No one is criticizing the role of SNS or lack of professionalism. There
is no worry or stress, just questioning the rational behind the lack of
disclosure.
It is important for SNS to make sure that the endpoint user knows
exactly what the installed software does - both risks and benefits. If
this information is not supplied, then it does seem like SNS is trying
to act as 'big brother'.
There are many people on campus who may be interested in having their
installation of Symantec software centrally managed, but it should be an
option for the endpoint user NOT to have it managed.
I believe that the systems that were compromised in May 2006 were
installed with the "managed" option of Symantec AntiVirus and NOT those
installed with the "unmanaged" standalone option. Please correct me if
I am wrong.
The "custom" version is a managed version. Symantec states that the new
versions of the software have been corrected, but as an option, it
should still be up to the endpoint user to choose which version to install.
Bruce C. Beattie wrote:
> I would think that it would be less stressful worrying about whether SNS
> was trying to act as Big Brother, then to worry about finding the time
> to rebuild all the systems that were compromised due to a lack of
> warning from SNS.
> Just my 2¢
> Bruce
>
> Michael Green wrote:
>
>> John D. MacDonald wrote:
>>
>>> I may be alone in this, and I'm sorry if it sounds picky, but it seems
>>> like it would be extremely useful to have the non-"custom" SAV download
>>> available separately from the full 500MB SCS Admin Disc. I know that
>>> for me, having to download the full 500MB disc to extract the XP SAV
>>> client with each version update is tedious. And when configuring
>>> laptops, or other machines that aren't getting a pre-rolled ghost image,
>>> you always want to install and update SAV before connecting it to the
>>> network, so it means a 500MB download via AirBears unless I happen to
>>> have the current SAV on a USB stick with me.
>>>
>>> Of course, if I'm the only one who gets stuck like that, then nevermind.
>>>
>>> John
>>>
>>>
>>>
>> John,
>>
>> I can understand, based on your description above of the effort it takes
>> to get a generic installation done, why you would want to be able to be
>> able to just download just the generic XP SAV directly from
>> software.berkeley.edu.
>>
>> Allison and I were talking about this yesterday. My initial thought was
>> that we should provide both customized and non-customized versions so
>> that folks that don't want to send logs to SNS don't have to go through
>> lots of extra steps. Allison pointed out that maintaining several
>> versions of the installer is fairly difficult. We are not strongly
>> opposed to providing multiple versions of the Symantec client security
>> software, but fewer versions are definitely desirable from a support
>> point of view.
>>
>> I would like to better understand objections to having the Symantec
>> software send logs to SNS. I agree that we should have more clearly
>> communicated that the UCB Custom version of the installer configures the
>> software to send logs to SNS. It was not our intent to obscure what we
>> are doing. We are a security service for the campus. If we are doing
>> something that is not helping, then we should stop doing that thing.
>> From my point of view, which is obviously biased, the logs that we get
>> from the client Symantec installations help us identify systems that are
>> not keeping their Symantec software updated so that we can notify the
>> security contact responsible for that machine that we see something that
>> is of concern. Neither Allison or I can think of any reasonable way
>> that SNS could use the UCB Custom version of the Symantec software to
>> gain access to host machines that have it installed.
>>
>> If we are causing support problems by providing only the UCB Custom
>> version, then it is obviously worthwhile to provide multiple versions of
>> the installer on software.berkeley.edu.
>>
>> Michael Green
>> IST, Infrastructure Applications Manager
>> 642-2039
>>
>>
>> -------------------------------------------------------------------------
>> The following was automatically added to this message by the list server:
>>
>> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>>
>> http://micronet.berkeley.edu
>>
>> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
>>
>
>
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
>
-- Bruce Satow Space Physics Research Group Space Sciences Laboratory University of California Berkeley, California 94720-7450 (510) 643-2348
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:
To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Received on Thu Dec 13 2007 - 14:01:45 PST
This archive was generated by hypermail 2.2.0 : Thu Dec 13 2007 - 14:01:45 PST