RE: Annoying pop-ups

[Gregory Austin <gaustin () rkon com>]

Ron and Richard,

At 10:18 PM 10/31/2002 -0500, Ron DuFresne wrote:

> AGREED!  I've long advocated that vendors make folks shoot themselves in
> the foot if they wish to, rather then ship products and appliances that
> leave a hole in their heads from the time they install or plug-in.

At 06:07 PM 10/31/2002 -0600, Richard Scott wrote:

> I strongly disagree.  Users who wish to use this software, and the vast
> majority of users, are not always inclined to review such functionality.
> Given that we all purchase cars, do we insist on the manufacturing methods
> to construct the car, do we insist that all the safety checks have been
> executed to ensure they work?
> In fact do we all not speed at some time or another?
>
> The issue here is that Microsoft and other vendors need to understand that
> default settings are acceptable to the techno people of the world.  But
> given the technology push to fulfill the "Family Entertainment Learning
> experience"  not everyone will understand the implications of this
> "vulnerability"/annoyance.
> Microsoft and others need to change their mindset, after all XP machines are
> not server engineered and such functionality is not needed for home use.
> With many features, the necessary procedure should be FULLY documented to
> instruct the user how to TURN ON the server, not turn it off.
> It has long been argued that security and privacy is lowered to increase
> usability.  Here is the crux of the problem, it's an engineering one.  We
> should be engineering components that operate in the high security setting
> that allows the user to do what they wish.  And if and only if they require
> such a service, a well documented process for switching the functionality on
> and having it work correctly should be given.

     While, generally speaking, I agree with the premise that dangerous 
services should have to be turned on not off, you guys miss my point 
entirely.  There are many "dangerous" features in MS's desktop OS's (take 
UPNP or the RDP server, for example)-- but the messenger service is not one 
of them.  The service provides useful functionality used by admins all over 
to broadcast messages to their LAN's (particularly easy and useful in flat 
environments).

     An ardent Microsoft basher myself, I'd love to jump on your anti-MS 
bandwagon here but I can't.  I wouldn't put the base install of anything 
unfiltered on the Internet, would you?  It's a wee bit silly to demand that 
MS set their operating system to have every feature turned off by default, 
even the useful non-dangerous ones like the messenger service.  It's 
silly.  The network functionality built into their software was designed, 
to some extent, for the soft warm LAN not the cold, hard Internet.

     Consider the stated problem:

             How do I keep from getting those pop-ups hitting my machine's 
netbios ports from the Internet?

     Now think about my response:

              Firewall it, you moron. (so I'm paraphrasing myself here)

      And finally, think about where you're reading this in the first place:

              Could it be a list about . . . hmmmm . . . *filtering* traffic?

Greg

P.S.  Forget your "they should have made it different in the first place" 
argument for a moment and answer this:  If your dear sweet grandmother was 
going to hook her Windows 98 machine up to her shiny new cable modem, and 
you were the one helping her do it, would you turn off all the services and 
build some sort of weird bastion98 installation, or would you just firewall 
it?  (Either by buying a packet-filtering/NATing cable modem, or by 
installing some personal firewall software like ZA?)   What's that?  You'd 
firewall it?  Go figure.

==============================
Greg is, among other things,  a moron.
Anything he has said above is solely his
own opinion, not that of his employer.
==============================

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards