RE: Zone Alarm

["Schmehl, Paul L" <pauls () utdallas edu>]

Yep, and I can assure you that when the firmware update fails (and it
will) they will not have a clue what to do next.  I've had this happen
to me, so I know that it occurs, and restoring the router to
functionality was not a task for the neophyte.

There *are* cases where "not so great" security is better than "really
great" simply because "really great" won't get used and "not so great"
is therefore better (than nothing.)  It's all well and good that experts
can use expert tools, but "normal" users are often better off with
something simple to use and easy to understand, even if it isn't the
latest, greatest fandangle.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

-----Original Message-----
From: Shawn McMahon [mailto:smcmahon () eiv com] 
Sent: Wednesday, June 04, 2003 2:20 PM
To: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] Zone Alarm

Although "fails open" is a pretty powerful argument against software
firewalls, it's probably easier to get a user to download and install a
new copy of Zone Alarm (especially if it has some kind of auto-update
feature, which I dunno since I don't use it), than it is to get them to
download a new firmware image for their hardware router and flash it.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html