Hacker News new | past | comments | ask | show | jobs | submit login

> Instead that Corp IT should have put a transparently working antivirus/malware scanner on the workstation that would prevent that download to be run at all. ?

Sure. Then come the complaints that this slows down endpoint devices and has compatibility issues. Somebody gets the idea to do this in the network. Rinse. Repeat.




Our CorpIT has that and fine tuned it to perfection. No one complains now. So it's possible.

Unfortunately they still do MITM which breaks connections regularly.


It's a knife's edge. One OS patch, or one vendor change in product roadmap, and you can be right back to endpoint security software performance and compatibility hell. Stuff has gotten better but it's still fraught with peril.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: