The content of this blog is my personal opinion only. Although I am an employee - currently of Nvidia, in the past of other companies such as Iagination Technologies, MIPS, Intellectual Ventures, Intel, AMD, Motorola, and Gould - I reveal this only so that the reader may account for any possible bias I may have towards my employer's products. The statements I make here in no way represent my employer's position, nor am I authorized to speak on behalf of my employer. In fact, this posting may not even represent my personal opinion, since occasionally I play devil's advocate.

See http://docs.google.com/View?id=dcxddbtr_23cg5thdfj for photo credits.

Wednesday, June 11, 2008

Autoclose timeout of security problem reports without investigation

I have posted about my paranoia about malware on my laptop. I think this email from IT's servicedesk / bug reporting / ssue tracking system says it all:

...long code number...

Dear Andy Glew,

We have an answer to your request. See the details as follows:

Request Summary: CB: MS RootkitRevealer indicates possible security problems on my laptop

Answer Summary: Closed by Auto-Close process

You may also click on the link above if you want to view or provide additional information to your request and answer online.


Note: Please do not reply to this e-mail as messages are not monitored or responded to.

Nobody at IT ever contacted me about the problem. No email, no phone call, no text added to the "helpdesk" problem report.

They just allowed it to time out.

Now, I can understand: RootkitRevealer sometimes has false positives. Maybe IT recognized the symptoms I reported as a false positive, and knows to ignore it.
Or maybe they don't bother investigating security problems, relying only on malware scanners.

Or maybe IT themselves installed the rootkit on my system. (There's my paranoia kicking in again.)

No comments: