Microsoft kills Google Chrome with bad malware signature
“One way to win the browser war” says security expert
By Gregg Keizer, Computerworld
September 30, 2011 04:35 PM ET
# – # – #
Regardless of the messy details, and I’m sure it was inadvertent, this points up several issues — recovery from the error, how does one maintain a quality controlled environment, and what happens if malware gets to id your production software as bad.
Seems like this was under control in less than a day. With the only data loss being bookmarks.
(1) This can serve as a learning episode. How were the bookmarks backed up? Restore should limit the loss to a day. If not, why not?
(2) A production environment should have all inputs “tested” in at worst a development environment before being admitted to “production”. If not, why not?
(3) What controls are in place to prevent a disgruntled sys admin from marking entire production environments as “malware”. Instant disaster! If not, why not?
Would seem that this episode has some lessons to be learned? Or at least, examined.
# # # # #