote:

The act of owning a CD burner usually implies a certain level of 'clue'

False. Most new PCs ship with CD writers,

Most new PCs do *not* ship with CD writers.

There is no corporate I know of who would accept desktop PCs from Dell,
HPAQ or anyone else with CDRW as standard.

What has that to do with anything?

There is no corporate I know of with enough IT suss to avoid
workstation CDRW (and presumably USB sticks, hmm?) that would have
trouble making a slipstream OS CD, assuming they don't rebuild
workstations from thier own disk images anyway.

If you are saying that because the lame bland crowd can't sell
CDRW-standard configs to corporates, that they also don't offer these
to consumerland, well... that's just another reason to avoid bland
lame systems. When the cost difference between CD-ROM and CDRW is as
little as it is today, you'd have to really hate users to withhold
that functionality from them. Which means Joe Sixpack is quite likely
to have a CDRW drive out of the box, and good for him too!

Look; if you are utterly clue-resistant, just don't bother to reply,
OK? It's already obvious you made an untenable assertion, and you're
just digging yourself in deeper. Bye.



---------------- ----- ---- --- -- - - - -
Cats have 9 lives, which makes them
ideal for experimentation!
---------------- ----- ---- --- -- - - - -

On Wed, 12 Jan 2005 13:23:16 +0200, "cquirke (MVP Win9x)"
wrote:


Look; if you are utterly clue-resistant, just don't bother to reply,
OK? It's already obvious you made an untenable assertion, and you're
just digging yourself in deeper. Bye.

Most amusing from the intellect replying over a week later in some vain
attempt to have the last word.

If you cannot figure out how to use group policy to deny the use of items
such as usb mass storage, that is not the fault of the audience.

As has been pointed out elsewhere, there is no corporate with anything
resembling a sane IT procurement and IT security policy would countenance
CDRW on the desktop.




greg

--
Yeah - straight from the top of my dome
As I rock, rock, rock, rock, rock the microphone

"Greg Hennessy" wrote in message
...

As has been pointed out elsewhere, there is no corporate with anything
resembling a sane IT procurement and IT security policy would countenance
CDRW on the desktop.

Greg, if you're so sure you're dealing with facts and not an opinion, why
not give some examples of these companies that adminster an IT policy that
prohibits CDRWs?
That would at least be a good first step in support of your assertion.

On Wed, 12 Jan 2005 09:00:23 -0600, "optikl" wrote:


Greg, if you're so sure you're dealing with facts and not an opinion, why
not give some examples of these companies that adminster an IT policy that
prohibits CDRWs?
That would at least be a good first step in support of your assertion.


Try the half dozen or so banks and finance houses I've worked for in the
City of London on occasion.

Add to that a telco or three + one or two other brand leaders in
international shipping and logistics.

What our American chums to fail to realise, is that IT policies are a *lot*
more constrained on this of the pond.

I've worked on projects with USians who were incensed when the were denied
direct routed Internet access from the desktop, no p2p, vpn tunneling or
anything else.

I have written, deployed and enforced policies which would not countenance
any form of removable storage for the average desktop user.




greg



--
Yeah - straight from the top of my dome
As I rock, rock, rock, rock, rock the microphone

"Leythos" wrote in message
...

The health-care groups I work with don't permit removable media at any
general desktop computer in their offices. The servers have RW drives,
and so do some of the managers, but the hundreds of workstations don't,
and the policy forbids USB/Card devices (including PDA's) except for
those with written permission to use them.


I figured there must some exceptions. I would find it extremely difficult to
imagine my being able to transfer technical design data I have sold to
customers outside my company without having CDRW privileges as an option.
Email encryption is cumbersome for very large files and usually violates our
IT policy for the attachment size.

"Leythos" wrote in message
...
In article ,
says...

"Leythos" wrote in message
...

The health-care groups I work with don't permit removable media at any
general desktop computer in their offices. The servers have RW drives,
and so do some of the managers, but the hundreds of workstations
don't,
and the policy forbids USB/Card devices (including PDA's) except for
those with written permission to use them.


I figured there must some exceptions. I would find it extremely
difficult to
imagine my being able to transfer technical design data I have sold to
customers outside my company without having CDRW privileges as an
option.
Email encryption is cumbersome for very large files and usually violates
our
IT policy for the attachment size.

That's why you setup FTP access and encode the file with a password. You
give the clients a directory based on their name, user/password, and
they can pull the file(s) using FTP. Simple, easy, works like bread and
Applebutter.

--
--

(Remove 999 to reply to me)

"Leythos" wrote in message
...
That's why you setup FTP access and encode the file with a password. You
give the clients a directory based on their name, user/password, and
they can pull the file(s) using FTP. Simple, easy, works like bread and
Applebutter.

That's very interesting. I need to talk with my IT folks about this. Thanks.

On Wed, 12 Jan 2005 11:59:00 -0600, "optikl" wrote:



I figured there must some exceptions. I would find it extremely difficult to
imagine my being able to transfer technical design data I have sold to
customers outside my company without having CDRW privileges as an option.

That's what extranet and EDI connections are for.

Email encryption is cumbersome for very large files and usually violates our
IT policy for the attachment size.

Email encryption is not cumbersome if some T&E is spent implementing TLS
properly and configuring it to be the only option between you and your
customers.

--
Yeah - straight from the top of my dome
As I rock, rock, rock, rock, rock the microphone

On Wed, 12 Jan 2005 14:03:31 -0600, "optikl" wrote:


"Leythos" wrote in message
...
That's why you setup FTP access and encode the file with a password. You
give the clients a directory based on their name, user/password, and
they can pull the file(s) using FTP. Simple, easy, works like bread and
Applebutter.

That's very interesting. I need to talk with my IT folks about this. Thanks.

If they are paranoid about that, set up ftp access such only their cidr
block gets access to the server.



greg


--
Yeah - straight from the top of my dome
As I rock, rock, rock, rock, rock the microphone

"Greg Hennessy" wrote in message
...
On Wed, 12 Jan 2005 14:03:31 -0600, "optikl"
wrote:


"Leythos" wrote in message
...
That's why you setup FTP access and encode the file with a password.
You
give the clients a directory based on their name, user/password, and
they can pull the file(s) using FTP. Simple, easy, works like bread and
Applebutter.

That's very interesting. I need to talk with my IT folks about this.
Thanks.

If they are paranoid about that, set up ftp access such only their cidr
block gets access to the server.

Thanks, Greg. And they probably will be a bit paranoid about this. Our
systems and procedures have to satisfy DoD requirements.

"Leythos" wrote in message
...

Thanks, Greg. And they probably will be a bit paranoid about this. Our
systems and procedures have to satisfy DoD requirements.

Then you can do like he said and set the firewall such that not only do
they need a user/password, but they are in a FTP rule that only allows
IP-Range access to it.

You could also consider a web interface to the site - one that still
does authentication, but also provides SSL based access.


I appreciate your suggestion. It would simplify delivery, since I would only
have to deliver to a share and my customers could pull the deliverables as
needed. They could also upload specifications, which would eliminate me from
having to distribute these to my engineers. Thanks.

Greg Hennessy wrote:


As has been pointed out elsewhere, there is no corporate with anything
resembling a sane IT procurement and IT security policy would countenance
CDRW on the desktop.



Please provide an IT industry White Paper or some other professional
literature to support this seemingly absurd assertion.


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

Folks, I don't think throwing accusations back and forth about which organizations
do what is adding any value here.

I've spent time with customers of all sizes. And, regardless of size, about
50% of them do buy PCs with removable storage and 50% don't.

There are organizations that conduct an analysis of the risks vs. the benefits
and decide that the benefits of removable storage, for their business needs,
outweigh any potential risks they face. There are other organizations that
conduct the same analysis and decide that, for them, the risks outweigh any
business benefits. People are not stupid; they are capable of analyzing their
own risk environments and making good decisions in light of their required
functionality. (As in any binary division of human attitudes and actions,
there's really always a third group: the people who just don't care. In this
instance, though, my experience indicates that's a small number.)

Let those who choose to purchase removable storage be comfortable with their
decisions and remember to manage the risk, whatever it might be, appropriately.
And let those who choose not to purchase removable storage also be comfortable
with their decisions and help their users understand and abide by the restrictions.

Steve Riley




Greg Hennessy wrote:

As has been pointed out elsewhere, there is no corporate with
anything resembling a sane IT procurement and IT security policy
would countenance CDRW on the desktop.

Please provide an IT industry White Paper or some other professional
literature to support this seemingly absurd assertion.

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH

In article ,
says...

"Leythos" wrote in message
...

The health-care groups I work with don't permit removable media at any
general desktop computer in their offices. The servers have RW drives,
and so do some of the managers, but the hundreds of workstations don't,
and the policy forbids USB/Card devices (including PDA's) except for
those with written permission to use them.


I figured there must some exceptions. I would find it extremely difficult to
imagine my being able to transfer technical design data I have sold to
customers outside my company without having CDRW privileges as an option.
Email encryption is cumbersome for very large files and usually violates our
IT policy for the attachment size.

CDs to customers need company logos, legal stuff, etc, and must be
definitively SAFE, so you personally shouldn't be writing them - you
should be giving your files to a dedicated CD production unit who do all
the necessary stuff, including exhaustive antivirus checking.
--
Our town is just like any other: good citizens at work and play;
Normal folks doin' business in the normal way.
This morning was like any other: mommies kissing daddies goodbye;
Then the milkman screamed and pointed up at the sky...

On Wed, 12 Jan 2005 17:25:40 -0600, "optikl" wrote:


That's very interesting. I need to talk with my IT folks about this.
Thanks.

If they are paranoid about that, set up ftp access such only their cidr
block gets access to the server.

Thanks, Greg. And they probably will be a bit paranoid about this. Our
systems and procedures have to satisfy DoD requirements.

If that's the case, it'll be a site to site vpn to carry the extranet
traffic.



greg


--
Yeah - straight from the top of my dome
As I rock, rock, rock, rock, rock the microphone