Firewall Wizards mailing list archives
Re: Personal Firewall Day?
From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Mon, 6 Oct 2003 18:31:57 +0530
On 05/10/03 13:30 -0400, Marcus J. Ranum wrote:
Charles Miller wrote:'To combat the problems with patch management, however, the company [Microsoft] is moving to a "securing the perimeter" strategy where it will partner with various firewall companies to ensure that electronic attacks don't even reach their intended targets but are instead thwarted at the edge of the networkOne of the indicators of a security problem that has gotten out of hand is a flip-flopping between firewalls and host security. :) I remember
<wondering voice> But, but, but, don't you need both as part of a security perimeter? </wondering voice> <snip>
Is there a real answer? I think that there is but Microsoft can't give it because it's contrary to their business model. Linux can't do it because it's contrary to its proponent's mind-sets. Maybe
Hmmm, how about a "blame the lazy admin week" instead of a personal firewall day? Or even a patch your box today! week^Wyear.
Sony can do it through their Playstation sales unit. Basically, the answer is to kill off general-purpose computing for 99.9% of the desktops in the world. Really, it's not necessary for Joe
Hmmm, lets see. J.A. User needs to be able to: Edit some office documents. Work on a few spreadsheets. Listen to audio/see video Run a few IM programs Surf the web Run one or two P2P programs. Handle email (fancy, jazzy email too). Perhaps make their own family videos. Rip CDs. Scan images. Print stuff. We need to really really start blaming lazy admins, and for a home system, JA User is the admin. Just inculcate a sense of responsibility in people and your job is done.
Average User (though Joe wouldn't agree). I think Schneier and Geer et al were wrong when they wrote their little paper about Microsoft monoculture being dangerous - they adopted a disease model and, like most analogies, they let the analogy steer their thinking. What we need is a monoculture but we
What we really need is users with a clue.
need to recognize that we're building one and make sure it has a good immune system that can spread and share immunity as fast (ideally faster!) than new cyberpathogens can spread. But that's a topic for another day. ;)
I doubt that such a system will exist. The best defense is actually variety. Though, perhaps we could ask for a bunch of embedded systems which do a single task well and correctly (apply the unix philosophy and separate each individual program on different bits of hardware). <Changing X-Message-Flag header> Devdas Bhagat _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Personal Firewall Day? Charles Miller (Oct 05)
- Re: Personal Firewall Day? Paul Robertson (Oct 05)
- Re: Personal Firewall Day? George Capehart (Oct 05)
- <Possible follow-ups>
- Re: Personal Firewall Day? Marcus J. Ranum (Oct 05)
- Re: Personal Firewall Day? Devdas Bhagat (Oct 06)
- Re: Personal Firewall Day? Christopher Hicks (Oct 06)
- Re: Personal Firewall Day? Christopher Hicks (Oct 06)
- Re: Personal Firewall Day? Crispin Cowan (Oct 06)
- Re: Personal Firewall Day? Marcus J. Ranum (Oct 06)
- Re: Personal Firewall Day? Crispin Cowan (Oct 07)
- Re: Personal Firewall Day? Gary Flynn (Oct 07)
- Re: Personal Firewall Day? Marcus J. Ranum (Oct 07)
- Re: Personal Firewall Day? David Lang (Oct 07)
- Re: Personal Firewall Day? Bill Royds (Oct 11)
- Re: Personal Firewall Day? Devdas Bhagat (Oct 11)
- Re: Personal Firewall Day? Devdas Bhagat (Oct 06)