Gemini version available ♊︎

Novell Threat Assessment: More Like FUD and Harassment

Posted in Novell, Security, Windows at 2:49 am by Dr. Roy Schestowitz

Reader’s thoughts on Novell’s perspective on security

A reader has sent us some thoughts about the following threat assessment questionnaire from Novell which, unsurprisingly, requires that you install the proprietary Adobe Flash player (yes, for a simple questionnaire). Some of the questions evoked our reader’s response, as follows:

Is your organization subject to regulatory compliance (PCI, HIPAA, SOX, etc.)?

Er… NO, and what difference would it make to computer security and why are you posting such waffle?

Does the organization need to enforce integrity on products such as anti-virus, 24×7 even if the device is remote?

No, we have ‘computers’ that don’t get viruses.

If an infected machine is introduced to the network are there protections against network infection and propagation.

We don’t need such protections, our computers don’t get viruses.

Do your endpoints have a firewall that is driver based and not controllable by the end user?

Such software firewalls are next to useless, we have embedded firewalls at the gateway.

Related and recent post:

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.


  1. Dan O'Brian said,

    June 9, 2008 at 5:58 am


    Why do you need the Adobe Acrobad reader? OpenSuSE ships Evince which works far far better and is installed by default.

    Maybe you had to use Adobe Acrobat because you don’t run OpenSuSE? ;-)

  2. Dan O'Brian said,

    June 9, 2008 at 5:59 am


    lol, I made a pretty funny typo – s/Acrobad/Acrobat/

    It so should be called Acrobad tho ;-)

  3. Roy Schestowitz said,

    June 9, 2008 at 6:01 am


    it’s about Flash, not Acrobat (which is rarely needed).

  4. Dan O'Brian said,

    June 9, 2008 at 6:28 am


    Doh, my apologies. I misread “Acrobat” instead of “Flash” (haven’t had my morning coffee yet).

    Even so, SUSE ships Gnash and swfdec, but I agree: Flash = bad.

    Then again, you use Flash on this website as well (and until recently didn’t offer ogg alternatives), so you are being a bit hypocritical imho.

  5. Open Honest said,

    June 9, 2008 at 11:39 am


    Questionair is about positioning Audit and Sentinal around compliance. Again we know where that idea came from. What they don’t tell you is that Audit links to a server clock much like all software offerings, and the server can be chanaged leaving you with an expensive appication that can’t sustain a trail of evidence. Same can be said with Sentinal, tied to a changable, hackable server. FUD with nothing to really meet compliance, as long as it is software based you will never get any better than FIPS 2 so much for government, banking ect.

  6. aeshna said,

    June 9, 2008 at 12:08 pm


    This minor incident brings up a question I have. Instead of developing gnash and moonlight, wouldn’t have been easier to build from scratch a FOSS competitor that would work on Linux, Mac, *BSD, Windows, and Solaris? It wouldn’t have to have the bells and whistle to start–just stop, pause,and play functionality. And I would think that the *BSD people would be more than willing to contribute That Flash doesn’t work their OS is a real obstacle for them on the desktop and is an excellent example of how non-FOSS discourages innovation.

    Has this not been done due to lack of interest or some deeper reason?

DecorWhat Else is New

  1. Links 21/03/2023: Trisquel GNU/Linux 11.0 LTS

    Links for the day

  2. Back Doors Proponent Microsoft Infiltrates Panels That Write the Security Regulations, Press Fails to Point Out the Obvious

    Cult tactics and classic entryism serve Microsoft again, stacking the panels and basically writing policy (CISA). As an associate explained it, citing this new example, Stanford “neglects to point out the obvious fact that Microsoft is writing its own regulations.”

  3. IRC Proceedings: Monday, March 20, 2023

    IRC logs for Monday, March 20, 2023

  4. Links 20/03/2023: Curl 8.0.0/1 and CloudStack LTS

    Links for the day

  5. Standard Life (Phoenix Group Holdings): Three Weeks to Merely Start Investigating Pension Fraud (and Only After Repeated Reminders From the Fraud's Victims)

    As the phonecall above hopefully shows (or further elucidates), Standard Life leaves customers in a Kafkaesque situation, bouncing them from one person to another person without actually progressing on a fraud investigation

  6. Standard Life Paper Mills in Edinburgh

    Standard Life is issuing official-looking financial papers for companies that then use that paperwork to embezzle staff

  7. Pension Fraud Investigation Not a High Priority in Standard Life (Phoenix Group Holdings)

    The 'Open Source' company where I worked for nearly 12 years embezzled its staff; despite knowing that employees were subjected to fraud in Standard Life's name, it doesn't seem like Standard Life has bothered to investigate (it has been a fortnight already; no progress is reported by management at Standard Life)

  8. Links 20/03/2023: Tails 5.11 and EasyOS 5.1.1

    Links for the day

  9. Links 20/03/2023: Amazon Linux 2023 and Linux Kernel 6.3 RC3

    Links for the day

  10. IRC Proceedings: Sunday, March 19, 2023

    IRC logs for Sunday, March 19, 2023

  11. An Update on Sirius 'Open Source' Pensiongate: It's Looking Worse Than Ever

    It's starting to look more and more like pension providers in the UK, including some very major and large ones, are aiding criminals who steal money from their workers under the guise of "pensions"

  12. Services and Users TRApped in Telescreen-Running Apps

    TRApp, term that lends its name to this article, is short for "Telescreen-Running App". It sounds just like "trap". Any similarity is not purely coincidental.

  13. Links 19/03/2023: Release of Libreboot 20230319 and NATO Expanding

    Links for the day

  14. Great Things Brewing

    We've been very busy behind the scenes this past week; we expect some good publications ahead

  15. Links 19/03/2023: LLVM 16.0.0 and EasyOS Kirkstone 5.1 Releases

    Links for the day

  16. IRC Proceedings: Saturday, March 18, 2023

    IRC logs for Saturday, March 18, 2023

  17. Links 18/03/2023: Many HowTos, Several New Releases

    Links for the day

  18. Links 18/03/2023: Tor Browser 12.0.4 and Politics

    Links for the day

  19. Links 18/03/2023: Docker is Deleting Free Software Organisations

    Links for the day

  20. IRC Proceedings: Friday, March 17, 2023

    IRC logs for Friday, March 17, 2023

  21. New Talk: Richard Stallman Explains His Problem With Rust (Trademark Restrictions), Openwashing (Including Linux Kernel), Machine Learning, and the JavaScript Trap

    Richard Stallman's talk is now available above (skip to 18:20 to get to the talk; the volume was improved over time, corrected at the sender's end)

  22. Links 17/03/2023: CentOS Newsletter and News About 'Mr. UNIX' Ken Thompson Hopping on GNU/Linux

    Links for the day

  23. The European Patent Office's Central Staff Committee Explains the Situation at the EPO to the 'Yes Men' of António Campinos (Who is Stacking All the Panels)

    The EPO’s management is lying to staff (even right to their faces!) and it is actively obstructing attempts to step back into compliance with the law; elected staff representatives have produced detailed documents that explain the nature of some of the problems they’re facing

  24. Links 17/03/2023: Linux 6.2.7 and LibreSSL 3.7.1 Released

    Links for the day

  25. GNU/Linux in Honduras: 10% Market Share? (Updated)

    As per the latest statistics

  26. Links 17/03/2023: Update on John Deere’s Ongoing GPL Violations and PyTorch 2.0

    Links for the day

  27. IRC Proceedings: Thursday, March 16, 2023

    IRC logs for Thursday, March 16, 2023

  28. RMS: A Tour of Malicious Software, With a Typical Cell Phone as Example

    Tonight in Europe or this afternoon in America Richard M. Stallman (RMS), who turned 70 yesterday, gives a talk

  29. Skyfall for Sirius 'Open Source': A Second Pension Provider Starts to Investigate Serious (Sirius) Abuses

    Further to yesterday's update on Sirius ‘Open Source’ and its “Pensiongate” we can gladly report some progress following escalation to management; this is about tech and “Open Source” employees facing abuse at work, even subjected to crimes

  30. NOW: Pensions Lying, Obstructing and Gaslighting Clients After Months of Lies, Delays, and Cover-up (Amid Pension Fraud)

    The “Pensiongate” of Sirius ‘Open Source’ (the company which embezzled/robbed many workers for years) helps reveal the awful state of British pension providers, which are in effect enabling the embezzlement to carry on while lying to their clients

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts