Secure Coding mailing list archives
Re: Personal Firewall Day
From: der Mouse <mouse () Rodents Montreal QC CA>
Date: Thu, 15 Jan 2004 19:15:44 +0000
After reading the content on http://www.personalfirewallday.com/, I was wondering the opinions of other developers were about this?
Well, as I remarked off-list to the person who sent that note to bugtraq, I have trouble taking seriously any such effort that buys into the journalistic-driven misuse of "hack" and related words. On the very first page I looked at off the front page ("Why You Need Protection" (which I don't; see below), I counted four misuses of derivatives of "hack", out of less than two 24x80 screenfuls of text.
PFWs seem like a good thing in generally, but has anybody had any unexpected problems because of them?
Look up GWF in the Jargon File. (Of course, such problems are expected, at least by those who use the term GWF, and you did say `unexpected'. But I'm assuming you mean by the firewall runner.) Though I daresay few of the people _here_ deserve the GWF label, even if they _are_ running such things.
[Ed. Or, if I may ask the question a bit differently, do any developers out there NOT run PFWs on their laptops that they travel with (and connect up to various networks)? If not, why not? KRvW]
I don't. Why not? - Because I don't run malware propagation systems masquerading as game loaders masquerading as operating systems. - Because, in general, I believe in hardening each machine rather than putting up a fence around weak machines. - Because I am very hard to infect to start with. I don't run anything I don't have source to[%]; while this is by no means a perfect defense in theory, statistically it is extremely effective. I run a very non-mainstream operating system (NetBSD) on very non-mainstream hardware (I run eight different ports spread across six different CPU architectures). My main machines (mail handler, DNS server, house gateway, etc) aren't Intel-architecture, so even if someone did manage to, say, inject some shellcode, it is highly likely to fall over with some kind of illegal-instruction trap immediately. [%] In general. I make exceptions for things like the boot ROMs in my machines and the firmware on disk drives. - Most of the software I run, I run somewhat hacked-up versions of, so even something that works on the stock version may fail against me. If someone were to specifically target me pesonally, some of my defenses (such as the non-Intelness) would fail immediately, but most would still be effective. /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML [EMAIL PROTECTED] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Current thread:
- Personal Firewall Day Tegels, Kent (Jan 15)
- Re: Personal Firewall Day der Mouse (Jan 15)
- Re: Personal Firewall Day Brett Hutley (Jan 16)
- Re: Personal Firewall Day der Mouse (Jan 15)