Firewall Wizards mailing list archives
RE: Annoying pop-ups
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Fri, 1 Nov 2002 13:05:49 -0500 (EST)
Gregory, I'm sorry if you took my statements to be M$ bashing, though I have pounded them in the past, and might well do so in the future, my comments were meant to be far more general in nature, geared towards "vendors" in general. With a pointer at those offering wireless toys and trinkets. Of course, if a service is/needs to be turned on by default, it should be clearly identified and explained in the accompanying documentation, with clearly marked out links to further web based info, rather then forcing the less technical to get smart and learn how to locate the information. Thanks, Ron DuFresne On Fri, 1 Nov 2002, Gregory Austin wrote:
Ron and Richard, At 10:18 PM 10/31/2002 -0500, Ron DuFresne wrote:AGREED! I've long advocated that vendors make folks shoot themselves in the foot if they wish to, rather then ship products and appliances that leave a hole in their heads from the time they install or plug-in.At 06:07 PM 10/31/2002 -0600, Richard Scott wrote:I strongly disagree. Users who wish to use this software, and the vast majority of users, are not always inclined to review such functionality. Given that we all purchase cars, do we insist on the manufacturing methods to construct the car, do we insist that all the safety checks have been executed to ensure they work? In fact do we all not speed at some time or another? The issue here is that Microsoft and other vendors need to understand that default settings are acceptable to the techno people of the world. But given the technology push to fulfill the "Family Entertainment Learning experience" not everyone will understand the implications of this "vulnerability"/annoyance. Microsoft and others need to change their mindset, after all XP machines are not server engineered and such functionality is not needed for home use. With many features, the necessary procedure should be FULLY documented to instruct the user how to TURN ON the server, not turn it off. It has long been argued that security and privacy is lowered to increase usability. Here is the crux of the problem, it's an engineering one. We should be engineering components that operate in the high security setting that allows the user to do what they wish. And if and only if they require such a service, a well documented process for switching the functionality on and having it work correctly should be given.While, generally speaking, I agree with the premise that dangerous services should have to be turned on not off, you guys miss my point entirely. There are many "dangerous" features in MS's desktop OS's (take UPNP or the RDP server, for example)-- but the messenger service is not one of them. The service provides useful functionality used by admins all over to broadcast messages to their LAN's (particularly easy and useful in flat environments). An ardent Microsoft basher myself, I'd love to jump on your anti-MS bandwagon here but I can't. I wouldn't put the base install of anything unfiltered on the Internet, would you? It's a wee bit silly to demand that MS set their operating system to have every feature turned off by default, even the useful non-dangerous ones like the messenger service. It's silly. The network functionality built into their software was designed, to some extent, for the soft warm LAN not the cold, hard Internet. Consider the stated problem: How do I keep from getting those pop-ups hitting my machine's netbios ports from the Internet? Now think about my response: Firewall it, you moron. (so I'm paraphrasing myself here) And finally, think about where you're reading this in the first place: Could it be a list about . . . hmmmm . . . *filtering* traffic? Greg P.S. Forget your "they should have made it different in the first place" argument for a moment and answer this: If your dear sweet grandmother was going to hook her Windows 98 machine up to her shiny new cable modem, and you were the one helping her do it, would you turn off all the services and build some sort of weird bastion98 installation, or would you just firewall it? (Either by buying a packet-filtering/NATing cable modem, or by installing some personal firewall software like ZA?) What's that? You'd firewall it? Go figure. ============================== Greg is, among other things, a moron. Anything he has said above is solely his own opinion, not that of his employer. ==============================
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Annoying pop-ups Scott, Richard (Oct 31)
- RE: Annoying pop-ups R. DuFresne (Nov 01)
- Message not available
- RE: Annoying pop-ups Gregory Austin (Nov 01)
- RE: Annoying pop-ups R. DuFresne (Nov 01)
- Message not available
- RE: Annoying pop-ups Gregory Austin (Nov 01)
- RE: Annoying pop-ups R. DuFresne (Nov 01)
- RE: Annoying pop-ups Paul Robertson (Nov 01)
- RE: Annoying pop-ups Christopher Hicks (Nov 01)
- RE: Annoying pop-ups Paul D. Robertson (Nov 01)
- RE: Annoying pop-ups Bill Royds (Nov 02)
- RE: Annoying pop-ups Gregory Austin (Nov 01)
- Re: Annoying pop-ups Gary Flynn (Nov 01)
- <Possible follow-ups>
- RE: Annoying pop-ups Scott, Richard (Nov 01)
- RE: Annoying pop-ups Scott, Richard (Nov 01)