Re: Personal Firewall Day

[der Mouse <mouse () Rodents Montreal QC CA>]

> After reading the content on http://www.personalfirewallday.com/, I
> was wondering the opinions of other developers were about this?

Well, as I remarked off-list to the person who sent that note to
bugtraq, I have trouble taking seriously any such effort that buys into
the journalistic-driven misuse of "hack" and related words.  On the
very first page I looked at off the front page ("Why You Need
Protection" (which I don't; see below), I counted four misuses of
derivatives of "hack", out of less than two 24x80 screenfuls of text.

> PFWs seem like a good thing in generally, but has anybody had any
> unexpected problems because of them?

Look up GWF in the Jargon File.  (Of course, such problems are
expected, at least by those who use the term GWF, and you did say
`unexpected'.  But I'm assuming you mean by the firewall runner.)

Though I daresay few of the people _here_ deserve the GWF label, even
if they _are_ running such things.

> [Ed. Or, if I may ask the question a bit differently, do any
> developers out there NOT run PFWs on their laptops that they travel
> with (and connect up to various networks)? If not, why not?  KRvW]

I don't.

Why not?

- Because I don't run malware propagation systems masquerading as game
  loaders masquerading as operating systems.

- Because, in general, I believe in hardening each machine rather than
  putting up a fence around weak machines.

- Because I am very hard to infect to start with.  I don't run anything
  I don't have source to[%]; while this is by no means a perfect
  defense in theory, statistically it is extremely effective.  I run a
  very non-mainstream operating system (NetBSD) on very non-mainstream
  hardware (I run eight different ports spread across six different CPU
  architectures).  My main machines (mail handler, DNS server, house
  gateway, etc) aren't Intel-architecture, so even if someone did
  manage to, say, inject some shellcode, it is highly likely to fall
  over with some kind of illegal-instruction trap immediately.

  [%] In general.  I make exceptions for things like the boot ROMs in
      my machines and the firmware on disk drives.

- Most of the software I run, I run somewhat hacked-up versions of, so
  even something that works on the stock version may fail against me.

If someone were to specifically target me pesonally, some of my
defenses (such as the non-Intelness) would fail immediately, but most
would still be effective.

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               [EMAIL PROTECTED]
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B