One of the great things about a blog is that your rants can live on forever. With that said, I decided to start storing my long term rants in my blog. Every time I think of rant that I want to save for a few years, I'll write it here. Then when I can't think of anything to rant about, I can look here. 1. We need a better centralized reporting methodology for reporting high-risk malware and malicious hacker attac One of the great things about a blog is that your rants can live on forever. With that said, I decided to start storing my long term rants in my blog. Every time I think of rant that I want to save for a few years, I’ll write it here. Then when I can’t think of anything to rant about, I can look here.1. We need a better centralized reporting methodology for reporting high-risk malware and malicious hacker attacks against the Internet.http://www.infoworld.com/article/06/01/13/73827_03OPsecadvise_1.html2. More operating systems and applications need “deny-by-default” rules and configuration. Deny-by-default rules are the norm in firewalls, but not-much else. Security is always a risk/benefit trade off-a decision between normal end-user functionality and increased default security. Unfortunately, increased end-user functionality is often choosen over security, even when the level of increased end-user functionality could not be justified as compared to the risk. For example, why does Microsoft Windows allow every file type to be automatically executed by any user when the vast majority are not used for legitimate reasons? For instance, the latest Windows help exploit vulnerability relies on the existence and user of files ending in .hhp. Very few users that I know use these files, yet they are allowed to automatically execute in Windows. How about last month’s WMF vulnerability. Although the WMF vulnerability could use any file extension it wanted, most of the public exploits have used the .WMF extension. Probably less than 5% of Windows users use WMF files for legitimate reasons, so why allow it by default? I routinely recommend to my customers that they disable over 150 file extensions more likely to be used maliciously than legitimately in most environments. It would be more efficient if Microsoft provided a utility that allowed sys admins to use a deny-by-default, allow-by-exception rule for file executions. Microsoft could tell us the the extensions that Windows needs by default, and other common file extensions (e.g. .DOC, .XLS, etc.) that most users needed. But we should be able to block the majority by default.I’ll update my Ongong Long-Term Rant List as ideas re-appear in my head. Related content analysis The 5 types of cyber attack you're most likely to face Don't be distracted by the exploit of the week. Invest your time and money defending against the threats you're apt to confront By Roger Grimes Aug 21, 2017 7 mins Phishing Malware Social Engineering analysis 'Jump boxes' and SAWs improve security, if you set them up right Organizations consistently and reliably using one or both of these approaches have far less risk than those that do not. By Roger Grimes Jul 26, 2017 13 mins Authentication Access Control Data and Information Security analysis Attention, 'red team' hackers: Stay on target You hire elite hackers to break your defenses and expose vulnerabilities -- not to be distracted by the pursuit of obscure flaws By Roger Grimes Dec 08, 2015 4 mins Hacking Data and Information Security Network Security analysis 4 do's and don'ts for safer holiday computing It's the season for scams, hacks, and malware attacks. But contrary to what you've heard, you can avoid being a victim pretty easily By Roger Grimes Dec 01, 2015 4 mins Phishing Malware Patch Management Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe