[Dshield] "Personal Firewalls" are mostly snake-oil?

Peter Stendahl-Juvonen peter.stendahl-juvonen at welho.com
Wed Jul 24 16:38:27 GMT 2002


Russell, et all.

I believe I understand the reasons for narrow-mindedness towards
opinions being expressed contrary to one's own. However, I do not
support such behaviour. For openness sake: intolerance in usually caused
by uncertainty or fear of something "different", something beyond one's
scope. 

However, I do not understand what is meant by '"Gradual" and "security"
are mutually exclusive in any context that means
anything in systems or network administration.'

This "exchanging of opinions" started by what I believe was a frank
question (in the post quoted [below] in entirety) to those who the
sender thought should have the answer: 

[In view of the above statement taken from Sam Spades site. Are home
users
wasting their time using so called "Personal Firewalls"?.


Keith G
Home User

Zone Alarm Pro 3.0.133]

The above quote (original expression by Russell) contains some
requirement for the Home User! (Who is mostly responsible him/herself
for systems or network administration on his/her machine/network).

What I tried to do was answer Keith from what I believed is his
viewpoint, his demands, etc.

I also wanted to comment some opinions expressed in the course of the
discussion flow. I did not rush in doing so nor did I mean to be
provocative (apart from activating the discussion a bit further).

Please tell me, what should I have done otherwise to address the
original question and the standpoint of the whole question?

I interpret the question in the following sense:

1) "Personal Firewalls" are mostly snake-oil? - Meaning about the same
as - Are Software Firewalls useless or are they helpful in promoting
security?
2) Maybe there was even implicit question: Was Keith's investment
not-so-well-thought having acquired ZoneAlarm Pro 3.0.133?
3) The answers given should be from the perspective of A HOME USER.

Having witnessed the amount of sentiment that has arisen from mainly
Stephane and myself acknowledging one product's benefits the following
conclusion is not far: 

The original question was addressed to the wrong audience (for evident
reasons). It is a common generalization to think that an expert on in a
specific field possesses "general expertise".

Best Wishes,
Peter Stendahl-Juvonen
------------------------


-----Original Message-----
From: list-admin at dshield.org [mailto:list-admin at dshield.org] On Behalf
Of Russell Washington
Sent: Wednesday, July 24, 2002 6:08 PM
To: 'list at dshield.org'
Subject: RE: RE[2]: [Dshield] "Personal Firewalls" are mostly snake-oil?

<snip>

Ok, I had to respond to this:

*** Users can be educated gradually if the solution is innovative
enough.
According to my experience ZA and ZAPro are innovative products with
innovative GUIs. ***

"Gradual" and "security" are mutually exclusive in any context that
means
anything in systems or network administration.  For end-users whose most
valuable data are the pics they shot of their wives in her skivvies,
fine.
For securing a business entity, this kind of thinking will, and should,
get
you fired.  No, you can't get everything done immediately, but to bet
your
security on the learning curve of Joe User is complete and utter
insanity.
Anyone who thinks like this needs a serious education, fast, if they're
going to run in informed circles.

I don't mean to flame, it's the reasoning, not the poster, that ticks me
off... I have way too many clients who think this way and want to make
the
vendor (me) responsible when someone waltzes through their "gradual"
approach into a supposedly-secure server.  Security under this kind of
thinking isn't security at all.

_______________________________________________
Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list