<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article09_10_24_1340210</id>
	<title>Impressing Security Upon End-Users Visually?</title>
	<author>Soulskill</author>
	<datestamp>1256397720000</datestamp>
	<htmltext>get quad writes <i>"I continually have to remind our end-users to be vigilant about the usual web security hazards, such as not clicking links in the occasional spam email that passes through our filters, avoiding suspicious websites, why some websites aren't entirely safe or appropriate for the work environment (Facebook apps, MySpace, remote access apps, proxies, etc), and the myriad other things an end-user can do to get into trouble. What I'm hoping to find are video or flash examples (mind you, in layman's terms) of what Web-based exploits/zero-day threats are capable of, how they can happen, and the harm they can ultimately cause &mdash; rather than posting links to technical docs the users will never bother to read. Getting the point across in a purely visual and less technical manner seems much more effective. Does anyone have any suggestions or experience with this type of training?"</i></htmltext>
<tokenext>get quad writes " I continually have to remind our end-users to be vigilant about the usual web security hazards , such as not clicking links in the occasional spam email that passes through our filters , avoiding suspicious websites , why some websites are n't entirely safe or appropriate for the work environment ( Facebook apps , MySpace , remote access apps , proxies , etc ) , and the myriad other things an end-user can do to get into trouble .
What I 'm hoping to find are video or flash examples ( mind you , in layman 's terms ) of what Web-based exploits/zero-day threats are capable of , how they can happen , and the harm they can ultimately cause    rather than posting links to technical docs the users will never bother to read .
Getting the point across in a purely visual and less technical manner seems much more effective .
Does anyone have any suggestions or experience with this type of training ?
"</tokentext>
<sentencetext>get quad writes "I continually have to remind our end-users to be vigilant about the usual web security hazards, such as not clicking links in the occasional spam email that passes through our filters, avoiding suspicious websites, why some websites aren't entirely safe or appropriate for the work environment (Facebook apps, MySpace, remote access apps, proxies, etc), and the myriad other things an end-user can do to get into trouble.
What I'm hoping to find are video or flash examples (mind you, in layman's terms) of what Web-based exploits/zero-day threats are capable of, how they can happen, and the harm they can ultimately cause — rather than posting links to technical docs the users will never bother to read.
Getting the point across in a purely visual and less technical manner seems much more effective.
Does anyone have any suggestions or experience with this type of training?
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857479</id>
	<title>naaaahhh.. crazy talk.</title>
	<author>tempest69</author>
	<datestamp>1256406300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The whole bloody mess is mis-engineered...  The secure settings in IE are a bear to browse with, and are still vulnerable to some zero day exploits.  Windows itself is a mess, how many areas are there to check for programs that load at boot?<br> <br>

the legacy dos files...<br>
the run and run-once lines in the registry (all of them)<br>
runservices<br>
load<br>
userinit<br>
the startup menu<br>
the startup menu for the user<br>

lots of the code doesnt work unless it gets full rein to jack your system.  Turn on the windows based security and programs like xfire throw a fit as they are constantly requesting to break security for legit reasons..  The security breaks usability and the idiots want to be able to just see the video from a friend without all this hassle of loading flash.  Or download a file without a freak-out.
<br>
While you can limit what sites you visit.  mistype google or microsoft, and theres no telling what your pc will contract.</htmltext>
<tokenext>The whole bloody mess is mis-engineered... The secure settings in IE are a bear to browse with , and are still vulnerable to some zero day exploits .
Windows itself is a mess , how many areas are there to check for programs that load at boot ?
the legacy dos files.. . the run and run-once lines in the registry ( all of them ) runservices load userinit the startup menu the startup menu for the user lots of the code doesnt work unless it gets full rein to jack your system .
Turn on the windows based security and programs like xfire throw a fit as they are constantly requesting to break security for legit reasons.. The security breaks usability and the idiots want to be able to just see the video from a friend without all this hassle of loading flash .
Or download a file without a freak-out .
While you can limit what sites you visit .
mistype google or microsoft , and theres no telling what your pc will contract .</tokentext>
<sentencetext>The whole bloody mess is mis-engineered...  The secure settings in IE are a bear to browse with, and are still vulnerable to some zero day exploits.
Windows itself is a mess, how many areas are there to check for programs that load at boot?
the legacy dos files...
the run and run-once lines in the registry (all of them)
runservices
load
userinit
the startup menu
the startup menu for the user

lots of the code doesnt work unless it gets full rein to jack your system.
Turn on the windows based security and programs like xfire throw a fit as they are constantly requesting to break security for legit reasons..  The security breaks usability and the idiots want to be able to just see the video from a friend without all this hassle of loading flash.
Or download a file without a freak-out.
While you can limit what sites you visit.
mistype google or microsoft, and theres no telling what your pc will contract.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857165</id>
	<title>Cisco's Website</title>
	<author>Cytlid</author>
	<datestamp>1256403780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Check out Cisco's website.  Really.  Most of the time, they have some videos geared towards marketing and business types.  They even have some cute superhero thing about threats.

It drives me crazy because usually I go there for technical purposes, I want to see configuration commands and tech docs.  But every once in a while I'll find a good diagram or video which gets my point across to non-techie types.</htmltext>
<tokenext>Check out Cisco 's website .
Really. Most of the time , they have some videos geared towards marketing and business types .
They even have some cute superhero thing about threats .
It drives me crazy because usually I go there for technical purposes , I want to see configuration commands and tech docs .
But every once in a while I 'll find a good diagram or video which gets my point across to non-techie types .</tokentext>
<sentencetext>Check out Cisco's website.
Really.  Most of the time, they have some videos geared towards marketing and business types.
They even have some cute superhero thing about threats.
It drives me crazy because usually I go there for technical purposes, I want to see configuration commands and tech docs.
But every once in a while I'll find a good diagram or video which gets my point across to non-techie types.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29859693</id>
	<title>draw it out</title>
	<author>dropadrop</author>
	<datestamp>1256378880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>If you need to map it visually try doing it by something they understand and feel could affect them.

Most people these day's are using a lot of services. Most of these services allow the password to be changed and sent to the users email address. Generally people will use the same password for all services, meaning that any one of them is broken into, and all of them can be accessed. Usually the email address will also tell you a lot of the services if uncertain. Drawing this out in a logical way explains to users why they should use separate passwords for different services, and why they should use separate passwords for work and personal services.

Taking this further you can explain that a lot of trojans can steal their password making access even easier for an attacker might make them feel they have something personal to lose. Explaining how their machine could be part of a botnet might not...</htmltext>
<tokenext>If you need to map it visually try doing it by something they understand and feel could affect them .
Most people these day 's are using a lot of services .
Most of these services allow the password to be changed and sent to the users email address .
Generally people will use the same password for all services , meaning that any one of them is broken into , and all of them can be accessed .
Usually the email address will also tell you a lot of the services if uncertain .
Drawing this out in a logical way explains to users why they should use separate passwords for different services , and why they should use separate passwords for work and personal services .
Taking this further you can explain that a lot of trojans can steal their password making access even easier for an attacker might make them feel they have something personal to lose .
Explaining how their machine could be part of a botnet might not.. .</tokentext>
<sentencetext>If you need to map it visually try doing it by something they understand and feel could affect them.
Most people these day's are using a lot of services.
Most of these services allow the password to be changed and sent to the users email address.
Generally people will use the same password for all services, meaning that any one of them is broken into, and all of them can be accessed.
Usually the email address will also tell you a lot of the services if uncertain.
Drawing this out in a logical way explains to users why they should use separate passwords for different services, and why they should use separate passwords for work and personal services.
Taking this further you can explain that a lot of trojans can steal their password making access even easier for an attacker might make them feel they have something personal to lose.
Explaining how their machine could be part of a botnet might not...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857187</id>
	<title>Security education video game and movie</title>
	<author>redtail</author>
	<datestamp>1256403960000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p><a href="http://cisr.nps.edu/cyberciege/" title="nps.edu" rel="nofollow">http://cisr.nps.edu/cyberciege/</a> [nps.edu] is a video game designed to teach computer security concepts.  In addition to its more advanced scenarios, it includes a few simple "awareness" scenarios, the first of which directly addresses your topic.  Further, this animated movie: <a href="http://cisr.nps.edu/cyberciege/movies/02CIEGE.html" title="nps.edu" rel="nofollow">http://cisr.nps.edu/cyberciege/movies/02CIEGE.html</a> [nps.edu] helps the layman understand why the problem of malicious software is so hard to solve.  The link includes a free evaluation version of the game.</p></htmltext>
<tokenext>http : //cisr.nps.edu/cyberciege/ [ nps.edu ] is a video game designed to teach computer security concepts .
In addition to its more advanced scenarios , it includes a few simple " awareness " scenarios , the first of which directly addresses your topic .
Further , this animated movie : http : //cisr.nps.edu/cyberciege/movies/02CIEGE.html [ nps.edu ] helps the layman understand why the problem of malicious software is so hard to solve .
The link includes a free evaluation version of the game .</tokentext>
<sentencetext>http://cisr.nps.edu/cyberciege/ [nps.edu] is a video game designed to teach computer security concepts.
In addition to its more advanced scenarios, it includes a few simple "awareness" scenarios, the first of which directly addresses your topic.
Further, this animated movie: http://cisr.nps.edu/cyberciege/movies/02CIEGE.html [nps.edu] helps the layman understand why the problem of malicious software is so hard to solve.
The link includes a free evaluation version of the game.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858715</id>
	<title>Re:Explosions!</title>
	<author>DiegoBravo</author>
	<datestamp>1256415060000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>&gt; such as not clicking links in the occasional spam email which passes through filters, avoiding suspicious websites,</p><p>Just setup a daily CRON job to send an email with a link pointing to a page in your web server that shows:</p><p>YOU CLICKED THE BAD LINK. YOU'RE AN IDIOT. NEXT TIME WE'LL CUT YOUR SALARY.</p><p>For the email subject, just collect a handful of common spam phrases, like "Tired of seeing disappointed faces on women when they pull down your pants". Problem solved.</p></htmltext>
<tokenext>&gt; such as not clicking links in the occasional spam email which passes through filters , avoiding suspicious websites,Just setup a daily CRON job to send an email with a link pointing to a page in your web server that shows : YOU CLICKED THE BAD LINK .
YOU 'RE AN IDIOT .
NEXT TIME WE 'LL CUT YOUR SALARY.For the email subject , just collect a handful of common spam phrases , like " Tired of seeing disappointed faces on women when they pull down your pants " .
Problem solved .</tokentext>
<sentencetext>&gt; such as not clicking links in the occasional spam email which passes through filters, avoiding suspicious websites,Just setup a daily CRON job to send an email with a link pointing to a page in your web server that shows:YOU CLICKED THE BAD LINK.
YOU'RE AN IDIOT.
NEXT TIME WE'LL CUT YOUR SALARY.For the email subject, just collect a handful of common spam phrases, like "Tired of seeing disappointed faces on women when they pull down your pants".
Problem solved.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862545</id>
	<title>Re:Look for vids of the WMF bug</title>
	<author>Solder Fumes</author>
	<datestamp>1256410320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>That video wasn't too exciting, but one of the related videos seems to fit the bill for the OP's request: <a href="http://www.youtube.com/watch?v=3atmWmWCwlw" title="youtube.com">http://www.youtube.com/watch?v=3atmWmWCwlw</a> [youtube.com]</p></htmltext>
<tokenext>That video was n't too exciting , but one of the related videos seems to fit the bill for the OP 's request : http : //www.youtube.com/watch ? v = 3atmWmWCwlw [ youtube.com ]</tokentext>
<sentencetext>That video wasn't too exciting, but one of the related videos seems to fit the bill for the OP's request: http://www.youtube.com/watch?v=3atmWmWCwlw [youtube.com]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857975</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856965</id>
	<title>Change their perspective to be self gratifying</title>
	<author>onyxruby</author>
	<datestamp>1256402280000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p>I was spending some time with some friends of mine a few months back when the inevitable malware conversation came up. These friends happened to all be quite computer illiterate. What I did instead of giving the usual spiel about malware was show them a better experience.</p><p>I sat them down and showed them how to use firefox with noscript. I showed them their favorite sites without all the baggage and they were amazed at the improved experience. I made sure I showed them how to use noscript with sites like facebook and still get what they wanted.</p><p>All of this was done in less than 15 minutes, and they now use this combination on a daily basis, not because of the improved security, but because of the improved experience. The fact that their security is improved is entirely incidental.</p><p>Note to firefox dev's, improve your enterprise management tools so that I can justify rolling out firefox to the enterprise after proving to management that it can be managed at the enterprise level. Enterprises need ways to consistently enforce policies with firefox using AD! Until this can be done firefox will never take over Internet Explorer in the Enterprise.</p></htmltext>
<tokenext>I was spending some time with some friends of mine a few months back when the inevitable malware conversation came up .
These friends happened to all be quite computer illiterate .
What I did instead of giving the usual spiel about malware was show them a better experience.I sat them down and showed them how to use firefox with noscript .
I showed them their favorite sites without all the baggage and they were amazed at the improved experience .
I made sure I showed them how to use noscript with sites like facebook and still get what they wanted.All of this was done in less than 15 minutes , and they now use this combination on a daily basis , not because of the improved security , but because of the improved experience .
The fact that their security is improved is entirely incidental.Note to firefox dev 's , improve your enterprise management tools so that I can justify rolling out firefox to the enterprise after proving to management that it can be managed at the enterprise level .
Enterprises need ways to consistently enforce policies with firefox using AD !
Until this can be done firefox will never take over Internet Explorer in the Enterprise .</tokentext>
<sentencetext>I was spending some time with some friends of mine a few months back when the inevitable malware conversation came up.
These friends happened to all be quite computer illiterate.
What I did instead of giving the usual spiel about malware was show them a better experience.I sat them down and showed them how to use firefox with noscript.
I showed them their favorite sites without all the baggage and they were amazed at the improved experience.
I made sure I showed them how to use noscript with sites like facebook and still get what they wanted.All of this was done in less than 15 minutes, and they now use this combination on a daily basis, not because of the improved security, but because of the improved experience.
The fact that their security is improved is entirely incidental.Note to firefox dev's, improve your enterprise management tools so that I can justify rolling out firefox to the enterprise after proving to management that it can be managed at the enterprise level.
Enterprises need ways to consistently enforce policies with firefox using AD!
Until this can be done firefox will never take over Internet Explorer in the Enterprise.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857623</id>
	<title>I Have a Vision of...</title>
	<author>mrsquid0</author>
	<datestamp>1256407380000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>Hi, I'm Troy McClure.  You may remember me from such IT security videos as "Microsoft Explorer: Ubiquitous but Unsecure" or "Passwords: The Road to Ruin".</p></htmltext>
<tokenext>Hi , I 'm Troy McClure .
You may remember me from such IT security videos as " Microsoft Explorer : Ubiquitous but Unsecure " or " Passwords : The Road to Ruin " .</tokentext>
<sentencetext>Hi, I'm Troy McClure.
You may remember me from such IT security videos as "Microsoft Explorer: Ubiquitous but Unsecure" or "Passwords: The Road to Ruin".</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857331</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>Anonymous</author>
	<datestamp>1256405220000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>What you want is an airbag behind the screen. When a virus is detected the airbag explodes out. The glass in the screen lacerates the user's face and indelible red ink on the airbag stains their skin for weeks to come.</p><p>Alternatively you could have a little water cannon under the desk that sprays their crotch so everyone thinks they wet themselves.</p><p>Only that kind of humiliation can ever hope to teach these lusers. -BOFH</p></htmltext>
<tokenext>What you want is an airbag behind the screen .
When a virus is detected the airbag explodes out .
The glass in the screen lacerates the user 's face and indelible red ink on the airbag stains their skin for weeks to come.Alternatively you could have a little water cannon under the desk that sprays their crotch so everyone thinks they wet themselves.Only that kind of humiliation can ever hope to teach these lusers .
-BOFH</tokentext>
<sentencetext>What you want is an airbag behind the screen.
When a virus is detected the airbag explodes out.
The glass in the screen lacerates the user's face and indelible red ink on the airbag stains their skin for weeks to come.Alternatively you could have a little water cannon under the desk that sprays their crotch so everyone thinks they wet themselves.Only that kind of humiliation can ever hope to teach these lusers.
-BOFH</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857239</id>
	<title>Re:So you are looking for a "Reefer Madness" movie</title>
	<author>Anonymous</author>
	<datestamp>1256404380000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>Yes, they do, on a mass scale. When applied "properly" to things like smut, terrorism, gay marriage, etc, the "Reefer Madness" tactic works very well. In fact it's still working on the drug situation also. Otherwise prohibition would have been abolished a long time ago. Do not underestimate the power of "madness".</p></htmltext>
<tokenext>Yes , they do , on a mass scale .
When applied " properly " to things like smut , terrorism , gay marriage , etc , the " Reefer Madness " tactic works very well .
In fact it 's still working on the drug situation also .
Otherwise prohibition would have been abolished a long time ago .
Do not underestimate the power of " madness " .</tokentext>
<sentencetext>Yes, they do, on a mass scale.
When applied "properly" to things like smut, terrorism, gay marriage, etc, the "Reefer Madness" tactic works very well.
In fact it's still working on the drug situation also.
Otherwise prohibition would have been abolished a long time ago.
Do not underestimate the power of "madness".</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856963</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29869467</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>Frogbert</author>
	<datestamp>1256497740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>That was two years ago. Have not had a SINGLE instance of any malware on any machine, since that time</p></div><p>That they've told you about.</p></div>
	</htmltext>
<tokenext>That was two years ago .
Have not had a SINGLE instance of any malware on any machine , since that timeThat they 've told you about .</tokentext>
<sentencetext>That was two years ago.
Have not had a SINGLE instance of any malware on any machine, since that timeThat they've told you about.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862053</id>
	<title>Re:www.IdentityTheft.info video</title>
	<author>get quad</author>
	<datestamp>1256402280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Thanks! though not exactly what I had in mind, the first visual example posted.</htmltext>
<tokenext>Thanks !
though not exactly what I had in mind , the first visual example posted .</tokentext>
<sentencetext>Thanks!
though not exactly what I had in mind, the first visual example posted.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856985</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29859373</id>
	<title>unsafe ... or just inppropriate?</title>
	<author>bcrowell</author>
	<datestamp>1256376840000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>why some websites aren't entirely safe or appropriate for the work environment (Facebook apps, MySpace, remote access apps, proxies, etc),</p></div>
</blockquote><p>
Okay, I'll bite. Do facebook and myspace fall in the unsafe category, or are they just inappropriate? Obviously you don't want employees spending all their time at their desks screwing around with facebook, because you want them to be doing useful work. But if there's some actual security vulnerability that is opened up when a user simply goes to a web page with a certain flash or javascript app on it, then that sounds to me more like a problem with the browser you've chosen or the way you've chosen to configure it.
</p><p>
One of the thing that makes me tune out IT's messages at my workplace is that their pronouncements often don't demonstrate an appropriate sense of proportion. For example, they were trying to get a rule instituted that would make it a firing offense to do a variety of things with your computer -- one of which was plugging in a flash drive. (No, I don't work at the CIA. I work at a community college.) If you tell people that their computer can get a virus if they do any of a long list of things, then probably (a) they're not going to believe you, or (b) they're going to decide the list is so long that it's not practical to comply with it. It's like telling kids that beer, marijuana, and heroin are all in the same category. Once they find out you lied about marijuana, they'll just go ahead and try heroin as well.
</p></div>
	</htmltext>
<tokenext>why some websites are n't entirely safe or appropriate for the work environment ( Facebook apps , MySpace , remote access apps , proxies , etc ) , Okay , I 'll bite .
Do facebook and myspace fall in the unsafe category , or are they just inappropriate ?
Obviously you do n't want employees spending all their time at their desks screwing around with facebook , because you want them to be doing useful work .
But if there 's some actual security vulnerability that is opened up when a user simply goes to a web page with a certain flash or javascript app on it , then that sounds to me more like a problem with the browser you 've chosen or the way you 've chosen to configure it .
One of the thing that makes me tune out IT 's messages at my workplace is that their pronouncements often do n't demonstrate an appropriate sense of proportion .
For example , they were trying to get a rule instituted that would make it a firing offense to do a variety of things with your computer -- one of which was plugging in a flash drive .
( No , I do n't work at the CIA .
I work at a community college .
) If you tell people that their computer can get a virus if they do any of a long list of things , then probably ( a ) they 're not going to believe you , or ( b ) they 're going to decide the list is so long that it 's not practical to comply with it .
It 's like telling kids that beer , marijuana , and heroin are all in the same category .
Once they find out you lied about marijuana , they 'll just go ahead and try heroin as well .</tokentext>
<sentencetext>why some websites aren't entirely safe or appropriate for the work environment (Facebook apps, MySpace, remote access apps, proxies, etc),

Okay, I'll bite.
Do facebook and myspace fall in the unsafe category, or are they just inappropriate?
Obviously you don't want employees spending all their time at their desks screwing around with facebook, because you want them to be doing useful work.
But if there's some actual security vulnerability that is opened up when a user simply goes to a web page with a certain flash or javascript app on it, then that sounds to me more like a problem with the browser you've chosen or the way you've chosen to configure it.
One of the thing that makes me tune out IT's messages at my workplace is that their pronouncements often don't demonstrate an appropriate sense of proportion.
For example, they were trying to get a rule instituted that would make it a firing offense to do a variety of things with your computer -- one of which was plugging in a flash drive.
(No, I don't work at the CIA.
I work at a community college.
) If you tell people that their computer can get a virus if they do any of a long list of things, then probably (a) they're not going to believe you, or (b) they're going to decide the list is so long that it's not practical to comply with it.
It's like telling kids that beer, marijuana, and heroin are all in the same category.
Once they find out you lied about marijuana, they'll just go ahead and try heroin as well.

	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862235</id>
	<title>This is actually a big problem</title>
	<author>Opportunist</author>
	<datestamp>1256405280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Usually, when something "bad" happens, you get to see the result. You lose your wallet, you can't pay next time you have to. Someone breaks into your house, everything's turned upside down. With malware, there just ain't anything to see.</p><p>To make things worse, people have been told by Hollywood that there <i>is</i> something to see. Computer screens "melting" or outright explosions (those dreaded 220kV lines in those flatscreens<nobr> <wbr></nobr>... you know...), or at least some nifty CGI (honestly, every time someone searches fingerprints on CSI<nobr> <wbr></nobr>.... I'd have broken the programmer's fingers if he really showed a ton of "wrong" fingerprints while searching and wasting a lot of time for pointless eye candy... but I ramble). But there just is nothing to see. Why? Because that's the whole point of infecting someone: To have a spy in his computer without the person knowing it. You double click the infector and you don't see anything. Maybe, if you're using a slow maching, you get the "busy" mouse icon for a split second.</p><p>My solution usually is to show them what happens behind the scenes. First of all, it's interesting because it's kinda-sorta-maybe illegal, since you're doing what the bad boys are doing (with the difference that you're not really infecting anything but your own presentation machines). And they get to see what they usually don't get to see. It's not even a problem that it's way over their head because nmap output looks impressive, even if you don't get a thing. But even a monitoring proxy output is usually enough (you just have to point to the information that you want to stress). Set up Alice, Bob and Dave and give them a show of "what if you're infected".</p></htmltext>
<tokenext>Usually , when something " bad " happens , you get to see the result .
You lose your wallet , you ca n't pay next time you have to .
Someone breaks into your house , everything 's turned upside down .
With malware , there just ai n't anything to see.To make things worse , people have been told by Hollywood that there is something to see .
Computer screens " melting " or outright explosions ( those dreaded 220kV lines in those flatscreens ... you know... ) , or at least some nifty CGI ( honestly , every time someone searches fingerprints on CSI .... I 'd have broken the programmer 's fingers if he really showed a ton of " wrong " fingerprints while searching and wasting a lot of time for pointless eye candy... but I ramble ) .
But there just is nothing to see .
Why ? Because that 's the whole point of infecting someone : To have a spy in his computer without the person knowing it .
You double click the infector and you do n't see anything .
Maybe , if you 're using a slow maching , you get the " busy " mouse icon for a split second.My solution usually is to show them what happens behind the scenes .
First of all , it 's interesting because it 's kinda-sorta-maybe illegal , since you 're doing what the bad boys are doing ( with the difference that you 're not really infecting anything but your own presentation machines ) .
And they get to see what they usually do n't get to see .
It 's not even a problem that it 's way over their head because nmap output looks impressive , even if you do n't get a thing .
But even a monitoring proxy output is usually enough ( you just have to point to the information that you want to stress ) .
Set up Alice , Bob and Dave and give them a show of " what if you 're infected " .</tokentext>
<sentencetext>Usually, when something "bad" happens, you get to see the result.
You lose your wallet, you can't pay next time you have to.
Someone breaks into your house, everything's turned upside down.
With malware, there just ain't anything to see.To make things worse, people have been told by Hollywood that there is something to see.
Computer screens "melting" or outright explosions (those dreaded 220kV lines in those flatscreens ... you know...), or at least some nifty CGI (honestly, every time someone searches fingerprints on CSI .... I'd have broken the programmer's fingers if he really showed a ton of "wrong" fingerprints while searching and wasting a lot of time for pointless eye candy... but I ramble).
But there just is nothing to see.
Why? Because that's the whole point of infecting someone: To have a spy in his computer without the person knowing it.
You double click the infector and you don't see anything.
Maybe, if you're using a slow maching, you get the "busy" mouse icon for a split second.My solution usually is to show them what happens behind the scenes.
First of all, it's interesting because it's kinda-sorta-maybe illegal, since you're doing what the bad boys are doing (with the difference that you're not really infecting anything but your own presentation machines).
And they get to see what they usually don't get to see.
It's not even a problem that it's way over their head because nmap output looks impressive, even if you don't get a thing.
But even a monitoring proxy output is usually enough (you just have to point to the information that you want to stress).
Set up Alice, Bob and Dave and give them a show of "what if you're infected".</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857267</id>
	<title>Re:Explosions!</title>
	<author>Anonymous</author>
	<datestamp>1256404680000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>There's a freeware program that, when run, starts flashing teh screen, and plays at MAX volume "HEY EVERONE, I'm looking at GAY porno!"<nobr> <wbr></nobr>... just send that around, and people will quickly learn not to open programs.</p></htmltext>
<tokenext>There 's a freeware program that , when run , starts flashing teh screen , and plays at MAX volume " HEY EVERONE , I 'm looking at GAY porno !
" ... just send that around , and people will quickly learn not to open programs .</tokentext>
<sentencetext>There's a freeware program that, when run, starts flashing teh screen, and plays at MAX volume "HEY EVERONE, I'm looking at GAY porno!
" ... just send that around, and people will quickly learn not to open programs.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857415</id>
	<title>How to fix it</title>
	<author>Anonymous</author>
	<datestamp>1256405880000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>1) Download and install <a href="http://camstudio.org/" title="camstudio.org" rel="nofollow">http://camstudio.org/</a> [camstudio.org]<br>2) Start CamStudio.<br>3) Turn javascript OFF.<br>4) Stop CamStudio.<br>5) Post the video somewhere.<br>6) Send out general announcement e-mail with link to above video.  Include sentence explaining that websites which don't work without javascript are inherently unsafe and unnecessary.<br>7) Relax and do something more interesting.</p></htmltext>
<tokenext>1 ) Download and install http : //camstudio.org/ [ camstudio.org ] 2 ) Start CamStudio.3 ) Turn javascript OFF.4 ) Stop CamStudio.5 ) Post the video somewhere.6 ) Send out general announcement e-mail with link to above video .
Include sentence explaining that websites which do n't work without javascript are inherently unsafe and unnecessary.7 ) Relax and do something more interesting .</tokentext>
<sentencetext>1) Download and install http://camstudio.org/ [camstudio.org]2) Start CamStudio.3) Turn javascript OFF.4) Stop CamStudio.5) Post the video somewhere.6) Send out general announcement e-mail with link to above video.
Include sentence explaining that websites which don't work without javascript are inherently unsafe and unnecessary.7) Relax and do something more interesting.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857505</id>
	<title>Virtualforge has really good XSS and CSRF vids</title>
	<author>spinkham</author>
	<datestamp>1256406420000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><a href="http://www.virtualforge.de/vmovie.php" title="virtualforge.de">http://www.virtualforge.de/vmovie.php</a> [virtualforge.de]</p><p>the XSS and CSRF videos are very good visualizations for the common user using simple examples.</p></htmltext>
<tokenext>http : //www.virtualforge.de/vmovie.php [ virtualforge.de ] the XSS and CSRF videos are very good visualizations for the common user using simple examples .</tokentext>
<sentencetext>http://www.virtualforge.de/vmovie.php [virtualforge.de]the XSS and CSRF videos are very good visualizations for the common user using simple examples.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29910259</id>
	<title>Ed Hardy Drawstring Pants Female ,Bape Air Shoes,</title>
	<author>Anonymous</author>
	<datestamp>1256830980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>http://www.tntshoes.com</p></htmltext>
<tokenext>http : //www.tntshoes.com</tokentext>
<sentencetext>http://www.tntshoes.com</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29859219</id>
	<title>Simple Solution</title>
	<author>chefshoemaker</author>
	<datestamp>1256375580000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Terry Tate, IT security Linebacker. "Woo-woo!"</htmltext>
<tokenext>Terry Tate , IT security Linebacker .
" Woo-woo ! "</tokentext>
<sentencetext>Terry Tate, IT security Linebacker.
"Woo-woo!"</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856963</id>
	<title>So you are looking for a "Reefer Madness" movie...</title>
	<author>John Hasler</author>
	<datestamp>1256402280000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>...about computer security?  Those work so well.</p></htmltext>
<tokenext>...about computer security ?
Those work so well .</tokentext>
<sentencetext>...about computer security?
Those work so well.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862935</id>
	<title>Change their perspective so they quail in terror</title>
	<author>mrmeval</author>
	<datestamp>1256461380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Send out a fake spam email. Anyone who clicks on the link gets a security warning letter and a "You are subject to termination for clicking on the link in an email. Contact HR immediately"</p></htmltext>
<tokenext>Send out a fake spam email .
Anyone who clicks on the link gets a security warning letter and a " You are subject to termination for clicking on the link in an email .
Contact HR immediately "</tokentext>
<sentencetext>Send out a fake spam email.
Anyone who clicks on the link gets a security warning letter and a "You are subject to termination for clicking on the link in an email.
Contact HR immediately"</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856965</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857223</id>
	<title>Dark Ages</title>
	<author>banished</author>
	<datestamp>1256404200000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>My company's solution is to lock down the systems so tightly as to turn network systems into standalone systems.</htmltext>
<tokenext>My company 's solution is to lock down the systems so tightly as to turn network systems into standalone systems .</tokentext>
<sentencetext>My company's solution is to lock down the systems so tightly as to turn network systems into standalone systems.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858239</id>
	<title>I ususally use anaologies...</title>
	<author>smisle</author>
	<datestamp>1256411580000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I teach computer classes to seniors and other people who have (usually) never turned one on before.  When I cover the security section, I try to use analogies to help them understand the threat level and some ways to avoid most of it.</p><p>For virus protection, I equate it to a body guard - If you're in a small town, or walking around downtown, you're fine, and the body guard <i>probably</i> won't even be needed.  If something <i>did</i> come up, you'd be fine since it would probably be a mugger or a rabid dog, and the body guard would be able to take care of that.  Now, if you start wandering around in a mine field, or in the middle of a battle (analogous to visiting warez sites or downloading and running a file someone you didn't know sent you, etc.) no amount of body guards will keep you from dying.</p><p>This has really helped impress in my student's minds that it's really still up to them to not do anything stupid, and their anti-virus can't always keep them safe - especially if they are doing something dangerous on purpose.</p></htmltext>
<tokenext>I teach computer classes to seniors and other people who have ( usually ) never turned one on before .
When I cover the security section , I try to use analogies to help them understand the threat level and some ways to avoid most of it.For virus protection , I equate it to a body guard - If you 're in a small town , or walking around downtown , you 're fine , and the body guard probably wo n't even be needed .
If something did come up , you 'd be fine since it would probably be a mugger or a rabid dog , and the body guard would be able to take care of that .
Now , if you start wandering around in a mine field , or in the middle of a battle ( analogous to visiting warez sites or downloading and running a file someone you did n't know sent you , etc .
) no amount of body guards will keep you from dying.This has really helped impress in my student 's minds that it 's really still up to them to not do anything stupid , and their anti-virus ca n't always keep them safe - especially if they are doing something dangerous on purpose .</tokentext>
<sentencetext>I teach computer classes to seniors and other people who have (usually) never turned one on before.
When I cover the security section, I try to use analogies to help them understand the threat level and some ways to avoid most of it.For virus protection, I equate it to a body guard - If you're in a small town, or walking around downtown, you're fine, and the body guard probably won't even be needed.
If something did come up, you'd be fine since it would probably be a mugger or a rabid dog, and the body guard would be able to take care of that.
Now, if you start wandering around in a mine field, or in the middle of a battle (analogous to visiting warez sites or downloading and running a file someone you didn't know sent you, etc.
) no amount of body guards will keep you from dying.This has really helped impress in my student's minds that it's really still up to them to not do anything stupid, and their anti-virus can't always keep them safe - especially if they are doing something dangerous on purpose.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857209</id>
	<title>Videos help?</title>
	<author>Anonymous</author>
	<datestamp>1256404080000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>I figured that most people would treat videos on computer security like the videos that teachers would show at school. Their reaction?</p><p>"NO WORK!!!"</p><p>I think that what's most effective is just enforcing your security policies using Group Policy or other management tools on the network. That way, you KNOW that most people won't violate any policies set forth, and those that do are the ones that didn't need the training in the first place.</p><p>If you're really adamant about educating your employees with videos and such, find REALLY GOOD videos that will hold their attention for their entire run. Remember, at the end of the day, those computers <b>don't belong to them</b> and most of them simply wish to <b>get work done.</b> Any teaching method which can exploit these two truths for educational value is probably worth watching.</p></htmltext>
<tokenext>I figured that most people would treat videos on computer security like the videos that teachers would show at school .
Their reaction ?
" NO WORK ! ! !
" I think that what 's most effective is just enforcing your security policies using Group Policy or other management tools on the network .
That way , you KNOW that most people wo n't violate any policies set forth , and those that do are the ones that did n't need the training in the first place.If you 're really adamant about educating your employees with videos and such , find REALLY GOOD videos that will hold their attention for their entire run .
Remember , at the end of the day , those computers do n't belong to them and most of them simply wish to get work done .
Any teaching method which can exploit these two truths for educational value is probably worth watching .</tokentext>
<sentencetext>I figured that most people would treat videos on computer security like the videos that teachers would show at school.
Their reaction?
"NO WORK!!!
"I think that what's most effective is just enforcing your security policies using Group Policy or other management tools on the network.
That way, you KNOW that most people won't violate any policies set forth, and those that do are the ones that didn't need the training in the first place.If you're really adamant about educating your employees with videos and such, find REALLY GOOD videos that will hold their attention for their entire run.
Remember, at the end of the day, those computers don't belong to them and most of them simply wish to get work done.
Any teaching method which can exploit these two truths for educational value is probably worth watching.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861869</id>
	<title>Torch a Box In From of Them Once Per Quarter</title>
	<author>obscuro</author>
	<datestamp>1256400360000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Call a meeting. Get an old box running the company standard stuff. Tell them its no different from their box and that if it were connected to the company network it could infect everyone EVEN THEIR BOSS. Then DISCONNECT IT FROM ANY NETWORK ACCESS. And infect it with a virus that torches the drive. Not many people have actually seen a virus turn a perfectly good machine into a basket case.</htmltext>
<tokenext>Call a meeting .
Get an old box running the company standard stuff .
Tell them its no different from their box and that if it were connected to the company network it could infect everyone EVEN THEIR BOSS .
Then DISCONNECT IT FROM ANY NETWORK ACCESS .
And infect it with a virus that torches the drive .
Not many people have actually seen a virus turn a perfectly good machine into a basket case .</tokentext>
<sentencetext>Call a meeting.
Get an old box running the company standard stuff.
Tell them its no different from their box and that if it were connected to the company network it could infect everyone EVEN THEIR BOSS.
Then DISCONNECT IT FROM ANY NETWORK ACCESS.
And infect it with a virus that torches the drive.
Not many people have actually seen a virus turn a perfectly good machine into a basket case.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857045</id>
	<title>This just gave me an idea.</title>
	<author>pavon</author>
	<datestamp>1256402760000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You know what would be really cool? If you had a rewriting-proxy that would occasionally insert a cartoon spy in pages that could be unsafe, reminding/warning them about what could have happened. For example if they submitted a form with a password, and it wasn't encrypted, the spy could pop up and say "This password is unprotected, and could be snooped. Be sure not to use the same password for anything important!", and then have buttons the users could click to submit the form anyway or cancel. If they arrived on a form from a link (refer is set) you could insert the spy, reminding them to check that the URL is correct and not a phishing site, and to always type the URL for important sites, like banks.</p><p>Situational reminders like this (if not overdone) would do more to create an atmosphere of caution and thoughtfulness then a yearly presentation would.</p></htmltext>
<tokenext>You know what would be really cool ?
If you had a rewriting-proxy that would occasionally insert a cartoon spy in pages that could be unsafe , reminding/warning them about what could have happened .
For example if they submitted a form with a password , and it was n't encrypted , the spy could pop up and say " This password is unprotected , and could be snooped .
Be sure not to use the same password for anything important !
" , and then have buttons the users could click to submit the form anyway or cancel .
If they arrived on a form from a link ( refer is set ) you could insert the spy , reminding them to check that the URL is correct and not a phishing site , and to always type the URL for important sites , like banks.Situational reminders like this ( if not overdone ) would do more to create an atmosphere of caution and thoughtfulness then a yearly presentation would .</tokentext>
<sentencetext>You know what would be really cool?
If you had a rewriting-proxy that would occasionally insert a cartoon spy in pages that could be unsafe, reminding/warning them about what could have happened.
For example if they submitted a form with a password, and it wasn't encrypted, the spy could pop up and say "This password is unprotected, and could be snooped.
Be sure not to use the same password for anything important!
", and then have buttons the users could click to submit the form anyway or cancel.
If they arrived on a form from a link (refer is set) you could insert the spy, reminding them to check that the URL is correct and not a phishing site, and to always type the URL for important sites, like banks.Situational reminders like this (if not overdone) would do more to create an atmosphere of caution and thoughtfulness then a yearly presentation would.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857013</id>
	<title>Backdoor.Ghostnet</title>
	<author>adnd74</author>
	<datestamp>1256402460000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext><a href="http://www.sarc.com/" title="sarc.com" rel="nofollow">Symantec Security Response</a> [sarc.com] has an excellent <a href="http://www.youtube.com/watch?v=Vz-gg8hxaVQ" title="youtube.com" rel="nofollow">video about Backdoor.Ghostnet</a> [youtube.com] on <a href="http://www.youtube.com/user/SymcSecurityResponse" title="youtube.com" rel="nofollow">their youtube channel</a> [youtube.com].

<br> <br>

I think the message here is that if you don't practice safe computing, the tools exist that empower just about anyone to pwn you</htmltext>
<tokenext>Symantec Security Response [ sarc.com ] has an excellent video about Backdoor.Ghostnet [ youtube.com ] on their youtube channel [ youtube.com ] .
I think the message here is that if you do n't practice safe computing , the tools exist that empower just about anyone to pwn you</tokentext>
<sentencetext>Symantec Security Response [sarc.com] has an excellent video about Backdoor.Ghostnet [youtube.com] on their youtube channel [youtube.com].
I think the message here is that if you don't practice safe computing, the tools exist that empower just about anyone to pwn you</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857447</id>
	<title>Re:Change their perspective to be self gratifying</title>
	<author>DrNASA</author>
	<datestamp>1256406120000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Google is your friend:
<br> <br>
<a href="http://sourceforge.net/projects/firefoxadm/" title="sourceforge.net" rel="nofollow">http://sourceforge.net/projects/firefoxadm/</a> [sourceforge.net]</htmltext>
<tokenext>Google is your friend : http : //sourceforge.net/projects/firefoxadm/ [ sourceforge.net ]</tokentext>
<sentencetext>Google is your friend:
 
http://sourceforge.net/projects/firefoxadm/ [sourceforge.net]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856965</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893</id>
	<title>Dont you mean "oppresing"...</title>
	<author>Anonymous</author>
	<datestamp>1256401740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Why cant users choose their own level of security - idiots be dammed.  But I bet you find a whole bunch of people wise-up really fast.<nobr> <wbr></nobr>:P</htmltext>
<tokenext>Why cant users choose their own level of security - idiots be dammed .
But I bet you find a whole bunch of people wise-up really fast .
: P</tokentext>
<sentencetext>Why cant users choose their own level of security - idiots be dammed.
But I bet you find a whole bunch of people wise-up really fast.
:P</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857289</id>
	<title>Re:Explosions!</title>
	<author>pentalive</author>
	<datestamp>1256404920000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>That may have the same sort of effect as "Reefer Madness" = Audience ignores message due to "over the top"ness of the presentation.</htmltext>
<tokenext>That may have the same sort of effect as " Reefer Madness " = Audience ignores message due to " over the top " ness of the presentation .</tokentext>
<sentencetext>That may have the same sort of effect as "Reefer Madness" = Audience ignores message due to "over the top"ness of the presentation.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861147</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>Anonymous</author>
	<datestamp>1256392020000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>1</modscore>
	<htmltext><p>Ya right, they just stopped reporting it. So your douchbag boss forced his employees to sign something or be fired, because you are sick of doing your job?</p><p>How about you just install anti spyware and anti virus software and be done with it. Its always worked for me, even if they click something evil it gets squashed immediately and everybody moves on with their life.</p><p>Too bad your expensive services don't include proper management of the computers you are paid to manage. Thats YOUR job dickweed. Not the users. If I was your boss and we had repeated infections, you'd be unemployed and your replacement would take care of the issue once and for all.</p></htmltext>
<tokenext>Ya right , they just stopped reporting it .
So your douchbag boss forced his employees to sign something or be fired , because you are sick of doing your job ? How about you just install anti spyware and anti virus software and be done with it .
Its always worked for me , even if they click something evil it gets squashed immediately and everybody moves on with their life.Too bad your expensive services do n't include proper management of the computers you are paid to manage .
Thats YOUR job dickweed .
Not the users .
If I was your boss and we had repeated infections , you 'd be unemployed and your replacement would take care of the issue once and for all .</tokentext>
<sentencetext>Ya right, they just stopped reporting it.
So your douchbag boss forced his employees to sign something or be fired, because you are sick of doing your job?How about you just install anti spyware and anti virus software and be done with it.
Its always worked for me, even if they click something evil it gets squashed immediately and everybody moves on with their life.Too bad your expensive services don't include proper management of the computers you are paid to manage.
Thats YOUR job dickweed.
Not the users.
If I was your boss and we had repeated infections, you'd be unemployed and your replacement would take care of the issue once and for all.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857161</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>NoYob</author>
	<datestamp>1256403780000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext>What some will do then is go out of their way to click on shit to fuck things up. Treating people like shit will never work. <p>Then, if you work in a company, said stupid people will undermine you. They'll make sure mgt knows you're insulting and unprofessional. Anything breaks, they'll let their bosses know that you were the one who "fixed" it and that your fixes don't work. </p><p>Treat people like children and they will usually act like children.</p></htmltext>
<tokenext>What some will do then is go out of their way to click on shit to fuck things up .
Treating people like shit will never work .
Then , if you work in a company , said stupid people will undermine you .
They 'll make sure mgt knows you 're insulting and unprofessional .
Anything breaks , they 'll let their bosses know that you were the one who " fixed " it and that your fixes do n't work .
Treat people like children and they will usually act like children .</tokentext>
<sentencetext>What some will do then is go out of their way to click on shit to fuck things up.
Treating people like shit will never work.
Then, if you work in a company, said stupid people will undermine you.
They'll make sure mgt knows you're insulting and unprofessional.
Anything breaks, they'll let their bosses know that you were the one who "fixed" it and that your fixes don't work.
Treat people like children and they will usually act like children.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858153</id>
	<title>The real answer is ...</title>
	<author>NotBornYesterday</author>
	<datestamp>1256411100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>The director stood up</p></div><p>You found the holy grail of successful IT endeavors, (including educating end users) - executive buy-in and support.  I know at least a dozen companies in which the executives pay lip service to lots of things, such as IT security, but don't actually <i>actively</i> support them.  As a result, nothing really gets done in those areas.<br> <br>
Show me a company that hires good IT folks, makes them feel valued, and supports them, and you will find a company with a rock solid IT infrastructure.</p></div>
	</htmltext>
<tokenext>The director stood upYou found the holy grail of successful IT endeavors , ( including educating end users ) - executive buy-in and support .
I know at least a dozen companies in which the executives pay lip service to lots of things , such as IT security , but do n't actually actively support them .
As a result , nothing really gets done in those areas .
Show me a company that hires good IT folks , makes them feel valued , and supports them , and you will find a company with a rock solid IT infrastructure .</tokentext>
<sentencetext>The director stood upYou found the holy grail of successful IT endeavors, (including educating end users) - executive buy-in and support.
I know at least a dozen companies in which the executives pay lip service to lots of things, such as IT security, but don't actually actively support them.
As a result, nothing really gets done in those areas.
Show me a company that hires good IT folks, makes them feel valued, and supports them, and you will find a company with a rock solid IT infrastructure.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861119</id>
	<title>Rethink your medium</title>
	<author>mikep554</author>
	<datestamp>1256391660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>It sounds like you want to send an email to all your co-workers with a link to something cool online. The cool link will then teach them not to click on links in emails containing suposedly cool things. Your delivery mechanism is exactly that which you wish your users to avoid.


I'm starting to come around to the school of thought stating there will never be enough motivation for corporate users to learn this stuff, so it is futile to try.</htmltext>
<tokenext>It sounds like you want to send an email to all your co-workers with a link to something cool online .
The cool link will then teach them not to click on links in emails containing suposedly cool things .
Your delivery mechanism is exactly that which you wish your users to avoid .
I 'm starting to come around to the school of thought stating there will never be enough motivation for corporate users to learn this stuff , so it is futile to try .</tokentext>
<sentencetext>It sounds like you want to send an email to all your co-workers with a link to something cool online.
The cool link will then teach them not to click on links in emails containing suposedly cool things.
Your delivery mechanism is exactly that which you wish your users to avoid.
I'm starting to come around to the school of thought stating there will never be enough motivation for corporate users to learn this stuff, so it is futile to try.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858711</id>
	<title>how i really feel about it.</title>
	<author>Anonymous</author>
	<datestamp>1256415060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I say we just stick our foot up your arse.</p></htmltext>
<tokenext>I say we just stick our foot up your arse .</tokentext>
<sentencetext>I say we just stick our foot up your arse.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858653</id>
	<title>PUMP them UP</title>
	<author>bwcbwc</author>
	<datestamp>1256414460000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Maybe create some internal XSS that resides on your corporate proxy server. So when someone runs (say) a Facebook app, your XSS runs some Javascript off of an internal server that does something moderately annoying like continual pop-ups. Then if they click on one of the popups, disable their external web access completely.</p></htmltext>
<tokenext>Maybe create some internal XSS that resides on your corporate proxy server .
So when someone runs ( say ) a Facebook app , your XSS runs some Javascript off of an internal server that does something moderately annoying like continual pop-ups .
Then if they click on one of the popups , disable their external web access completely .</tokentext>
<sentencetext>Maybe create some internal XSS that resides on your corporate proxy server.
So when someone runs (say) a Facebook app, your XSS runs some Javascript off of an internal server that does something moderately annoying like continual pop-ups.
Then if they click on one of the popups, disable their external web access completely.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857367</id>
	<title>Re:Dont you mean "oppresing"...</title>
	<author>Anonymous</author>
	<datestamp>1256405520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Perhaps because the asset at risk is company data, and some of the users could not care less about company data. Some of those users might even be middle management. Upper management usually knows the value of the data but they have other follies.
<p>
Joe User: Passwords do vex me - lets kill them now!</p><p>
IS Dept: But that will mean anyone could copy our data.</p><p>
Joe User: So? I could get my job done.</p><p>
IS Dept: Even our most hated competitors would know everything/</p><p>
Joe User: So? I could get my job done.</p><p>
IS Dept: ???</p></htmltext>
<tokenext>Perhaps because the asset at risk is company data , and some of the users could not care less about company data .
Some of those users might even be middle management .
Upper management usually knows the value of the data but they have other follies .
Joe User : Passwords do vex me - lets kill them now !
IS Dept : But that will mean anyone could copy our data .
Joe User : So ?
I could get my job done .
IS Dept : Even our most hated competitors would know everything/ Joe User : So ?
I could get my job done .
IS Dept : ? ?
?</tokentext>
<sentencetext>Perhaps because the asset at risk is company data, and some of the users could not care less about company data.
Some of those users might even be middle management.
Upper management usually knows the value of the data but they have other follies.
Joe User: Passwords do vex me - lets kill them now!
IS Dept: But that will mean anyone could copy our data.
Joe User: So?
I could get my job done.
IS Dept: Even our most hated competitors would know everything/
Joe User: So?
I could get my job done.
IS Dept: ??
?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856985</id>
	<title>www.IdentityTheft.info video</title>
	<author>Cyko\_01</author>
	<datestamp>1256402340000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext>here is a great video that shows how to detect a phishing scam using examples
<a href="http://www.youtube.com/watch?v=bzfPUmQcfDs" title="youtube.com" rel="nofollow">http://www.youtube.com/watch?v=bzfPUmQcfDs</a> [youtube.com]</htmltext>
<tokenext>here is a great video that shows how to detect a phishing scam using examples http : //www.youtube.com/watch ? v = bzfPUmQcfDs [ youtube.com ]</tokentext>
<sentencetext>here is a great video that shows how to detect a phishing scam using examples
http://www.youtube.com/watch?v=bzfPUmQcfDs [youtube.com]</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861763</id>
	<title>Ah, so your management is a bunch of dicks</title>
	<author>xant</author>
	<datestamp>1256399220000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You did manage to save them a bunch of money, though.  Now that your users aren't fucking up their machines any more, there's little reason to keep paying you to do nothing.  Cost of your services, and all that.</p></htmltext>
<tokenext>You did manage to save them a bunch of money , though .
Now that your users are n't fucking up their machines any more , there 's little reason to keep paying you to do nothing .
Cost of your services , and all that .</tokentext>
<sentencetext>You did manage to save them a bunch of money, though.
Now that your users aren't fucking up their machines any more, there's little reason to keep paying you to do nothing.
Cost of your services, and all that.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857231</id>
	<title>Re:Dont you mean "oppresing"...</title>
	<author>Anonymous</author>
	<datestamp>1256404260000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>.....right.....by this logic shouldn't malware and viri have expired long ago as people 'wise up' - what an ignorant, naive fool you are - perfect mid-management material.</p></htmltext>
<tokenext>.....right.....by this logic should n't malware and viri have expired long ago as people 'wise up ' - what an ignorant , naive fool you are - perfect mid-management material .</tokentext>
<sentencetext>.....right.....by this logic shouldn't malware and viri have expired long ago as people 'wise up' - what an ignorant, naive fool you are - perfect mid-management material.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857975</id>
	<title>Look for vids of the WMF bug</title>
	<author>BLKMGK</author>
	<datestamp>1256410020000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>Sunbelt Security had a video posted of what occurs when you got hit by the old WMF bug awhile back. You could see software being installed, icons appearing on the desktop, and the desktop background being modified as this thing went to town and began popping fake AV warnings. It was one of THE most extreme and informative examples I can think of for this.</p><p>Here's a copy of it I found on Youtube. A search for "WMF exploit" on YouTube will get you plenty of hits<nobr> <wbr></nobr>:-)</p><p><a href="http://www.youtube.com/watch?v=WTBcDJ9kJH4" title="youtube.com">http://www.youtube.com/watch?v=WTBcDJ9kJH4</a> [youtube.com]</p><p>IMO, I think this answers your question!</p></htmltext>
<tokenext>Sunbelt Security had a video posted of what occurs when you got hit by the old WMF bug awhile back .
You could see software being installed , icons appearing on the desktop , and the desktop background being modified as this thing went to town and began popping fake AV warnings .
It was one of THE most extreme and informative examples I can think of for this.Here 's a copy of it I found on Youtube .
A search for " WMF exploit " on YouTube will get you plenty of hits : - ) http : //www.youtube.com/watch ? v = WTBcDJ9kJH4 [ youtube.com ] IMO , I think this answers your question !</tokentext>
<sentencetext>Sunbelt Security had a video posted of what occurs when you got hit by the old WMF bug awhile back.
You could see software being installed, icons appearing on the desktop, and the desktop background being modified as this thing went to town and began popping fake AV warnings.
It was one of THE most extreme and informative examples I can think of for this.Here's a copy of it I found on Youtube.
A search for "WMF exploit" on YouTube will get you plenty of hits :-)http://www.youtube.com/watch?v=WTBcDJ9kJH4 [youtube.com]IMO, I think this answers your question!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856999</id>
	<title>Re:Dont you mean "oppresing"...</title>
	<author>jimicus</author>
	<datestamp>1256402400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Because when their computer is completely hosed and borderline unusable as a direct result, the chances are the OP or someone in a similar role will have to pick up the pieces.  This gets really old really fast.</p><p>Myself, I think there may be something to be said for the endpoint security products that combine centrally managed antivirus, firewall and antispyware features.</p></htmltext>
<tokenext>Because when their computer is completely hosed and borderline unusable as a direct result , the chances are the OP or someone in a similar role will have to pick up the pieces .
This gets really old really fast.Myself , I think there may be something to be said for the endpoint security products that combine centrally managed antivirus , firewall and antispyware features .</tokentext>
<sentencetext>Because when their computer is completely hosed and borderline unusable as a direct result, the chances are the OP or someone in a similar role will have to pick up the pieces.
This gets really old really fast.Myself, I think there may be something to be said for the endpoint security products that combine centrally managed antivirus, firewall and antispyware features.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29860757</id>
	<title>Be the bad guy</title>
	<author>cowtamer</author>
	<datestamp>1256387700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Send some "test" links yourself.  When you manage to break into the user's machine, e-mail the user his own confidential document, password, etc.  Then tell him \_how\_ he exposed himself and that you \_could\_ have been the bad guy.</p><p>I learned how to use chmod properly this way a LONG time ago -- the teaching method was highly effective...<nobr> <wbr></nobr>:)</p><p>(You will, of course, get the careless users ticked off -- so make sure you have management approval for this.  But seeing \_proof\_ of what \_will\_ happen will get the message across for good).</p></htmltext>
<tokenext>Send some " test " links yourself .
When you manage to break into the user 's machine , e-mail the user his own confidential document , password , etc .
Then tell him \ _how \ _ he exposed himself and that you \ _could \ _ have been the bad guy.I learned how to use chmod properly this way a LONG time ago -- the teaching method was highly effective... : ) ( You will , of course , get the careless users ticked off -- so make sure you have management approval for this .
But seeing \ _proof \ _ of what \ _will \ _ happen will get the message across for good ) .</tokentext>
<sentencetext>Send some "test" links yourself.
When you manage to break into the user's machine, e-mail the user his own confidential document, password, etc.
Then tell him \_how\_ he exposed himself and that you \_could\_ have been the bad guy.I learned how to use chmod properly this way a LONG time ago -- the teaching method was highly effective... :)(You will, of course, get the careless users ticked off -- so make sure you have management approval for this.
But seeing \_proof\_ of what \_will\_ happen will get the message across for good).</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857665</id>
	<title>Simple solution</title>
	<author>Anonymous</author>
	<datestamp>1256407740000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>A simple solution: redirect known dangerous sites to "n i m p . o r g" (with spaces on purpose - if you delete them and go there, you'll know why, but DON'T). I guarantee that the first time they click on a bad link will be their last...</p></htmltext>
<tokenext>A simple solution : redirect known dangerous sites to " n i m p .
o r g " ( with spaces on purpose - if you delete them and go there , you 'll know why , but DO N'T ) .
I guarantee that the first time they click on a bad link will be their last.. .</tokentext>
<sentencetext>A simple solution: redirect known dangerous sites to "n i m p .
o r g" (with spaces on purpose - if you delete them and go there, you'll know why, but DON'T).
I guarantee that the first time they click on a bad link will be their last...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857329</id>
	<title>spo8Ge</title>
	<author>Anonymous</author>
	<datestamp>1256405220000</datestamp>
	<modclass>Offtopic</modclass>
	<modscore>-1</modscore>
	<htmltext>gon3 Romeo and</htmltext>
<tokenext>gon3 Romeo and</tokentext>
<sentencetext>gon3 Romeo and</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857157</id>
	<title>Phishing article on SciAm</title>
	<author>Unequivocal</author>
	<datestamp>1256403720000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext><p><a href="http://www.scientificamerican.com/article.cfm?id=how-to-foil-phishing-scams" title="scientificamerican.com">http://www.scientificamerican.com/article.cfm?id=how-to-foil-phishing-scams</a> [scientificamerican.com]</p><p>This is a good start and I'd recommend investigating the author's other published material.</p></htmltext>
<tokenext>http : //www.scientificamerican.com/article.cfm ? id = how-to-foil-phishing-scams [ scientificamerican.com ] This is a good start and I 'd recommend investigating the author 's other published material .</tokentext>
<sentencetext>http://www.scientificamerican.com/article.cfm?id=how-to-foil-phishing-scams [scientificamerican.com]This is a good start and I'd recommend investigating the author's other published material.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857179</id>
	<title>People are stupid</title>
	<author>Crashspeeder</author>
	<datestamp>1256403840000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>it doesn't matter how you explain it to them, whether it's pretty pictures or text, they won't understand or care.</htmltext>
<tokenext>it does n't matter how you explain it to them , whether it 's pretty pictures or text , they wo n't understand or care .</tokentext>
<sentencetext>it doesn't matter how you explain it to them, whether it's pretty pictures or text, they won't understand or care.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857011</id>
	<title>Tactile education</title>
	<author>Anonymous</author>
	<datestamp>1256402460000</datestamp>
	<modclass>None</modclass>
	<modscore>-1</modscore>
	<htmltext><p>Tactile is usually a better educator than visual. Every time they do something stupid, rig a spring-loaded boxing glove to punch them in the face.</p></htmltext>
<tokenext>Tactile is usually a better educator than visual .
Every time they do something stupid , rig a spring-loaded boxing glove to punch them in the face .</tokentext>
<sentencetext>Tactile is usually a better educator than visual.
Every time they do something stupid, rig a spring-loaded boxing glove to punch them in the face.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857409</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>Anonymous</author>
	<datestamp>1256405820000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Do make sure you measure them up before yelling.  You don't want to start yelling and swearing in an office and calling some guy all sorts of names, only to find out its actually a relative of Andre the Giant with the same size, mass and temper<nobr> <wbr></nobr>:-)</p></htmltext>
<tokenext>Do make sure you measure them up before yelling .
You do n't want to start yelling and swearing in an office and calling some guy all sorts of names , only to find out its actually a relative of Andre the Giant with the same size , mass and temper : - )</tokentext>
<sentencetext>Do make sure you measure them up before yelling.
You don't want to start yelling and swearing in an office and calling some guy all sorts of names, only to find out its actually a relative of Andre the Giant with the same size, mass and temper :-)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857445</id>
	<title>Re:Explosions!</title>
	<author>Anonymous</author>
	<datestamp>1256406060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>You could make a video using goatse as the ultimate graphic example of what happens when their computers get compromised.</p></htmltext>
<tokenext>You could make a video using goatse as the ultimate graphic example of what happens when their computers get compromised .</tokentext>
<sentencetext>You could make a video using goatse as the ultimate graphic example of what happens when their computers get compromised.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29881215</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>Logic Worshipper</author>
	<datestamp>1256585880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Have you bothered to check anyway?  Since your users defiantly won't report anything that goes wrong now.  I bet they're doing all kind of stupid shit, then having their neighbor's 13 year old fix it.</p></htmltext>
<tokenext>Have you bothered to check anyway ?
Since your users defiantly wo n't report anything that goes wrong now .
I bet they 're doing all kind of stupid shit , then having their neighbor 's 13 year old fix it .</tokentext>
<sentencetext>Have you bothered to check anyway?
Since your users defiantly won't report anything that goes wrong now.
I bet they're doing all kind of stupid shit, then having their neighbor's 13 year old fix it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29867187</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>sco08y</author>
	<datestamp>1256465880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>That works, until the user is a bigger jerk than you are. I worked for a fairly senior enlisted man who was pretty bad about computer security. He related to me a story about how some system he needed to use generated a password for him, but it was totally random and he couldn't remember it.</p><p>There was no option, whatsoever, to generate any kind of "friendly" password or to make it memorable. So his solution was to call the help desk and to insist upon getting a password he could remember. The female tech started out, much as you suggest, by explaining that there was no way she would do that. He responded with 30-odd years of experience in yelling at people, which brought her to tears, and she wound up resetting the password until she got one he could remember.</p><p>The guy's pretty sharp about most things; he did a lot to straighten up record-keeping which definitely improved our operations, and probably did a lot to improve security overall. But he's that deadly combination of lousy at managing passwords and extremely effective at getting his way. So any plan that is "yell at people" has to account for the fact that the most critical individuals are liable to yell back.</p></htmltext>
<tokenext>That works , until the user is a bigger jerk than you are .
I worked for a fairly senior enlisted man who was pretty bad about computer security .
He related to me a story about how some system he needed to use generated a password for him , but it was totally random and he could n't remember it.There was no option , whatsoever , to generate any kind of " friendly " password or to make it memorable .
So his solution was to call the help desk and to insist upon getting a password he could remember .
The female tech started out , much as you suggest , by explaining that there was no way she would do that .
He responded with 30-odd years of experience in yelling at people , which brought her to tears , and she wound up resetting the password until she got one he could remember.The guy 's pretty sharp about most things ; he did a lot to straighten up record-keeping which definitely improved our operations , and probably did a lot to improve security overall .
But he 's that deadly combination of lousy at managing passwords and extremely effective at getting his way .
So any plan that is " yell at people " has to account for the fact that the most critical individuals are liable to yell back .</tokentext>
<sentencetext>That works, until the user is a bigger jerk than you are.
I worked for a fairly senior enlisted man who was pretty bad about computer security.
He related to me a story about how some system he needed to use generated a password for him, but it was totally random and he couldn't remember it.There was no option, whatsoever, to generate any kind of "friendly" password or to make it memorable.
So his solution was to call the help desk and to insist upon getting a password he could remember.
The female tech started out, much as you suggest, by explaining that there was no way she would do that.
He responded with 30-odd years of experience in yelling at people, which brought her to tears, and she wound up resetting the password until she got one he could remember.The guy's pretty sharp about most things; he did a lot to straighten up record-keeping which definitely improved our operations, and probably did a lot to improve security overall.
But he's that deadly combination of lousy at managing passwords and extremely effective at getting his way.
So any plan that is "yell at people" has to account for the fact that the most critical individuals are liable to yell back.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859</id>
	<title>Explosions!</title>
	<author>sopssa</author>
	<datestamp>1256401500000</datestamp>
	<modclass>Funny</modclass>
	<modscore>3</modscore>
	<htmltext><p>Make a video where the user clicks "Run File" in Internet Explorer and then the building explodes.</p></htmltext>
<tokenext>Make a video where the user clicks " Run File " in Internet Explorer and then the building explodes .</tokentext>
<sentencetext>Make a video where the user clicks "Run File" in Internet Explorer and then the building explodes.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871</id>
	<title>Yell at them and make them feel like shit.</title>
	<author>Anonymous</author>
	<datestamp>1256401620000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>0</modscore>
	<htmltext><p>Some users will "get it" with just a simple explanation. They're the easy ones to deal with. Give them an example, explain how it'll harm them, and they won't fuck up again.</p><p>Other users, however, should probably be treated like children, or in some cases, dogs. It doesn't matter how many times you tell or show them what not to do. They won't understand the harm it's causing.</p><p>Your only option is to yell at those idiots. Yell and yell and yell and yell. Make them feel like the shit that they are. They still won't understand why they shouldn't do the things you tell them not to do. They just won't do it to avoid your angry reaction.</p></htmltext>
<tokenext>Some users will " get it " with just a simple explanation .
They 're the easy ones to deal with .
Give them an example , explain how it 'll harm them , and they wo n't fuck up again.Other users , however , should probably be treated like children , or in some cases , dogs .
It does n't matter how many times you tell or show them what not to do .
They wo n't understand the harm it 's causing.Your only option is to yell at those idiots .
Yell and yell and yell and yell .
Make them feel like the shit that they are .
They still wo n't understand why they should n't do the things you tell them not to do .
They just wo n't do it to avoid your angry reaction .</tokentext>
<sentencetext>Some users will "get it" with just a simple explanation.
They're the easy ones to deal with.
Give them an example, explain how it'll harm them, and they won't fuck up again.Other users, however, should probably be treated like children, or in some cases, dogs.
It doesn't matter how many times you tell or show them what not to do.
They won't understand the harm it's causing.Your only option is to yell at those idiots.
Yell and yell and yell and yell.
Make them feel like the shit that they are.
They still won't understand why they shouldn't do the things you tell them not to do.
They just won't do it to avoid your angry reaction.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857277</id>
	<title>What's in it for them?</title>
	<author>petes\_PoV</author>
	<datestamp>1256404800000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext>Viruses, worms etc. aren't really the users' problem - unless you can categorically point the finger at an individual and get them fired (as an example, pour les autres). Why should they care if THE COMPANY computers crash, or slow down or give them reasons why they can't do their job?
<p>
So why should they go to the inconvenience of not clicking on links that they want to, or not visiting any website that takes their fancy? By appealing to their "professionalism" or "humanity" or "team spirit" you're probably on a loser. While these might get them gee-d up for a short time, you can bet that unless there's some personal pain involved in doing it, they'll be back to their old habits in a few weeks time.
</p><p>
Once you can put security in terms a normal user will understand: i.e. If you click on a bad website, these bad things will happen TO YOU, they'll pay attention. Until then you haven't got a chance.</p></htmltext>
<tokenext>Viruses , worms etc .
are n't really the users ' problem - unless you can categorically point the finger at an individual and get them fired ( as an example , pour les autres ) .
Why should they care if THE COMPANY computers crash , or slow down or give them reasons why they ca n't do their job ?
So why should they go to the inconvenience of not clicking on links that they want to , or not visiting any website that takes their fancy ?
By appealing to their " professionalism " or " humanity " or " team spirit " you 're probably on a loser .
While these might get them gee-d up for a short time , you can bet that unless there 's some personal pain involved in doing it , they 'll be back to their old habits in a few weeks time .
Once you can put security in terms a normal user will understand : i.e .
If you click on a bad website , these bad things will happen TO YOU , they 'll pay attention .
Until then you have n't got a chance .</tokentext>
<sentencetext>Viruses, worms etc.
aren't really the users' problem - unless you can categorically point the finger at an individual and get them fired (as an example, pour les autres).
Why should they care if THE COMPANY computers crash, or slow down or give them reasons why they can't do their job?
So why should they go to the inconvenience of not clicking on links that they want to, or not visiting any website that takes their fancy?
By appealing to their "professionalism" or "humanity" or "team spirit" you're probably on a loser.
While these might get them gee-d up for a short time, you can bet that unless there's some personal pain involved in doing it, they'll be back to their old habits in a few weeks time.
Once you can put security in terms a normal user will understand: i.e.
If you click on a bad website, these bad things will happen TO YOU, they'll pay attention.
Until then you haven't got a chance.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856947</id>
	<title>Re:Explosions!</title>
	<author>Anonymous</author>
	<datestamp>1256402160000</datestamp>
	<modclass>Funny</modclass>
	<modscore>3</modscore>
	<htmltext>Actually, we've found that "making an example" has been the most effective security measure. Call a meeting - "Tom here has decided to do $INSERT\_ENDUSER\_STUPIDITY, so we're going to take this time to show you what happens.." Then you just grab a hammer and smash fingers. Some people puke others just turn in disgust - regardless we haven't had a user click a fishing email in over 2 years.</htmltext>
<tokenext>Actually , we 've found that " making an example " has been the most effective security measure .
Call a meeting - " Tom here has decided to do $ INSERT \ _ENDUSER \ _STUPIDITY , so we 're going to take this time to show you what happens.. " Then you just grab a hammer and smash fingers .
Some people puke others just turn in disgust - regardless we have n't had a user click a fishing email in over 2 years .</tokentext>
<sentencetext>Actually, we've found that "making an example" has been the most effective security measure.
Call a meeting - "Tom here has decided to do $INSERT\_ENDUSER\_STUPIDITY, so we're going to take this time to show you what happens.." Then you just grab a hammer and smash fingers.
Some people puke others just turn in disgust - regardless we haven't had a user click a fishing email in over 2 years.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857583</id>
	<title>Deny internet access to repeat offenders</title>
	<author>JustNiz</author>
	<datestamp>1256407020000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>Deny internet access to repeat offenders. They soon get the message that way.</p></htmltext>
<tokenext>Deny internet access to repeat offenders .
They soon get the message that way .</tokentext>
<sentencetext>Deny internet access to repeat offenders.
They soon get the message that way.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857605</id>
	<title>Excellent Question; Really Bad Timing</title>
	<author>DaveAtFraud</author>
	<datestamp>1256407200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Excellent question but, unfortunately, it hit the main<nobr> <wbr></nobr>/. page on a Saturday.  Let's just say that the percentage of readers who are IT professionals drops off significantly over the weekend.  Go figure.</p><p>Most of your responses so far are along the lines of, "You NAZI!  Leave your users alone and let the one's who don't learn get what they deserve."  Obviously, not the response of an IT type who has to deal with regulatory requirements and wants to keep his job.  You might try the same question again but on a weekday on a computer and network security related site.</p><p>Good luck with your search.</p><p>Cheers,<br>Dave</p></htmltext>
<tokenext>Excellent question but , unfortunately , it hit the main / .
page on a Saturday .
Let 's just say that the percentage of readers who are IT professionals drops off significantly over the weekend .
Go figure.Most of your responses so far are along the lines of , " You NAZI !
Leave your users alone and let the one 's who do n't learn get what they deserve .
" Obviously , not the response of an IT type who has to deal with regulatory requirements and wants to keep his job .
You might try the same question again but on a weekday on a computer and network security related site.Good luck with your search.Cheers,Dave</tokentext>
<sentencetext>Excellent question but, unfortunately, it hit the main /.
page on a Saturday.
Let's just say that the percentage of readers who are IT professionals drops off significantly over the weekend.
Go figure.Most of your responses so far are along the lines of, "You NAZI!
Leave your users alone and let the one's who don't learn get what they deserve.
"  Obviously, not the response of an IT type who has to deal with regulatory requirements and wants to keep his job.
You might try the same question again but on a weekday on a computer and network security related site.Good luck with your search.Cheers,Dave</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857523</id>
	<title>xshit...</title>
	<author>Anonymous</author>
	<datestamp>1256406600000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext>from within. GAY NIGGERS from between each BSD Learn what mistakes Irrecoverable Shout the loudest is part of the mistake of electing Just yet, but I'm core team. They</htmltext>
<tokenext>from within .
GAY NIGGERS from between each BSD Learn what mistakes Irrecoverable Shout the loudest is part of the mistake of electing Just yet , but I 'm core team .
They</tokentext>
<sentencetext>from within.
GAY NIGGERS from between each BSD Learn what mistakes Irrecoverable Shout the loudest is part of the mistake of electing Just yet, but I'm core team.
They</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857313</id>
	<title>Set policy</title>
	<author>InlawBiker</author>
	<datestamp>1256405100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>It is pretty simple really.  You have to set policy and communicate it.  Then, if policy is broken the company must actually follow up with the repercussions stated in the policy.  People are pretty smart - they understand repercussions.  If the company doesn't back up the policy then it's not a policy, and there's no real reason for users to follow it.</htmltext>
<tokenext>It is pretty simple really .
You have to set policy and communicate it .
Then , if policy is broken the company must actually follow up with the repercussions stated in the policy .
People are pretty smart - they understand repercussions .
If the company does n't back up the policy then it 's not a policy , and there 's no real reason for users to follow it .</tokentext>
<sentencetext>It is pretty simple really.
You have to set policy and communicate it.
Then, if policy is broken the company must actually follow up with the repercussions stated in the policy.
People are pretty smart - they understand repercussions.
If the company doesn't back up the policy then it's not a policy, and there's no real reason for users to follow it.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857491</id>
	<title>One visual representation always works...</title>
	<author>Anonymous</author>
	<datestamp>1256406360000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>...that of a pissed off sysadmin charging down the corridor wielding a sizable rubber mallet.</p></htmltext>
<tokenext>...that of a pissed off sysadmin charging down the corridor wielding a sizable rubber mallet .</tokentext>
<sentencetext>...that of a pissed off sysadmin charging down the corridor wielding a sizable rubber mallet.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858605</id>
	<title>If you are talking about corp users</title>
	<author>geekoid</author>
	<datestamp>1256414100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>why not block access to anything non-approved?<br>More accurately, only allow specific site.<br>Yes some people will get around it, but most people capable enough to get around aren't high risk. How many people who know how to tunnel would also download smileys?</p></htmltext>
<tokenext>why not block access to anything non-approved ? More accurately , only allow specific site.Yes some people will get around it , but most people capable enough to get around are n't high risk .
How many people who know how to tunnel would also download smileys ?</tokentext>
<sentencetext>why not block access to anything non-approved?More accurately, only allow specific site.Yes some people will get around it, but most people capable enough to get around aren't high risk.
How many people who know how to tunnel would also download smileys?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857257</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>Brett Buck</author>
	<datestamp>1256404620000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><blockquote><div><p>Your only option is to yell at those idiots. Yell and yell and yell and yell. Make them feel like the shit that they are. They still won't understand why they shouldn't do the things you tell them not to do. They just won't do it to avoid your angry reaction.</p></div>     </blockquote><p>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; That will be a great story to tell all those people you meet at the unemployment office, there, tough guy.</p><p>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Brett</p><p>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;</p></div>
	</htmltext>
<tokenext>Your only option is to yell at those idiots .
Yell and yell and yell and yell .
Make them feel like the shit that they are .
They still wo n't understand why they should n't do the things you tell them not to do .
They just wo n't do it to avoid your angry reaction .
          That will be a great story to tell all those people you meet at the unemployment office , there , tough guy .
          Brett            </tokentext>
<sentencetext>Your only option is to yell at those idiots.
Yell and yell and yell and yell.
Make them feel like the shit that they are.
They still won't understand why they shouldn't do the things you tell them not to do.
They just won't do it to avoid your angry reaction.
          That will be a great story to tell all those people you meet at the unemployment office, there, tough guy.
          Brett
           
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857631</id>
	<title>Demostrate</title>
	<author>Deathlizard</author>
	<datestamp>1256407440000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>A demostration of the "Customer Appreciation Bat" works wonders.</p><p>Although since it's a corporate institution, the "Security Empowerment Bat" might be more effective.</p></htmltext>
<tokenext>A demostration of the " Customer Appreciation Bat " works wonders.Although since it 's a corporate institution , the " Security Empowerment Bat " might be more effective .</tokentext>
<sentencetext>A demostration of the "Customer Appreciation Bat" works wonders.Although since it's a corporate institution, the "Security Empowerment Bat" might be more effective.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858249</id>
	<title>Re:So you are looking for a "Reefer Madness" movie</title>
	<author>Mister Transistor</author>
	<datestamp>1256411640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>How about "Napster Baaaaad"?</p></htmltext>
<tokenext>How about " Napster Baaaaad " ?</tokentext>
<sentencetext>How about "Napster Baaaaad"?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856963</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861841</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>Anonymous</author>
	<datestamp>1256400060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>I like our policy better, on the first transgression of the IT Policy we organise a meeting between an ITSec Administrator or Manager and the Company lawyer, the lawyer will then explain how we can sue them, show some previous cases which set some precedence usually showing awards of anything between 5 and 6 figures then we give them in writing what we have said and detailed information on what they did wrong and how it breached the IT Policy.<br>
On the second transgression the person is immediately suspended and given the lecture again on the way out and also when they return.<br>
On the third breach the person is immediately discharged with legal proceedings against the person filed the next working day. Thankfully we've only had one third transgression, we make sure to highlight the success of that lawsuit to people on their first and second transgressions.<br>
This is our policy with handling policy transgressions, it's even posted on the walls as pretty posters along side the actual IT Policy. Ignorance is not an excuse.</htmltext>
<tokenext>I like our policy better , on the first transgression of the IT Policy we organise a meeting between an ITSec Administrator or Manager and the Company lawyer , the lawyer will then explain how we can sue them , show some previous cases which set some precedence usually showing awards of anything between 5 and 6 figures then we give them in writing what we have said and detailed information on what they did wrong and how it breached the IT Policy .
On the second transgression the person is immediately suspended and given the lecture again on the way out and also when they return .
On the third breach the person is immediately discharged with legal proceedings against the person filed the next working day .
Thankfully we 've only had one third transgression , we make sure to highlight the success of that lawsuit to people on their first and second transgressions .
This is our policy with handling policy transgressions , it 's even posted on the walls as pretty posters along side the actual IT Policy .
Ignorance is not an excuse .</tokentext>
<sentencetext>I like our policy better, on the first transgression of the IT Policy we organise a meeting between an ITSec Administrator or Manager and the Company lawyer, the lawyer will then explain how we can sue them, show some previous cases which set some precedence usually showing awards of anything between 5 and 6 figures then we give them in writing what we have said and detailed information on what they did wrong and how it breached the IT Policy.
On the second transgression the person is immediately suspended and given the lecture again on the way out and also when they return.
On the third breach the person is immediately discharged with legal proceedings against the person filed the next working day.
Thankfully we've only had one third transgression, we make sure to highlight the success of that lawsuit to people on their first and second transgressions.
This is our policy with handling policy transgressions, it's even posted on the walls as pretty posters along side the actual IT Policy.
Ignorance is not an excuse.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857121</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>Anonymous</author>
	<datestamp>1256403360000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Why not simply announce the company may deduct the cost of fixing the broken security and the damages done by the broken security?  Make it specific that it will be for them doing the things cautioned against, and will come from their salaries, and retirement benefits, at a rate of X per month?</p></htmltext>
<tokenext>Why not simply announce the company may deduct the cost of fixing the broken security and the damages done by the broken security ?
Make it specific that it will be for them doing the things cautioned against , and will come from their salaries , and retirement benefits , at a rate of X per month ?</tokentext>
<sentencetext>Why not simply announce the company may deduct the cost of fixing the broken security and the damages done by the broken security?
Make it specific that it will be for them doing the things cautioned against, and will come from their salaries, and retirement benefits, at a rate of X per month?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29860075</id>
	<title>Fedex a package</title>
	<author>holophrastic</author>
	<datestamp>1256381760000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>A normal brown-box Fedex-like package.  When they open it, a balloon bursts and glitter goes everywhere.</p><p>Maybe they'll learn not to open random packages when it means maybe cleaning glitter for six days.</p></htmltext>
<tokenext>A normal brown-box Fedex-like package .
When they open it , a balloon bursts and glitter goes everywhere.Maybe they 'll learn not to open random packages when it means maybe cleaning glitter for six days .</tokentext>
<sentencetext>A normal brown-box Fedex-like package.
When they open it, a balloon bursts and glitter goes everywhere.Maybe they'll learn not to open random packages when it means maybe cleaning glitter for six days.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857743</id>
	<title>Impress what happens when they AREN'T secure</title>
	<author>mnemotronic</author>
	<datestamp>1256408400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I suggest you emphasize the possibilities of what the Chinese government hackers, Russian mafia, and US Customs &amp; Border Patrol will do to them if they <em>don't</em> practice proper security procedures.  <a href="http://www.youtube.com/watch?v=yj4LnfkdJDM&amp;feature=related" title="youtube.com">A scene from "Deliverance"</a> [youtube.com] that will get the point across.  You know what I'm talking about.</htmltext>
<tokenext>I suggest you emphasize the possibilities of what the Chinese government hackers , Russian mafia , and US Customs &amp; Border Patrol will do to them if they do n't practice proper security procedures .
A scene from " Deliverance " [ youtube.com ] that will get the point across .
You know what I 'm talking about .</tokentext>
<sentencetext>I suggest you emphasize the possibilities of what the Chinese government hackers, Russian mafia, and US Customs &amp; Border Patrol will do to them if they don't practice proper security procedures.
A scene from "Deliverance" [youtube.com] that will get the point across.
You know what I'm talking about.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856923</id>
	<title>How do you explain a buffer overflow?</title>
	<author>Anonymous</author>
	<datestamp>1256401980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>How about just saying that we can't do our jobs right, so you need to be very careful instead, to cover our asses for us.</htmltext>
<tokenext>How about just saying that we ca n't do our jobs right , so you need to be very careful instead , to cover our asses for us .</tokentext>
<sentencetext>How about just saying that we can't do our jobs right, so you need to be very careful instead, to cover our asses for us.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857101</id>
	<title>Re:Dont you mean "oppresing"...</title>
	<author>Antique Geekmeister</author>
	<datestamp>1256403180000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I, for one, get paid to avoid them and my employers from wasting valuable time, money, and bandwidth both from such errors.</p></htmltext>
<tokenext>I , for one , get paid to avoid them and my employers from wasting valuable time , money , and bandwidth both from such errors .</tokentext>
<sentencetext>I, for one, get paid to avoid them and my employers from wasting valuable time, money, and bandwidth both from such errors.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29881193</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>Logic Worshipper</author>
	<datestamp>1256585520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Because then they won't report problems and you'll have a bunch of infected computers leaking data you don't know about, or worse they won't tell you about things that aren't operator error and you won't know when something major isn't working.</p></htmltext>
<tokenext>Because then they wo n't report problems and you 'll have a bunch of infected computers leaking data you do n't know about , or worse they wo n't tell you about things that are n't operator error and you wo n't know when something major is n't working .</tokentext>
<sentencetext>Because then they won't report problems and you'll have a bunch of infected computers leaking data you don't know about, or worse they won't tell you about things that aren't operator error and you won't know when something major isn't working.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857121</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857873</id>
	<title>Re:Explosions!</title>
	<author>Runaway1956</author>
	<datestamp>1256409420000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>Hmmm.  I read the posted question/summary.  Started scrolling down, reading comments.  Stopped.  Go back up and read just the title.  Hmmm.  Forget everything else, just concentrate on the title.</p><p>Could you make some kind of a monitoring app, which displays a graphic?</p><p>I don't mean to make a new antivirus.  Just some graphic attached to existing antivirus and anti-malware softwares.  It monitors the stupid things people do, and displays a ribbon or something across the top of the toolbar.  Put a red end on the ribbon, and the red starts filling up the ribbon.  When the user does something REALLY stupid, he gets popups, which grow more and more annoying.</p><p>For people with a clue, the ribbon just serves as a reminder.  For people without a clue, those popups get more and more "In your FACE".  Give the thing the ability to log those events and warnings, so the IT guy can bring it up, and show the idiot who refuses to be warned.</p><p>Just an idea - but I think it would be helpful to stick something like that on your most obtuse user's desktops.</p></htmltext>
<tokenext>Hmmm .
I read the posted question/summary .
Started scrolling down , reading comments .
Stopped. Go back up and read just the title .
Hmmm. Forget everything else , just concentrate on the title.Could you make some kind of a monitoring app , which displays a graphic ? I do n't mean to make a new antivirus .
Just some graphic attached to existing antivirus and anti-malware softwares .
It monitors the stupid things people do , and displays a ribbon or something across the top of the toolbar .
Put a red end on the ribbon , and the red starts filling up the ribbon .
When the user does something REALLY stupid , he gets popups , which grow more and more annoying.For people with a clue , the ribbon just serves as a reminder .
For people without a clue , those popups get more and more " In your FACE " .
Give the thing the ability to log those events and warnings , so the IT guy can bring it up , and show the idiot who refuses to be warned.Just an idea - but I think it would be helpful to stick something like that on your most obtuse user 's desktops .</tokentext>
<sentencetext>Hmmm.
I read the posted question/summary.
Started scrolling down, reading comments.
Stopped.  Go back up and read just the title.
Hmmm.  Forget everything else, just concentrate on the title.Could you make some kind of a monitoring app, which displays a graphic?I don't mean to make a new antivirus.
Just some graphic attached to existing antivirus and anti-malware softwares.
It monitors the stupid things people do, and displays a ribbon or something across the top of the toolbar.
Put a red end on the ribbon, and the red starts filling up the ribbon.
When the user does something REALLY stupid, he gets popups, which grow more and more annoying.For people with a clue, the ribbon just serves as a reminder.
For people without a clue, those popups get more and more "In your FACE".
Give the thing the ability to log those events and warnings, so the IT guy can bring it up, and show the idiot who refuses to be warned.Just an idea - but I think it would be helpful to stick something like that on your most obtuse user's desktops.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857521</id>
	<title>Re:Explosions!</title>
	<author>Anonymous</author>
	<datestamp>1256406600000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Or put a gun in their face every time the screw up.</p><p>I personally have given up on trying to educate users. They don't care. They won't care. Choke down on your rights as much as you can while allowing them to get their work done, keep good easily restored backups of everything, and assume your users are going to fuck your network up. When they do, restore everything and keep browsing the job boards looking for a field that isn't as repetitive and hopeless as IT, like bringing world peace or something.</p></htmltext>
<tokenext>Or put a gun in their face every time the screw up.I personally have given up on trying to educate users .
They do n't care .
They wo n't care .
Choke down on your rights as much as you can while allowing them to get their work done , keep good easily restored backups of everything , and assume your users are going to fuck your network up .
When they do , restore everything and keep browsing the job boards looking for a field that is n't as repetitive and hopeless as IT , like bringing world peace or something .</tokentext>
<sentencetext>Or put a gun in their face every time the screw up.I personally have given up on trying to educate users.
They don't care.
They won't care.
Choke down on your rights as much as you can while allowing them to get their work done, keep good easily restored backups of everything, and assume your users are going to fuck your network up.
When they do, restore everything and keep browsing the job boards looking for a field that isn't as repetitive and hopeless as IT, like bringing world peace or something.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29881283</id>
	<title>You don't talk them into being smart</title>
	<author>Logic Worshipper</author>
	<datestamp>1256587080000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You idiot proof problem user's computers.  If you're using Active Directory reduce their privileges, if you're not, give them only limited accounts - only you will have the admin password to their computers (if that isn't already the case) then Install firefox, adblock plus with malware filters and high security settings, and disable IE.  If you need IE for certain websites, whitelist those sites, then don't allow any cookies, scripting, or anything else from internet zone in IE. User's can't click stupid executables if they don't have permission to run executable files.  If none of that works give them a computer with Linux on it, but only you have the root password; show them how to use thunderbird, firefox, and openoffice, and only other things they need for work.</p></htmltext>
<tokenext>You idiot proof problem user 's computers .
If you 're using Active Directory reduce their privileges , if you 're not , give them only limited accounts - only you will have the admin password to their computers ( if that is n't already the case ) then Install firefox , adblock plus with malware filters and high security settings , and disable IE .
If you need IE for certain websites , whitelist those sites , then do n't allow any cookies , scripting , or anything else from internet zone in IE .
User 's ca n't click stupid executables if they do n't have permission to run executable files .
If none of that works give them a computer with Linux on it , but only you have the root password ; show them how to use thunderbird , firefox , and openoffice , and only other things they need for work .</tokentext>
<sentencetext>You idiot proof problem user's computers.
If you're using Active Directory reduce their privileges, if you're not, give them only limited accounts - only you will have the admin password to their computers (if that isn't already the case) then Install firefox, adblock plus with malware filters and high security settings, and disable IE.
If you need IE for certain websites, whitelist those sites, then don't allow any cookies, scripting, or anything else from internet zone in IE.
User's can't click stupid executables if they don't have permission to run executable files.
If none of that works give them a computer with Linux on it, but only you have the root password; show them how to use thunderbird, firefox, and openoffice, and only other things they need for work.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857311</id>
	<title>Re:Dont you mean "oppresing"...</title>
	<author>Anonymous</author>
	<datestamp>1256405100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>HAHAHA - spoken like the guy not responsible for cleaning up other people's messes and securing mission critical or personal data.

Users choosing their own level of security is why (probably) more than 70\% of GeekSquad work is wiping hard drives due to malware.

In the real world of business, it is the sysadmins job to provide the resources to get the job done and keep data safe. That's it. Getting the job done does not include YouTube, Facebook, or Solitare (yes, there are cases where social media is required) You want that - do it at home.<br> <br>
Work is called that for a reason. Hopefully you are fortunate enough to enjoy the work that you do, making it seem less like work, but work it is and shall be and sucks to the whiners.
<br> <br>
Decide to let the marketing team decide their own security - a task for which they have neither the training, time, or inclination to do, and now nobody can access anything because the network is overrun with malware.<br> <br>
Businesses run on specialization. Embrace that fact and let people ruin their own equipment. Not the company's.</htmltext>
<tokenext>HAHAHA - spoken like the guy not responsible for cleaning up other people 's messes and securing mission critical or personal data .
Users choosing their own level of security is why ( probably ) more than 70 \ % of GeekSquad work is wiping hard drives due to malware .
In the real world of business , it is the sysadmins job to provide the resources to get the job done and keep data safe .
That 's it .
Getting the job done does not include YouTube , Facebook , or Solitare ( yes , there are cases where social media is required ) You want that - do it at home .
Work is called that for a reason .
Hopefully you are fortunate enough to enjoy the work that you do , making it seem less like work , but work it is and shall be and sucks to the whiners .
Decide to let the marketing team decide their own security - a task for which they have neither the training , time , or inclination to do , and now nobody can access anything because the network is overrun with malware .
Businesses run on specialization .
Embrace that fact and let people ruin their own equipment .
Not the company 's .</tokentext>
<sentencetext>HAHAHA - spoken like the guy not responsible for cleaning up other people's messes and securing mission critical or personal data.
Users choosing their own level of security is why (probably) more than 70\% of GeekSquad work is wiping hard drives due to malware.
In the real world of business, it is the sysadmins job to provide the resources to get the job done and keep data safe.
That's it.
Getting the job done does not include YouTube, Facebook, or Solitare (yes, there are cases where social media is required) You want that - do it at home.
Work is called that for a reason.
Hopefully you are fortunate enough to enjoy the work that you do, making it seem less like work, but work it is and shall be and sucks to the whiners.
Decide to let the marketing team decide their own security - a task for which they have neither the training, time, or inclination to do, and now nobody can access anything because the network is overrun with malware.
Businesses run on specialization.
Embrace that fact and let people ruin their own equipment.
Not the company's.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857971</id>
	<title>Why you shouldn't click random links</title>
	<author>Anonymous</author>
	<datestamp>1256410020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>such as not clicking links in the occasional spam email which passes through filters</p></div><p>Here's a good example of why people shouldn't click random links. http://www.youtube.com/watch?v=Yu\_moia-oVI</p></div>
	</htmltext>
<tokenext>such as not clicking links in the occasional spam email which passes through filtersHere 's a good example of why people should n't click random links .
http : //www.youtube.com/watch ? v = Yu \ _moia-oVI</tokentext>
<sentencetext>such as not clicking links in the occasional spam email which passes through filtersHere's a good example of why people shouldn't click random links.
http://www.youtube.com/watch?v=Yu\_moia-oVI
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29903987</id>
	<title>search limewire using "passwords"</title>
	<author>Anonymous</author>
	<datestamp>1256731920000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Just show a few screenshots of limewire using the search terms "password" or "credit card".</p><p>That should scare the sh*t out of anybody...</p><p>sorry - no time to create your account so I'll post as a coward.</p></htmltext>
<tokenext>Just show a few screenshots of limewire using the search terms " password " or " credit card " .That should scare the sh * t out of anybody...sorry - no time to create your account so I 'll post as a coward .</tokentext>
<sentencetext>Just show a few screenshots of limewire using the search terms "password" or "credit card".That should scare the sh*t out of anybody...sorry - no time to create your account so I'll post as a coward.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429</id>
	<title>Re:Yell at them and make them feel like shit.</title>
	<author>DoraLives</author>
	<datestamp>1256405940000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext>This actually worked at the small enterprise where I take care of things. A user managed to get their machine mucked up with a bunch of spyware and adware by clicking in a forwarded email. I cleaned the machine and then management called a meeting a day or two later. Had every one of the employees in attendance. I gave the standard presentation about email safety, as well as general internet safety. I sat down. The director stood up and informed everyone in the room that the next time a machine needed to be cleaned as a result of operator error, the bill for my services (not cheap) would be deducted from the relevant employee's next paycheck. A sheet of paper was then passed around, with the same directive written on it, and all employees were instructed to either sign or lose their job. They all signed.<br> <br>

That was two years ago. Have not had a SINGLE instance of any malware on any machine, since that time. People now ask me every time they have any doubts about what they're doing, and I've headed off a few potential catastrophes since that started happening.<br> <br>

I'm guessing it's not a coincidence.</htmltext>
<tokenext>This actually worked at the small enterprise where I take care of things .
A user managed to get their machine mucked up with a bunch of spyware and adware by clicking in a forwarded email .
I cleaned the machine and then management called a meeting a day or two later .
Had every one of the employees in attendance .
I gave the standard presentation about email safety , as well as general internet safety .
I sat down .
The director stood up and informed everyone in the room that the next time a machine needed to be cleaned as a result of operator error , the bill for my services ( not cheap ) would be deducted from the relevant employee 's next paycheck .
A sheet of paper was then passed around , with the same directive written on it , and all employees were instructed to either sign or lose their job .
They all signed .
That was two years ago .
Have not had a SINGLE instance of any malware on any machine , since that time .
People now ask me every time they have any doubts about what they 're doing , and I 've headed off a few potential catastrophes since that started happening .
I 'm guessing it 's not a coincidence .</tokentext>
<sentencetext>This actually worked at the small enterprise where I take care of things.
A user managed to get their machine mucked up with a bunch of spyware and adware by clicking in a forwarded email.
I cleaned the machine and then management called a meeting a day or two later.
Had every one of the employees in attendance.
I gave the standard presentation about email safety, as well as general internet safety.
I sat down.
The director stood up and informed everyone in the room that the next time a machine needed to be cleaned as a result of operator error, the bill for my services (not cheap) would be deducted from the relevant employee's next paycheck.
A sheet of paper was then passed around, with the same directive written on it, and all employees were instructed to either sign or lose their job.
They all signed.
That was two years ago.
Have not had a SINGLE instance of any malware on any machine, since that time.
People now ask me every time they have any doubts about what they're doing, and I've headed off a few potential catastrophes since that started happening.
I'm guessing it's not a coincidence.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857121</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857301</id>
	<title>Flash?</title>
	<author>Anonymous</author>
	<datestamp>1256405040000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Boy, I thought you were going to avoid dangerous and annoying plugins<nobr> <wbr></nobr>...</p></htmltext>
<tokenext>Boy , I thought you were going to avoid dangerous and annoying plugins .. .</tokentext>
<sentencetext>Boy, I thought you were going to avoid dangerous and annoying plugins ...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858937</id>
	<title>Re:This just gave me an idea.</title>
	<author>bjelkeman</author>
	<datestamp>1256416860000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Use the MS Office tools with the paperclip a lot?</p></htmltext>
<tokenext>Use the MS Office tools with the paperclip a lot ?</tokentext>
<sentencetext>Use the MS Office tools with the paperclip a lot?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857045</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29860715</id>
	<title>Making people care is about incentives</title>
	<author>gravos</author>
	<datestamp>1256387400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>People respond to their actual incentives, not what you pretend the incentives are.<br> <br>

If people were held personally liable for damages caused by security breaches that they enabled, they would get smarter about security.<br> <br>

I'm not arguing that they should be held liable, just that it's going to be hard to make them care when they aren't.</htmltext>
<tokenext>People respond to their actual incentives , not what you pretend the incentives are .
If people were held personally liable for damages caused by security breaches that they enabled , they would get smarter about security .
I 'm not arguing that they should be held liable , just that it 's going to be hard to make them care when they are n't .</tokentext>
<sentencetext>People respond to their actual incentives, not what you pretend the incentives are.
If people were held personally liable for damages caused by security breaches that they enabled, they would get smarter about security.
I'm not arguing that they should be held liable, just that it's going to be hard to make them care when they aren't.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29871763</id>
	<title>FTC Site has some basic stuff, but not scripting</title>
	<author>aarenz</author>
	<datestamp>1256568660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>FTC has site on Phishing that may help. We have been getting the Outlook update link in an fake email here for a while, have had to send many reminders that we will not send links to people for updates on their computer since we manage patches and updates automatically.

<a href="http://www.ftc.gov/bcp/menus/consumer/tech/privacy.shtm" title="ftc.gov" rel="nofollow">http://www.ftc.gov/bcp/menus/consumer/tech/privacy.shtm</a> [ftc.gov]</htmltext>
<tokenext>FTC has site on Phishing that may help .
We have been getting the Outlook update link in an fake email here for a while , have had to send many reminders that we will not send links to people for updates on their computer since we manage patches and updates automatically .
http : //www.ftc.gov/bcp/menus/consumer/tech/privacy.shtm [ ftc.gov ]</tokentext>
<sentencetext>FTC has site on Phishing that may help.
We have been getting the Outlook update link in an fake email here for a while, have had to send many reminders that we will not send links to people for updates on their computer since we manage patches and updates automatically.
http://www.ftc.gov/bcp/menus/consumer/tech/privacy.shtm [ftc.gov]</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861287</id>
	<title>It's you who ignores basic rules of human behavior</title>
	<author>Hurricane78</author>
	<datestamp>1256394120000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>1. "If someone can do something wrong, someone <em>will</em>."<br>There's no way to circumvent this. Ever. Period. You have to accept, that humans make errors. But it's ok if they learn from it.<br>The problem is:</p><p>2. "To get people to learn from something, they have to have an interest in it."<br>So if it does not hurt them, and does not give them a advantage, then why should they learn anything? Humans are all about efficiency. In fact all competing life-forms ever, are. In all of the universe.<br>So what do you do? You follow basic rules of creating a motivating gradient. By offering advantages for those who learn, and disadvantages for those who don't.</p><p>Here, remember, that positive gradients (relative to the person's state) are always better, than negative ones (like punishment).</p><p>So I recommend this: At the next raise of salaries, raise them a bit less. But offer the remaining part as a bonus for those who can prove their security-awareness.<br>The amount is pretty easy to choose: It's the amount that you'd lose (e.g. the money to recover from loss or destruction), multiplied by the factor of likeliness (e.g. one in a million = 0.000001), divided by the number of people in the company (optional, depending on your p.o.v.).</p><p>You could check their security-awareness, by testing them every year on a random day. Like a fire drill. But with a security drill. (Without announcing anything. Without any alarm going off.)<br>And by filling out a question form at the end of the day (one that takes a negligible amount of time, and is also there, to refresh the knowledge. One more reason to make it a random day [= better learning])</p><p>You can bet your mother on the fact that they will be <em>much</em> better at caring for security! ^^</p><p>Only remember, to make all those drills, bonuses and tests proportional to the actual real amount of damage. Don't be surprised, if it then will be less than you thought.</p></htmltext>
<tokenext>1 .
" If someone can do something wrong , someone will .
" There 's no way to circumvent this .
Ever. Period .
You have to accept , that humans make errors .
But it 's ok if they learn from it.The problem is : 2 .
" To get people to learn from something , they have to have an interest in it .
" So if it does not hurt them , and does not give them a advantage , then why should they learn anything ?
Humans are all about efficiency .
In fact all competing life-forms ever , are .
In all of the universe.So what do you do ?
You follow basic rules of creating a motivating gradient .
By offering advantages for those who learn , and disadvantages for those who do n't.Here , remember , that positive gradients ( relative to the person 's state ) are always better , than negative ones ( like punishment ) .So I recommend this : At the next raise of salaries , raise them a bit less .
But offer the remaining part as a bonus for those who can prove their security-awareness.The amount is pretty easy to choose : It 's the amount that you 'd lose ( e.g .
the money to recover from loss or destruction ) , multiplied by the factor of likeliness ( e.g .
one in a million = 0.000001 ) , divided by the number of people in the company ( optional , depending on your p.o.v .
) .You could check their security-awareness , by testing them every year on a random day .
Like a fire drill .
But with a security drill .
( Without announcing anything .
Without any alarm going off .
) And by filling out a question form at the end of the day ( one that takes a negligible amount of time , and is also there , to refresh the knowledge .
One more reason to make it a random day [ = better learning ] ) You can bet your mother on the fact that they will be much better at caring for security !
^ ^ Only remember , to make all those drills , bonuses and tests proportional to the actual real amount of damage .
Do n't be surprised , if it then will be less than you thought .</tokentext>
<sentencetext>1.
"If someone can do something wrong, someone will.
"There's no way to circumvent this.
Ever. Period.
You have to accept, that humans make errors.
But it's ok if they learn from it.The problem is:2.
"To get people to learn from something, they have to have an interest in it.
"So if it does not hurt them, and does not give them a advantage, then why should they learn anything?
Humans are all about efficiency.
In fact all competing life-forms ever, are.
In all of the universe.So what do you do?
You follow basic rules of creating a motivating gradient.
By offering advantages for those who learn, and disadvantages for those who don't.Here, remember, that positive gradients (relative to the person's state) are always better, than negative ones (like punishment).So I recommend this: At the next raise of salaries, raise them a bit less.
But offer the remaining part as a bonus for those who can prove their security-awareness.The amount is pretty easy to choose: It's the amount that you'd lose (e.g.
the money to recover from loss or destruction), multiplied by the factor of likeliness (e.g.
one in a million = 0.000001), divided by the number of people in the company (optional, depending on your p.o.v.
).You could check their security-awareness, by testing them every year on a random day.
Like a fire drill.
But with a security drill.
(Without announcing anything.
Without any alarm going off.
)And by filling out a question form at the end of the day (one that takes a negligible amount of time, and is also there, to refresh the knowledge.
One more reason to make it a random day [= better learning])You can bet your mother on the fact that they will be much better at caring for security!
^^Only remember, to make all those drills, bonuses and tests proportional to the actual real amount of damage.
Don't be surprised, if it then will be less than you thought.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857431</id>
	<title>Here's the solution</title>
	<author>Khyber</author>
	<datestamp>1256406000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Make yourself a laptop with a deep freeze image. this way you can infect the system at will, reboot and it's clean.</p><p>Show the people using your system just how badly a zero-day exploit can hose a system.</p><p>Reboot, show the next group. Rinse, repeat.</p></htmltext>
<tokenext>Make yourself a laptop with a deep freeze image .
this way you can infect the system at will , reboot and it 's clean.Show the people using your system just how badly a zero-day exploit can hose a system.Reboot , show the next group .
Rinse , repeat .</tokentext>
<sentencetext>Make yourself a laptop with a deep freeze image.
this way you can infect the system at will, reboot and it's clean.Show the people using your system just how badly a zero-day exploit can hose a system.Reboot, show the next group.
Rinse, repeat.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857297</id>
	<title>If you want them to learn...</title>
	<author>Anonymous</author>
	<datestamp>1256404980000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>Nobody learns to avoid fire by being told. You have to get near and feel the heat to know you better not do it. So my advice is: make traps. Send them emails signed by other coworker asking for their password. Send them executable files that block their computer and flash a sign telling them that all their files are being erased, just because they executed a file from a unknown origin. All kind of traps, with nasty consequences if possible, you don't want them to click into everything because it can be another amusing idea of you. You want them scared of your ideas so that they look askance to every email or web page to see if it could be a trap. As they might be, so that's the right attitude.</p></htmltext>
<tokenext>Nobody learns to avoid fire by being told .
You have to get near and feel the heat to know you better not do it .
So my advice is : make traps .
Send them emails signed by other coworker asking for their password .
Send them executable files that block their computer and flash a sign telling them that all their files are being erased , just because they executed a file from a unknown origin .
All kind of traps , with nasty consequences if possible , you do n't want them to click into everything because it can be another amusing idea of you .
You want them scared of your ideas so that they look askance to every email or web page to see if it could be a trap .
As they might be , so that 's the right attitude .</tokentext>
<sentencetext>Nobody learns to avoid fire by being told.
You have to get near and feel the heat to know you better not do it.
So my advice is: make traps.
Send them emails signed by other coworker asking for their password.
Send them executable files that block their computer and flash a sign telling them that all their files are being erased, just because they executed a file from a unknown origin.
All kind of traps, with nasty consequences if possible, you don't want them to click into everything because it can be another amusing idea of you.
You want them scared of your ideas so that they look askance to every email or web page to see if it could be a trap.
As they might be, so that's the right attitude.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862381</id>
	<title>cash money</title>
	<author>Anonymous</author>
	<datestamp>1256407680000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Well, you might have two problems, not just one. Is all the bad security coming from the lower level users, or does it extend as far as the boardroom? (I bet it is both).</p><p>
&nbsp; So, this solution doesn't even need to be visual perhaps, here is one scenario that might work. You send around an email with all the security rules they have already agreed to. Now, the new company policy, anyone screws up, and it can be traced back to them, whatever it costs to fix the problem..well..hope they have not only a good but a great team of lawyers, because they will be sued for the cost$.</p><p>In this economy, that will sink it. There's no reason for any company to eat the damages when an employee violates what they know are the security rules. And stick to it, take 'em to court, estimate the damages, show the proof you have, if someone screws up deliberately after that memo goes around.</p><p>
&nbsp; &nbsp; So you just tell them, it is up to them as "responsible adults" whether or not they think they have enough savings to risk to justify clicking on any random thing or surfing to places outside of work related sites, or sticking their USB device into the secure internal network, or anything like that at all that violates the rules they agreed to when they got hired.</p><p>If this is a recurrent problem, you and your company just aren't being professional enough, and like I said, in this economy, I don't think you'll need to look very far for replacement employees either, even the alleged prima donnas. Thousands of replacement prima donnas are out there right now cashing unemployment checks. In other words, there are no special little snowflakes anymore.</p><p>
&nbsp; If they need a refresher on what the security rules are, add that in to the company wide memo. As an added incentive, in the case this is a publicly traded corporation, any shareholder or group of shareholders can also "suggest" as a friendly little reminder that this applies all the way to top management as well, just specify "all employees,inclusive", or an additional lawsuit might be in the offing, and that attached letter can be signed by the outside shareholders attorneys as well.</p><p>I see people here say they can't rock the boat upstream, and that is BS in most cases, you approach recalcitrant and stupid and dangerous bosses from a shareholder and lawyer perspective if they are the ones who are the most guilty of destroying corporate security. Remember, they work for the shareholders and are accountable for their actions, especially if they are risking the company's profits, market share, customer relations because perhaps THEIR data gets compromised, and PR image and exposing them to outside lawsuits for bad practices.</p><p>
&nbsp; &nbsp; Outside law firms are not the <i>least</i> bit afraid of any CEO and if it looks like they have a slamdunk, if YOU have done your security professional homework and have the proof of high level malfeasance like deliberately violating security best practices that are written down, over and over again, they will take the case most likely. They love that stuff. There are numerous law firms that specialize in such cases, get details from them of course, IANAL, etc, but whistleblowers and especially whistleblowers who are also shareholders have some pretty decent rights today in most places, even in "right to work-at will" areas where you risk getting fired for just being honest and doing your job. So what, if they say they have a slamdunk, you might come out of it with a lot of cash anyway, especially if fired.</p><p>In other words, you don't have to put up with childish stupidity downstream, nor do you have to take illegal and stupid shit from upstream, as long as you approach this logically and look at the laws first. Security is a real concern nowadays, it is no longer a joke subject or something to trivialize.</p></htmltext>
<tokenext>Well , you might have two problems , not just one .
Is all the bad security coming from the lower level users , or does it extend as far as the boardroom ?
( I bet it is both ) .
  So , this solution does n't even need to be visual perhaps , here is one scenario that might work .
You send around an email with all the security rules they have already agreed to .
Now , the new company policy , anyone screws up , and it can be traced back to them , whatever it costs to fix the problem..well..hope they have not only a good but a great team of lawyers , because they will be sued for the cost $ .In this economy , that will sink it .
There 's no reason for any company to eat the damages when an employee violates what they know are the security rules .
And stick to it , take 'em to court , estimate the damages , show the proof you have , if someone screws up deliberately after that memo goes around .
    So you just tell them , it is up to them as " responsible adults " whether or not they think they have enough savings to risk to justify clicking on any random thing or surfing to places outside of work related sites , or sticking their USB device into the secure internal network , or anything like that at all that violates the rules they agreed to when they got hired.If this is a recurrent problem , you and your company just are n't being professional enough , and like I said , in this economy , I do n't think you 'll need to look very far for replacement employees either , even the alleged prima donnas .
Thousands of replacement prima donnas are out there right now cashing unemployment checks .
In other words , there are no special little snowflakes anymore .
  If they need a refresher on what the security rules are , add that in to the company wide memo .
As an added incentive , in the case this is a publicly traded corporation , any shareholder or group of shareholders can also " suggest " as a friendly little reminder that this applies all the way to top management as well , just specify " all employees,inclusive " , or an additional lawsuit might be in the offing , and that attached letter can be signed by the outside shareholders attorneys as well.I see people here say they ca n't rock the boat upstream , and that is BS in most cases , you approach recalcitrant and stupid and dangerous bosses from a shareholder and lawyer perspective if they are the ones who are the most guilty of destroying corporate security .
Remember , they work for the shareholders and are accountable for their actions , especially if they are risking the company 's profits , market share , customer relations because perhaps THEIR data gets compromised , and PR image and exposing them to outside lawsuits for bad practices .
    Outside law firms are not the least bit afraid of any CEO and if it looks like they have a slamdunk , if YOU have done your security professional homework and have the proof of high level malfeasance like deliberately violating security best practices that are written down , over and over again , they will take the case most likely .
They love that stuff .
There are numerous law firms that specialize in such cases , get details from them of course , IANAL , etc , but whistleblowers and especially whistleblowers who are also shareholders have some pretty decent rights today in most places , even in " right to work-at will " areas where you risk getting fired for just being honest and doing your job .
So what , if they say they have a slamdunk , you might come out of it with a lot of cash anyway , especially if fired.In other words , you do n't have to put up with childish stupidity downstream , nor do you have to take illegal and stupid shit from upstream , as long as you approach this logically and look at the laws first .
Security is a real concern nowadays , it is no longer a joke subject or something to trivialize .</tokentext>
<sentencetext>Well, you might have two problems, not just one.
Is all the bad security coming from the lower level users, or does it extend as far as the boardroom?
(I bet it is both).
  So, this solution doesn't even need to be visual perhaps, here is one scenario that might work.
You send around an email with all the security rules they have already agreed to.
Now, the new company policy, anyone screws up, and it can be traced back to them, whatever it costs to fix the problem..well..hope they have not only a good but a great team of lawyers, because they will be sued for the cost$.In this economy, that will sink it.
There's no reason for any company to eat the damages when an employee violates what they know are the security rules.
And stick to it, take 'em to court, estimate the damages, show the proof you have, if someone screws up deliberately after that memo goes around.
    So you just tell them, it is up to them as "responsible adults" whether or not they think they have enough savings to risk to justify clicking on any random thing or surfing to places outside of work related sites, or sticking their USB device into the secure internal network, or anything like that at all that violates the rules they agreed to when they got hired.If this is a recurrent problem, you and your company just aren't being professional enough, and like I said, in this economy, I don't think you'll need to look very far for replacement employees either, even the alleged prima donnas.
Thousands of replacement prima donnas are out there right now cashing unemployment checks.
In other words, there are no special little snowflakes anymore.
  If they need a refresher on what the security rules are, add that in to the company wide memo.
As an added incentive, in the case this is a publicly traded corporation, any shareholder or group of shareholders can also "suggest" as a friendly little reminder that this applies all the way to top management as well, just specify "all employees,inclusive", or an additional lawsuit might be in the offing, and that attached letter can be signed by the outside shareholders attorneys as well.I see people here say they can't rock the boat upstream, and that is BS in most cases, you approach recalcitrant and stupid and dangerous bosses from a shareholder and lawyer perspective if they are the ones who are the most guilty of destroying corporate security.
Remember, they work for the shareholders and are accountable for their actions, especially if they are risking the company's profits, market share, customer relations because perhaps THEIR data gets compromised, and PR image and exposing them to outside lawsuits for bad practices.
    Outside law firms are not the least bit afraid of any CEO and if it looks like they have a slamdunk, if YOU have done your security professional homework and have the proof of high level malfeasance like deliberately violating security best practices that are written down, over and over again, they will take the case most likely.
They love that stuff.
There are numerous law firms that specialize in such cases, get details from them of course, IANAL, etc, but whistleblowers and especially whistleblowers who are also shareholders have some pretty decent rights today in most places, even in "right to work-at will" areas where you risk getting fired for just being honest and doing your job.
So what, if they say they have a slamdunk, you might come out of it with a lot of cash anyway, especially if fired.In other words, you don't have to put up with childish stupidity downstream, nor do you have to take illegal and stupid shit from upstream, as long as you approach this logically and look at the laws first.
Security is a real concern nowadays, it is no longer a joke subject or something to trivialize.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861371</id>
	<title>http://securitycartoon.com/</title>
	<author>story645</author>
	<datestamp>1256395260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>A while back a slashdot comment had a link to <a href="http://securitycartoon.com/" title="securitycartoon.com">security cartoon</a> [securitycartoon.com]. The cartoons are cute and pretty thorough, though the may be a bit simple and are somewhat outdated. It's visual and pretty straightforward.</p></htmltext>
<tokenext>A while back a slashdot comment had a link to security cartoon [ securitycartoon.com ] .
The cartoons are cute and pretty thorough , though the may be a bit simple and are somewhat outdated .
It 's visual and pretty straightforward .</tokentext>
<sentencetext>A while back a slashdot comment had a link to security cartoon [securitycartoon.com].
The cartoons are cute and pretty thorough, though the may be a bit simple and are somewhat outdated.
It's visual and pretty straightforward.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29880139</id>
	<title>wholesale knock off Diesel Jean,Blar Label T-shirt</title>
	<author>Anonymous</author>
	<datestamp>1256569860000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>(1)We accept paypal.<br>(2)We supply all brand shoes, clothing, fashion</p><p>accessory and electronic products. Sneakers, tshirts,</p><p>jeans, hats, mobile,MP4<br>(3)Shipping time: 5-7 working days.<br>Size : 7 7 1/2 7 1/4 7 3/8 7 5/8<br>Assortment :<br>
&nbsp; &nbsp; &nbsp; Payment : T/T, PAYPAL, Money Gram<br>Shipment : EMS,DHL,UPS,SODEX,FED. Which carrier</p><p>we used just depends on customer? order quantity.<br>
&nbsp; &nbsp; &nbsp; OUR WEBSITE:</p><p>YAHOO:shoppertrade@yahoo.com.cn</p><p>MSN:shoppertrade@hotmail.com</p><p>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; HTTP://www.tntshoes.com</p></htmltext>
<tokenext>( 1 ) We accept paypal .
( 2 ) We supply all brand shoes , clothing , fashionaccessory and electronic products .
Sneakers , tshirts,jeans , hats , mobile,MP4 ( 3 ) Shipping time : 5-7 working days.Size : 7 7 1/2 7 1/4 7 3/8 7 5/8Assortment :       Payment : T/T , PAYPAL , Money GramShipment : EMS,DHL,UPS,SODEX,FED .
Which carrierwe used just depends on customer ?
order quantity .
      OUR WEBSITE : YAHOO : shoppertrade @ yahoo.com.cnMSN : shoppertrade @ hotmail.com                                                                               HTTP : //www.tntshoes.com</tokentext>
<sentencetext>(1)We accept paypal.
(2)We supply all brand shoes, clothing, fashionaccessory and electronic products.
Sneakers, tshirts,jeans, hats, mobile,MP4(3)Shipping time: 5-7 working days.Size : 7 7 1/2 7 1/4 7 3/8 7 5/8Assortment :
      Payment : T/T, PAYPAL, Money GramShipment : EMS,DHL,UPS,SODEX,FED.
Which carrierwe used just depends on customer?
order quantity.
      OUR WEBSITE:YAHOO:shoppertrade@yahoo.com.cnMSN:shoppertrade@hotmail.com
                                                                              HTTP://www.tntshoes.com</sentencetext>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857447
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856965
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29867187
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857267
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862545
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857975
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857289
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861763
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857121
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858715
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857231
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857445
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857101
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861841
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857161
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857873
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862053
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856985
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857331
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857121
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858937
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857045
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857479
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857409
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856947
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858249
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856963
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857257
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29869467
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857121
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858153
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857121
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857521
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857239
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856963
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857367
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29881193
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857121
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29881215
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857121
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862935
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856965
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856999
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_10_24_1340210_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857311
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856923
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857975
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862545
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856985
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862053
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856859
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858715
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857445
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857267
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856947
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857521
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857873
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857289
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856965
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857447
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29862935
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857277
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856893
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857311
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857367
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857231
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856999
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857479
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857101
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857431
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857209
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856963
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857239
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858249
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857631
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857013
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857157
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29856871
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29867187
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857331
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857121
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857429
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861147
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861763
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29869467
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29881215
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858153
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29881193
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857409
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857161
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857257
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861841
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857297
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858653
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29857045
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29858937
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_10_24_1340210.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_10_24_1340210.29861371
</commentlist>
</conversation>
