Re: Firewall etc
- From: Root Kit <b__nice@xxxxxxxxxxx>
- Date: Thu, 17 Jul 2008 11:49:14 +0200
On Wed, 16 Jul 2008 22:04:01 -0700, Chappy
<Chappy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
What I don't understand tho is the absolutely maniacal and almost violent
hatred of any 3rd party firewalls?
What I don't understand is the almost religious admiration for a
security concept which is broken already by design.
If you don't remember, the firewall in Windows was purchased from a 3rd
party and embedded into Windows, it was NOT designed by MS engineers!! Are
you all saying that other engineers can't design and build a useful & secure
firewall?
No. If you ask me, I'm saying the designers of the MS firewall,
whoever they might be, made a clever design choice to not waste code
on useless trials.
And don't come up with "ooh - but the Vista FW does outbound control,
so they changed their minds" because the outbound control of Vista is
different and builds on the overall security enhancements of the OS
compared to XP, W2K etc.
I think they may have something to say about that, especially
considering that they do very well in unsponsored testing facilities.
Are you also saying that these testing facilities are full of it or don't
know what they're doing?
No. But if you take matousec as an example (since you mentioned them
yourself), they do try to sell their knowledge (both in general and
also about specific FW vulnerabilities) to vendors. So calling them
"un sponsored" may be a bit over the top.
If by "other testing facilities" you refer to computer magazines etc.
making product tests, please have in mind that they seldom have the
needed deep skills to actually look under the hood of such products to
test if they actually do what they claim to do. They mostly test and
compare the "look and feel" user experience and come up with
"recommendations" based on that. They also probably aren't going to be
too harsh on potential advertisers, so...
To be honest, if I was selling firewall software, I would prioritize a
light weight user friendly experience over hard core security -
because what makes sense in a B2C market place does not necessarily go
hand in hand with what makes sense in terms of security.
Just for the record, I have no problem with matousec or the work they
do except that they unfortunately help promote the idea that host
based outbound control makes sense. That said, I consider them to be
skilled guys.
In a way, I almost agree with you about all the other forms of protection
that even Comodo firewall has. In fact, I have most of that turned off and
use it basically as a packet filtering solution, I don't need all the HIPS
and hook alerts because I know what I'm doing,
That's the whole point. If you understand what this stuff actually
means, you don't really need it.
just as you others do too. But we all know the majority of users haven't
the time or opportunity to learn what we have, so they can benefit from
the higher forms of protections these products can offer besides simply
being a filtering interface.
I disagree entirely. The majority of users don't have the slightest
idea how to correctly deal with such pop-ups.
We can harden our systems without (as you put it) having someone protect
Us from Us, we don't have poor habits and we know better.
But 80% of todays users just don't have that knowledge
And believing that pop-ups containing technical nonsense and
misinformation is of any help to that segment is the only reason why
there is a market for these products in the first place.
.
- References:
- Re: Firewall etc
- From: Chappy
- Re: Firewall etc
- From: Mr. Arnold
- Re: Firewall etc
- From: Chappy
- Re: Firewall etc
- Prev by Date: RE: Legacy application installations
- Next by Date: Re: Help with firewall
- Previous by thread: Re: Firewall etc
- Next by thread: Re: Firewall etc
- Index(es):
Relevant Pages
|
