haute secure... they improve and they grow
Ok, so a previous build of Haute Secure (well, the x64 build anyway) that I was given was a bit of a geekfest - manual copying of files and registering of dlls and all that fun stuff.
Removing the previous x64 beta was a bit of a pain ... manual deletion of files and directories... manual deregistration of a few dlls... nothing to sweat over for the experienced, but a killer for the man in the street... that being said, the most recent build is a new beast... very smooth, very sweet, and no need to manually copy anything, no manual registration of dlls (not even for the x64 version thank you very much)!!!
So let's have a look at what we have got here...
The firstrun screen...
Not much of a change re the "test it now" page:
There isn't that much of a change yet re the alert page either...
IMPORTANT NOTE: WE'RE DISCUSSING A ***BETA*** PRODUCT... THE ENTIRE PURPOSE OF A BETA IS TO IMPROVE THE END PRODUCT SO PLEASE DO NOT TAKE ANYTHING THAT I SAY AS A CRITICISM PER SE.... IT IS MORE A ......GUIDANCE DURING THE MATURING OF THE PRODUCT
Ok, so my primary concern at the moment, now that the installer is developing nicely, is the user experience - Haute Secure is simply too chatty. I've noticed that the product is.... dare I say indiscriminate... regarding alerts. I'll receive alerts simply because a site uses Feedburner..
or blogger.com
or a Google service (in this case, myspace.com):
You see... here's the thing.. I deal with end users on a day to day basis... you know the type.. the computer is broken if the monitor is turned off and there is nothing on screen.. and the type who will open phishing emails because "I'm the Finance Manager .... "of course I'm going to open an email about an invoice"... Ok, says me, why the hell would we be buying from Dell UK when we're in Australia... hmmm???? Call me crazy, but I expect people to question whether or not an email is legitimate instead of blindly clicking on a hyperlink that is no more than an alphanumeric address .... but I allow my frustrations to distract me.
Haute is noisy. Throwing an alert simply because a site is at googlesyndication.com is simply not good enough... don't throw out the baby with the bathwater.
Now, I admit, I have blocked numerous sites in an office environment for security and company policy reasons - myspace, facebook, blogger.com and stuff - but what do you think is going to happen if I unblock the site and Haute throws up an alert about *all* pages at myspace, or blogger.com or whatever, with no distinction made as to whether or not a page is actually infected... yep, you guessed it, Huate is going to be ignored - the higher the noise level, the greater the risk that we will be disregarded.
It is a fine line that we walk... we have to *educate* but we cannot be the modern version of Chicken Little. The more that we throw up alerts, the more likely it is that we will be ignored. Yes myspace is a problem... and blogger.com is a problem... but please, if we warn about too many domains too quickly we will be ignored or our users will rebel and find a way around our restrictions. Just like Chicken Little we will be ignored when the sky really is falling.... Don't simply block sites wholesale .. EDUCATE your users... teach them about the warning signs... because I can promise you this.... yes, there are sites with specific security related problems - problems that continue and recur, but the real growth industry is the hacked site hosted on a COLO... the legitimate web site that has been hacked and hits you with a "what the f**k was that" exploit.
Teach and train... train and teach... scare them if you have to - tell your users about the latest trick being used by the spammers or the bad guys... you *cannot* protect your users from all bad guys.. but you can educate them so that they have a fighting chance of spotting things for themselves... but that being said, avoid wholesale black-listing of all pages on a domain, no matter whether they are infected or not...
Haute Secure has a fantastic potential... IF they don't turn into Chicken Little... :o)
VERY IMPORTANT DISCLAIMER:... I'M TALKING ABOUT A *BETA* PRODUCT.... THE PRIMARY REASON FOR BETAS IS TO FIND BUGS OR OTHER ISSUES WITH SOFTWARE.... PROBLEMS, BUGS, DISAGREEMENT ABOUT HOW THINGS SHOULD WORK ETC ARE TO BE EXPECTED WITH AN ALPHA OR BETA.. IN FACT I'D BE HORRIBLY CONCERNED IF THERE WAS NO SUCH DISCUSSION... SO DON'T WRITE HAUTE SECURE OFF BASED ON MY STATEMENTS AS TO THE SITUATION TODAY, 5 JULY 2007 :)