On 2015-02-25 14:23, Yves Goergen wrote:
Am 25.02.2015 um 23:04 schrieb Dave Warren:
I second this. Either go all the way, or don't do it, it's worse to
leave users with a false sense of security. A mentality of "The virus
scanner says it's safe, so it won't do any harm" is exceedingly
dangerous.
The virus scanner doesn't say anything at all. It is just an
additional effort to keep unwanted e-mails away, just like the spam
filter. Nobody claimed that there is any guarantee associated with it,
not even for false rejects. Considering what still passes the filters
this should quickly become obvious.
You're thinking like a techie. Don't do that. When an end user becomes
aware that there is a malware filter or antivirus, they will assume it
works, and since malware and viruses are filtered, that which is not
filtered must be safe.
Users are stupid; this is why we're employed. Understand them, and build
systems that set appropriate expectations and encourage the correct
behaviour. If you're handing people a dangerous weapon, don't tell them
all the reasons it's safe, tell them all the reasons it's dangerous even
if there are a few safeguards.
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
