Re: [OFFTOPIC] Zone Alarm

[Shawn McMahon <smcmahon () eiv com>]

On Thu, Jun 05, 2003 at 11:13:04AM -0400, JT said:
> This is a lame basis for your argument. You provide 2 vulnerabilities that
> are old. Everything has vulnerabilities, I will not waste my time search ZA

It wasn't a basis for my argument.  It was a specific answer to a
specific assertion, which was that nobody here has had to flash upgrade
a router in the last few years.  Vulnerabilities that affect both of the
major home router vendors, that have occured in the last few years, and
that require a flash upgrade to fix, are perfectly reasonable responses
to that.  In summary, read the entire thread, or go play somewhere else.

> for the most part. Which is easier? Right, the router is easier because they
> just plug it in and go. You would have us believe that these "inept" users
> WITHOUT ANY computer person are going to be smart enough to FIND zone alarm,
> INSTALL it, CONFIGURE it, and then decide each time anything wants to hit
> the net. Please, spend 30 more seconds and show me some CURRENT
> vulnerabilities. 

And you would have us believe that if offered a choice between "go to
this link, download it, and install it" and "go to Best Buy and spend
money, then hook up cables", every single user in the entire world will
choose the latter.  This naive beyond belief, even if you don't count
the people for whom the purchase option will take weeks even if they had
the money.  Most Windows users know how to install a program.
Many (and I'm not by any stretch of the imagination saying all)
are afraid of hardware, and many (ditto) will view the tradeoff of
$40 for security as worthless.  Are you going to write all x-hundred
million of them personal emails talking them into it?

There are people on the Internet for whom their PC represents a year's
labor, and a new router represents months.  Telling those people not to
bother with any security is ridiculous.

Nobody is saying that software firewalls are inherently superior to
dedicated firewalls in all circumstances, or even most circumstances.
But security that isn't used isn't security.  If the choice is between
doing nothing or downloading a program, and I assure you that in many
cases it will be that choice, I'd rather they download the program
and have SOME security, which means some resistance to being 0wnz0r3d
and causing ME a problem despite my security.


-- 
Shawn McMahon     | Let every nation know, whether it wishes us well or ill,
EIV Consulting    | that we shall pay any price, bear any burden, meet any
UNIX and Linux    | hardship, support any friend, oppose any foe, to assure
http://www.eiv.com| the survival and the success of liberty. - JFK

Attachment: _bin
Description: