RE: [fw-wiz] Annoying pop-ups
From: Scott, Richard (Richard.Scott@BestBuy.com)
Date: 10/31/02
- Next message: Mark Ryan: "[fw-wiz] Pop-up ip address's"
- Previous message: Sigurd Urdahl: "Re: [fw-wiz] Dynamic execution of a script on arrival of a packet"
- Maybe in reply to: David Hawley: "[fw-wiz] Annoying pop-ups"
- Next in thread: R. DuFresne: "RE: [fw-wiz] Annoying pop-ups"
- Reply: R. DuFresne: "RE: [fw-wiz] Annoying pop-ups"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Scott, Richard" <Richard.Scott@BestBuy.com> To: "'Gregory Austin'" <gaustin@rkon.com>, firewall-wizards@honor.icsalabs.com Date: Thu Oct 31 19:34:01 2002
<snip>
While I generally despise Microsoft, I don't think it's fair to call
having a messenger service a newfangled evil. RPC.rwalld's been around on
most POSIX systems forever. Personally I see this messenger service spam
business as a non-issue. To me, anybody who is affected by it is just
paying up their stupidity tax when they have to click ok. With all the
free or cheap personal firewall software available there isn't a whole lot
of excuse for anybody to get hit by this traffic from the Internet--not
even home users (and if this traffic is getting to them, pop-ups could
easily be the least of their problems).
</snip>
I strongly disagree. Users who wish to use this software, and the vast
majority of users, are not always inclined to review such functionality.
Given that we all purchase cars, do we insist on the manufacturing methods
to construct the car, do we insist that all the safety checks have been
executed to ensure they work?
In fact do we all not speed at some time or another?
The issue here is that Microsoft and other vendors need to understand that
default settings are acceptable to the techno people of the world. But
given the technology push to fulfill the "Family Entertainment Learning
experience" not everyone will understand the implications of this
"vulnerability"/annoyance.
Microsoft and others need to change their mindset, after all XP machines are
not server engineered and such functionality is not needed for home use.
With many features, the necessary procedure should be FULLY documented to
instruct the user how to TURN ON the server, not turn it off.
It has long been argued that security and privacy is lowered to increase
usability. Here is the crux of the problem, it's an engineering one. We
should be engineering components that operate in the high security setting
that allows the user to do what they wish. And if and only if they require
such a service, a well documented process for switching the functionality on
and having it work correctly should be given.
End rant.
Richard Scott
INFORMATION SECURITY
Best Buy World Headquarters
7075 Flying Cloud Drive
Eden Prairie, MN 55344 USA
The views expressed in this email do not represent Best Buy
or any of its subsidiaries
- Next message: Mark Ryan: "[fw-wiz] Pop-up ip address's"
- Previous message: Sigurd Urdahl: "Re: [fw-wiz] Dynamic execution of a script on arrival of a packet"
- Maybe in reply to: David Hawley: "[fw-wiz] Annoying pop-ups"
- Next in thread: R. DuFresne: "RE: [fw-wiz] Annoying pop-ups"
- Reply: R. DuFresne: "RE: [fw-wiz] Annoying pop-ups"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
