Firewall Wizards mailing list archives
RE: PocketPC firewalls
From: "Paul D. Robertson" <paul () compuwar net>
Date: Thu, 22 Apr 2004 08:55:22 -0400 (EDT)
On Thu, 22 Apr 2004, Williams Jon wrote:
That was the take we've had for a while, although recent changes (i.e. certain iPAQs coming with built in 802.11 access, etc.) have made us question that. Hopefully, these machines won't have mission critical
It's good to revisit it fairly often, but at this point, there's just not heaps of exploit code out for them. By the time that there's a real threat, we'll likely have more options for protection. At this point, I'd seriously look more at strategies for keeping them up to date- since we're likely to have more of the same client-side "it has to go through the firewall" problems anyway. I doubt that PocketPC has (but I haven't looked) all that many dangling services, but I'd bet the Web and mail clients are about par for the course.
data on them, but many of the users I know sync their email and address books to their PDAs, so some users might inadvertantly have important information we wouldn't want leaking. For normal files, we're also looking at file-level encryption, but since we were looking at the PDA security question, we wanted to make sure we hadn't overlooked anything.
Yeah, I just think that at this juncture, a firewall is more of a placebo than a valuable control. Now, that could change, and if it does, then ability to have on in place becomes important, but I really don't see it as a major threat vector for a while (I bet the loss stats for PDAs well outweigh the attack stats, which well outweigh the successful attack stats.) In fact, I'll go out on a limb and say that I doubt there's been a real PDA attack in the wild, even with 802.11 (and I'd concentrate more on WPA for folks who use them at home than I would a firewall...) I'd also hate to take support calls for things that "don't work" on a PDA, since lots of salespeople *need* them to work *now*. If there's an alternative browser like Opera available, I'd be looking at rolling that out well before a firewall. Just my .02. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- PocketPC firewalls Williams Jon (Apr 21)
- Re: PocketPC firewalls Paul D. Robertson (Apr 22)
- RE: PocketPC firewalls Laura Taylor (Apr 22)
- <Possible follow-ups>
- RE: PocketPC firewalls Karl Vogel (Apr 22)
- RE: PocketPC firewalls Karl Vogel (Apr 22)
- RE: PocketPC firewalls Williams Jon (Apr 22)
- RE: PocketPC firewalls Paul D. Robertson (Apr 22)
- RE: PocketPC firewalls Paul D. Robertson (Apr 22)
- RE: PocketPC firewalls Losinski, Robert (Apr 22)
- Re: PocketPC firewalls Paul D. Robertson (Apr 22)