Full Disclosure mailing list archives
RE: [OFFTOPIC] Zone Alarm
From: David Vincent <david.vincent () mightyoaks com>
Date: Thu, 5 Jun 2003 15:55:46 -0700
The users bought a car. Is it too much to expect that they drop some cash to buy bumpers, seat belts, and air bags to protect their investment? They don't have understand HOW those work(*), only that it does. Like it or not, the computer industry has collectively avoided any sort of liability - in most other industries, selling something so deficient that there's a *market* for the equivalent of ZoneAlarm would get you sued to your skivvies quite quickly. Cars come with safety features, electrical devices carry a UL sticker, and so on.
the user's car came with these safety features, because the market demands it, no one will buy a car without bumpers/seatbelts, and the law requires it. if all you ever do is buy your computer, use it for word processing and game playing, without hooking it up to the 'net, you're fine. almost completely secure (of course, warez can come with viruses attached, and every so often a product gets released with a virus already infecting the CDROM.) the computer doesn't come with all those features because the computer you buy is a general purpose machine, and not meant for hardcore internet use/security. and the law doesn't require it. well, the windows/lindows machines anyways. think market share... once you want to hook into the wild world of the internet, you need to become informed of the implications of your actions. you need to know that people will be looking for open shares/weak services/any foothold they can find to get into your box. much like when you take your car off your property or out of the parking garage in your apt. building you need to know that people will more than likely try and get in and rip you off. you need to know certain "best practices" to use, like not leaving loose change on the dashboard, and not leaving expensive things like laptops etc. in a visible spot thus enticing more abuse. you need to know that certain cars are more likely to be broken into (like the dodge caravan a few years ago) and depending on what you drive you are more at risk. much like taking a win9x box on the net vs. whatever you think is secure. due to market demand, windows xp and server 2003 come with a built-in firewall, and it does a pretty good job of defending against the kiddies. much like the locks on my car do a pretty good job of keeping ppl from hopping in and driving off. the xp/server 2003 firewall does not have application layer protection, but you can bet if the market yells enough or if enough other personal firewall software includes these options, microsoft will incorporate that feature in a future release. this is arguably the same as my using "the club" on my steering wheel. it is enough to keep the random people out. it is not enough to keep away a targeted attack. see the club buster: http://www.clubbuster.com/clubbuster.htm however, if your vehicle/computer is attractive enough to someone, they WILL find a way in. you can count on that. with lots of time and patience, lots of things become possible. zone alarm is good enough for an average home user. it will give them peace of mind, do a decent job of stopping incoming attacks. of course there are better products out there, kerio and sygate come to mind. zone alarm is the most popular probably because steve gibson endorsed it when he setup his shields up site, i bet the screen savers from techtv recommend it too. personally, i hate the interface. in the same way i take my car to the mechanic whenever it makes strange noises, users need to be aware that their computer could use some love from a professional (and i do NOT mean the neighborhood teenage geek who thinks he/she's hot shit and can do it all). yes, hardware firewalls do a better job of securing a network rather than a single machine. yes, dsl routers do a good job of protecting users too. yes, zone alarm when properly configured is really good software considering we're talking about the free version (at least, i am). security is more than one layer deep. using multiple layers will protect you better. if you think of attacks in percent probability, it gets harder and harder and more and more expensive to secure the last few percent and become 100% secure. you have to sacrifice something to achieve that. try unplugging the ethernet cable. you become 100% secure against internet attacks, but you need to sacrifice usability in an extreme way. what we, and all our users need, is more education. always more education. and patience, tons of patience. especially us when we are talking to our users/lusers/grandmothers. we need more education about everything we use daily. we need full disclosure. and not just about the latest windows flaw, about everything we depend on. i bemoan my knowledge of cars, i suck. i really do. but i take every opportunity to ask questions and learn when i can. i am constantly reassuring the relatives i support as well as the other users, and encouraging them to ask me questions. then i try and do my best to explain it back to them in terms they can understand. (the other day i read something about exploding gas tanks on crown victoria cars, how many cops do you know who drive those things? http://www.crownvictoriasafetyalert.com/aboutCVPI.html "These Crown Victorias are the same as the cars driven by consumers, except Ford advertises them as being specially built for the unique conditions demanded by the law enforcement profession. In reality, it uses a standard civilian fuel tank. Ford admits there have been more fire deaths in the Ford Crown Victoria than in the Ford Pinto before it was recalled.") the real trouble is, folks like my grandmother are SCARED to learn. and SCARED to try something new. they are EASILY social engineered. if SOMEONE, ANYONE who LOOKS like they know computers and SOUNDS like they know computers tells them "use zone alarm, it will prompt you whenever a program tries to get to the internet. just let it through and eventually you will not get propmted anymore." they are HIGHLY LIKELY to follow that advice and feel secure and never think twice until the damn thing is crashing all the time and as slow as dick clark's aging process. i conclude... learn. teach. ask. be patient. have respect. be tolerant of other ideas. learn to recognize when you are wrong.... ...and give peace a chance. ...and lets stop all this fucking swearing goddammit! oh my virgin ears! -d _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: [OFFTOPIC] Zone Alarm, (continued)
- RE: [OFFTOPIC] Zone Alarm Ben Tyson-Norrman (Jun 05)
- RE: [OFFTOPIC] Zone Alarm eddie (Jun 05)
- Re: [OFFTOPIC] Zone Alarm John Ruppert (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Robert J. Liebsch (Jun 05)
- RE: [OFFTOPIC] Zone Alarm tstowell (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Schmehl, Paul L (Jun 05)
- RE: [OFFTOPIC] Zone Alarm tstowell (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Schmehl, Paul L (Jun 05)
- Re: [OFFTOPIC] Zone Alarm yossarian (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Brad Bemis (Jun 05)
- RE: [OFFTOPIC] Zone Alarm David Vincent (Jun 05)
- RE: [OFFTOPIC] Zone Alarm eddie (Jun 05)
- Re: [OFFTOPIC] Zone Alarm morning_wood (Jun 05)
- RE: [OFFTOPIC] Zone Alarm eddie (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Ben Tyson-Norrman (Jun 05)