[conspire] computer security

Rick Moen rick at linuxmafia.com
Sat Mar 6 14:22:59 PST 2021 

Quoting Paul Zander (paulz at ieee.org):

> From time to time, Rick has repeated an amusing analogy to computer
> security.  A detective agency will post a guard by the bank vault. 
> The guard has a photos of Al Capone, Machine Gun Kelly and other known
> criminals and will prevent them from getting into the bank.  Since
> Bonnie and Clyde have just started their capers, their photos are not
> in the book.

It's a trope I _probably_ stole from Bruce Schneier.  (Steal from the
best, I always say.)

> In reading the BBC news I found that none other than John McAffee has
> been charged with tax evasion and manipulation of crypto
> currencies. https://www.bbc.com/news/technology-56300593

McAfee has been a Runyon-esque character (that's the genteel way of
saying it) for a long time -- the sort of guy you enjoy hearing about
but never want to have in your life.

The Beeb has, I see, a bio of his checkered tale, linked from the piece
you cite:  https://www.bbc.com/news/technology-24441931

There are many striking bits in that bio article, but I'll just excerpt
this bit claiming to be McAfee's own reminiscence to make a point:

  "I protect myself by constantly changing my IP [internet protocol]
  address, by not attaching my name to any device I use, and by not going
  on to sites where you might pick up a virus.

  "Porn sites, for example, I just don't go there.

  "Secondly, I practise safe computing. If someone sends me an email with
  a link, I'm not going there until I can call the person to verify that
  they sent me the email.

  "It sounds absurd to live that way, but I would rather trust my own
  devices and thoughts than someone else's software."

My point:  It's evident that this guy who founded an anti-virus /
computer security company really doesn't understand the basics of that
topic.

Anyone who's studied the topic in detail is going to arrive at the
conclusion that the way to not be harmed by remotely sited programs is 
to make sure you will not execute them, i.e., to exercise adequate 
control over what your computer is willing to run, and run only the
code you want it to.

The sort of unfocussed paranoia McAfee is quoted as voicing is the mark
of a rank amateur.  It's been my experience that the anti-virus /
computer security industry has more than its share of such people,
that it has a large bushwah quotient.


> But wait, there's more.  In a related article, we find that McAffee
> got into anti-virus because he thought it would be a lucrative
> business AND he does not use his company's products himself!

Quite.  And that is reflected in the quotation I cite above.

More information about the conspire mailing list