RE: [fw-wiz] The home user problem returns
From: Brian Loe (knobdy_at_stjoelive.com)
To: "'Mason Schmitt'" <email@example.com>, "'Paul Melson'" <firstname.lastname@example.org> Date: Wed, 14 Sep 2005 11:01:49 -0500
You guys just aren't getting it, as it has only JUST dawned on me. Microsoft
isn't giving you the headache, they're giving you the solution!
Microsoft gets in trouble because they develop software that tries to give
the customer EVERYTHING at their fingertips - no bother it run install
again, it all came by default. Okay, not the best way to go for security,
but it sure pleases the masses. Heck, the AIX admin next to me in the office
is running XP - here AND at home. So, what does that tell you? PEOPLE ARE
Okay, knowing that, how can we help the PEOPLE (everyone has already given
personal stories about a person in their life that has "learner" but we're
not talking about a person, we're talking about "PEOPLE")? MAKE IT EASY.
When you sign up for Brian's ISP service you will get a cable modem with an
integrated firewall, pre-configured so as to not allow you to get on the
Internet :), documentation on how to configure the firewall so as to help
you get on the Internet and a phone number to call if you have a problem
with the firewall.
When you come to work for Brian's company, one of the programs installed on
your desktop, by default, is a password generator/keeper. It's preconfigured
for what kind of password (length and all that) to generate and you will use
one of its passwords for everything you log into at work. No need to write
it down, it's stored in the app itself and your thumb print is required to
access it. The laptop you are using will also be used while at home or
traveling, that is, if you want to contact work.
These things will help prevent the issues we see daily. Beyond that, they're
on their own with Brian only concentrating on protecting himself - I trust
no one, not on either side of the firewall.
> > And that common thread is required or at least preferred by
> all of the
> > major ISPs, and that is Windows desktops. In other words, ISPs
> > everywhere are complicit in their own security and
> performance headaches.
> The irony is not lost on me at all. In my department, we
> pick on our level 1 tech support guys all the time. One of
> our digs is that if we could just get all our customers to
> buy Macs, they would be out of a job.
> In terms of ISPs preferring windows, that's really related to
> ease of support. If you have a single dominant platform and
> a very limited number of applications on that platform that
> you have to support, then you're miles ahead of a
> heterogeneous network. With support being one of the larger
> costs of running an ISP, every little bit helps.
firewall-wizards mailing list