dumb tools might be smart
idlechimpFrom a news story about Chinese Internet hacking:Los Angeles law firm [Gipson Hoffman & Pancione] says it was hit Jan. 11 by an attack that appeared to originate in China after it filed a lawsuit for CyberSitter LLC, a software maker that accuses the Chinese government of stealing its code for use in a Web-filtering system.
The firm said E-mails sent to its lawyers contained malicious software designed to extract information from their computers.
Maybe more businesses need to read email the way I do - with a text-only client that will never execute an attachment and has to call for help to even show me pictures. No graphics, so nothing ever has the "look" of any firms I might do business with; I actually have to look at the headers, and the client makes it easy to see them (in full detail, when I want it). If I have to save an attachment as a file and then give it execute permission before I can run it, instead of just clicking an "accept" button, it's going to take a lot more social engineering to get it past me. (It helps that most such attachments aren't even able to run on my non-MS-Windows systems.) Making everything easy - for people who don't want to think - is inviting trouble. And every business and agency is a potential target."China has a strategic goal of becoming the world-dominant economic power within this century. Certainly one way to do that faster is to steal industrial secrets."
Even if your business doesn't interest the Chinese, it still must have domestic competitors who'd be interested in what's going on inside.