Firewall Wizards mailing list archives
Re: @Stake CTO fired for Microsoft comments
From: Paul Robertson <proberts () patriot net>
Date: Fri, 26 Sep 2003 11:45:52 -0400 (EDT)
On Fri, 26 Sep 2003, Joseph S D Yao wrote:
Dan's never been afraid to tell the truth. That @Stake fired him for telling the truth, and such a well-known truth, says more about @Stake's lack of integrity and love of MS $$$ than it does about Dan.
I don't know Dan, so I can't comment on that part. @Stake is in some ways a competitor to TruSecure, so I'll try to avoid commenting on that part too. I think it's a damn shame that companies want the best of both worlds. I'm constantly butting into the marketing wall of death over things like e-mail addresses and corporate attribution- and I've successfully made the case for several years that companies I work for really, really don't want their domain on my public e-mails. The current compromise is adding that address to my .sig (I've also been somewhat worried about frivilous lawsuits, hence the .sig.) Security people almost have to take unpopular positions. If you're going to be honest about things, you're going to piss off a lot of vendors and quite a few indivduals too. Most of them can understand the rationale, even if they don't like the current instantiation. Much worse than knee jerk vendor reaction to criticism is knee jerk employer reaction to criticism of a third party. I don't think I'd want to work in that sort of environment. Homogenous networks are bad, and it's worse when your protection mechanisms are on the same platform as the resources. I wouldn't run a Windows firewall at a company with Windows desktops anymore than I'd run a Linux firewall at home if I was serious about security[1]. For instance, I know my Clavister firewall at home doesn't share any stack code with the Linux and BSD machines it's protecting, lessening a chance of a single problem affecting both my firewall and the protected clients[2]. Paul [1] I wouldn't run a Windows firewall at home either though ;) [2] That doesn't mean I wouldn't run firewalling code on *BSD or Linux as well, just that I've got as much diversity as I can tolerate. ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- @Stake CTO fired for Microsoft comments Gwendolynn ferch Elydyr (Sep 26)
- Re: @Stake CTO fired for Microsoft comments Joseph S D Yao (Sep 26)
- Re: @Stake CTO fired for Microsoft comments Paul Robertson (Sep 26)
- Re: @Stake CTO fired for Microsoft comments Ryan M. Ferris (Sep 26)
- <Possible follow-ups>
- Re: @Stake CTO fired for Microsoft comments Mike Hoskins (Sep 28)
- Re: @Stake CTO fired for Microsoft comments Mark Teicher (Sep 28)
- RE: @Stake CTO fired for Microsoft comments Claussen, Ken (Sep 28)
- Re: @Stake CTO fired for Microsoft comments Devdas Bhagat (Sep 28)
- Re: @Stake CTO fired for Microsoft comments Roger Marquis (Sep 30)
- RE: @Stake CTO fired for Microsoft comments Frank Darden (Sep 30)
- Re: @Stake CTO fired for Microsoft comments Adam Shostack (Sep 30)
- Re: @Stake CTO fired for Microsoft comments Joseph S D Yao (Sep 26)