[Dshield] "Personal Firewalls" are mostly snake-oil

Young, David dyoung at intecs.com
Mon Jul 22 17:19:30 GMT 2002


>> JS> The biggest problem is that, just as with the Window$ model itself,
>> JS> "personal firewalls" lock you into the same upgrade nose-ring that
the
>> JS> anti-virus companies are inflicting upon users: unless you keep up
>> JS> with a relentless cycle of updates and latest-version purchases,
>> JS> you're soon going to be SOL as new exploits come out.
>> 
>> Ok tell me: waht is "the window$ model" you seem so critical about ?

>The "Window$ model" (or more correctly the Micro$oft model) is a
>neverending cycle of upgrades and patches and service packs that are
>necessary to keep a security system up-to-date.

As opposed to that clean, straightforward, uncomplicated model used by the
Baskin-Robbins 33 flavors of Linux?  From my chair, this is a MUCH larger
issue than what O/S is running. Life is hard. Maintaining security on ANY
system that's connected to the net, open source or otherwise, is tedious,
time-consuming and RISKY. I anticipate some will argue that running certain
O/S's requires by nature a greater level of expertise. I would ask those
individuals to examine how they GOT that expertise. It's not like there's a
background process running that pops up after the nth iteration of IPChains
config and tells the user "You're now smart enough to connect to the
Internet". My point: Arrogance and self-delusion are not strictly limited to
Micro$oft users. The scope is significantly larger. I submit it's time for
the camps to declare the "mine's better" argument resolved.  

Regards,
David




More information about the list mailing list