As I'm sure everyone has heard the Department of Defense has decided to ban all removable media from their computer systems, mostly due to viruses running rampant throughout the (presumably) otherwise secure networks.
Now, people have pointed out that this is a pretty drastic step. After all, there are other ways of handling things that could have theoretically prevented this particular problem without inconveniencing users quite so much. Up to date virus scanners, security policies disabling autorun, restricted privileges on user accounts - all of these things would have helped reduce the ability of such a virus to spread. They should all be considered pretty basic measures in any reasonably high security environment, and it's quite possible that they were at least partially in place.
But there's an elephant in the room that I haven't seen anyone else mention, and would like to point out. Microsoft declared its security Initiative in 2002. In the six years since, we've had two major service packs, and a whole new OS.
So will someone please, please, please tell me why, in this day and age where security breaches make the news weekly, the default behavior for Windows is still to take any newly inserted media and automatically try as hard as possible to run whatever it happens to find on it? It was simply annoying on Windows 95, but it's downright dangerous now.
Come on, Microsoft. I would expect that any operating system that calls itself "Professional" would show a little more restraint than a two year old trying to eat a piece of gum it just peeled off a New York sidewalk. Time for Windows to grow up a little and break this dirty habit.
No comments:
Post a Comment