Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Firewall best practices

From: Andre Lima <andreflima () gmail com>
Date: Wed, 28 Apr 2010 20:58:29 +0100
With all due respect to Paul and Marcus, SSL is NOT crappy! Most bugs are implementation induced (openSSH or other less known) and the most known SSL strip vulnerability is not a problem of SSL but rather a user awareness issue, because if everyone payed attention to the 's' in https on their browser, that attack wouldn't be so troublesome.
With respect to the fact that encrypted traffic does go through a firewall with no inspection...well guess what: that means SSL is great since it's obviously performing its task well, which is maintain privacy of the traffic!
The issue here is mostly philosophical/political than technical. People demanded privacy and SSL delivered. One doesn't stop using the internet (or any other resource for that matter) just because it is also used by "bad guys". 

Bottom line: SSL rocks!!!

--
André Lima
http://pt.linkedin.com/in/aflima

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: