Firewall Wizards mailing list archives
Re: Personal Firewall Day?
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Sun, 05 Oct 2003 13:30:17 -0400
Charles Miller wrote:
'To combat the problems with patch management, however, the company [Microsoft] is moving to a "securing the perimeter" strategy where it will partner with various firewall companies to ensure that electronic attacks don't even reach their intended targets but are instead thwarted at the edge of the network
One of the indicators of a security problem that has gotten out of hand is a flip-flopping between firewalls and host security. :) I remember a couple government agencies that went that route over the years. - "We don't NEED a firewall, we have good host security!" (they get hacked to pieces and finally can't hide it anymore) - "We don't NEED host security, we have a good firewall!" (they get trojaned, botted, and hacked to pieces and finally can't hide it anymore) - "We are going to use strong host security because we don't need a firewall..." (lather, rinse, repeat...) Is there a real answer? I think that there is but Microsoft can't give it because it's contrary to their business model. Linux can't do it because it's contrary to its proponent's mind-sets. Maybe Sony can do it through their Playstation sales unit. Basically, the answer is to kill off general-purpose computing for 99.9% of the desktops in the world. Really, it's not necessary for Joe Average User (though Joe wouldn't agree). I think Schneier and Geer et al were wrong when they wrote their little paper about Microsoft monoculture being dangerous - they adopted a disease model and, like most analogies, they let the analogy steer their thinking. What we need is a monoculture but we need to recognize that we're building one and make sure it has a good immune system that can spread and share immunity as fast (ideally faster!) than new cyberpathogens can spread. But that's a topic for another day. ;) mjr. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Personal Firewall Day? Charles Miller (Oct 05)
- Re: Personal Firewall Day? Paul Robertson (Oct 05)
- Re: Personal Firewall Day? George Capehart (Oct 05)
- <Possible follow-ups>
- Re: Personal Firewall Day? Marcus J. Ranum (Oct 05)
- Re: Personal Firewall Day? Devdas Bhagat (Oct 06)
- Re: Personal Firewall Day? Christopher Hicks (Oct 06)
- Re: Personal Firewall Day? Christopher Hicks (Oct 06)
- Re: Personal Firewall Day? Crispin Cowan (Oct 06)
- Re: Personal Firewall Day? Marcus J. Ranum (Oct 06)
- Re: Personal Firewall Day? Crispin Cowan (Oct 07)
- Re: Personal Firewall Day? Gary Flynn (Oct 07)
- Re: Personal Firewall Day? Marcus J. Ranum (Oct 07)
- Re: Personal Firewall Day? David Lang (Oct 07)
- Re: Personal Firewall Day? Bill Royds (Oct 11)
- Re: Personal Firewall Day? Devdas Bhagat (Oct 06)