Re: It seems every firewall is slagged as snake oil. So how should it be done?

Rick <rsimon@xxxxxxxx> wrote:
There are pros and cons to running s/w based "firewalls".

Just tell me one single sensible pro argument. I'm waiting for that for
years now in this "discussion".

All I'm reading is incompetent nonsense. And for all what I can see,
this is one of the main reasons of the security desaster of Microsoft
Windows PCs we all are facing today.

IMHO - whether the overall result falls on the pro side or the con side
depends on a number of factors, including the knowledge/abilities of the
end user.

For the end user, the most stupid concept I ever heard of is that of
popup windows where /he/ has to make the decisions which are relevant for
his own security.

The person who should be protected, is imposed to take over the
responsibility for all technical decisions of protection.

This is the concept of /every/ "Personal Firewall" I ever saw, any of
them seem to implement this totally ridiculous b0rken concept together
with the absurd "outbound filtering" idea.

To be clear: absurd is the idea to let malware run on your computer, and
then try to filter away its communication.

To maintain that every system should be hardened properly and should not
run a s/w based firewall is to ignore the fact that doing so is beyond
the abilities of a great many users.

This is why I'm saying, that Microsoft should deliver hardened systems,
of course. The catastrophic spread of botnets is their fault.

This really is layered security.

While that may not be your intent, that IS the way you tend to come

I really don't care.

Usually, people don't want to hear the facts. Of course, it's much
easier for them /not/ to switch systems, and of course, they /want/ to
hear, that security can be bought in boxes. It would make their life
much easier as it is, if this would be true, so they want to believe

And we all have to filter away all that Spam from millions of zombies,
because of this. And all of the many companies who are blackmailed by
DDoS racketeers have to pay and to hush up their vulnerability.

Or what do /you/ think, why are millions of Windows PCs zombies and part
of botnets?

Bitte beachten Sie auch die Rückseite dieses Schreibens!