Library IT News

blog navigation

blog posts

  • Getting Ahead of the Curve

Comments

rslater@illinois.edu Nov 23, 2009 12:22 pm

Okay, so I have no idea how implementable or costly this would be, but what about only authorizing the install of files from a particular location (mapped network drive, etc) by any user (admin or regular). Then, users could only install/add vetted software (or even add-ons) to their machines. This is an approach I've recently encountered with my HP mini MI (netbook). It runs a HP flavor of Ubuntu, and they only allow you to install applications from their "authorized" apps list/site (that they maintain). If you want to install non-approved software, you either need to request it be added to the list/site, or "break" the OS to circumvent the restrictions. It has proven moderately annoying on some occasions (they don't have touch-freeze as an app, for instance :P ) but the entire time I kept thinking to myself "Here's a netbook I can buy my parents and have 0 - or far fewer- remote support issues to deal with."

Reply to rslater@illinois.edu at 12:22 pm
jmhamltn@illinois.edu Nov 24, 2009 1:17 am

LifeHacker has an article on "Protecting yourself from drive-by malware" here: http://lifehacker.com/5410941/protect-yourself-from-drive by-browser-malware-attacksBut frankly, I think it misses the mark. It negatively affects the browsing experience for security and I highly doubt this is something most of our users would trade for. Most of the configurations are controlled inside of the Firefox profile, which is really not enforceable from our perspective.I think one example of this reaction can be found to the resounding accusations that resulted from McAfee Site Advisor being installed by default with the antivirus. Site Advisor might help address the issue by directing users away from known bad sites, but most often by time a site makes it into a black list, it's already closed up shop and popped up at some other domain.One of my tasks within the next month will be moving all of our systems to the antivirus ePo 4.5 and updating systems to the latest version of the antivirus engine. If this doesn't seem to help the issue, perhaps we should be looking into something like ThreatFire to help subsidize our antivirus?I assume most users would not want to follow all the steps in the LifeHacker article I linked to at the beginning, but perhaps we can create a similar guideline that would allow those users that are willing to, can know and follow our best practices. Just getting most people to do their general browsing (unfortunately some special University sites require IE) in Firefox might save us quite a bit of pain.

Reply to jmhamltn@illinois.edu at 1:17 am