[Dshield] "Personal Firewalls" are mostly snake -oil?

Russell Washington russ.washington at vaultsentry.com
Wed Jul 24 17:04:49 GMT 2002


<sigh>

State an opinion with regard to a single aspect of a security approach, have
it hammered into "you disagree with me on this and therefore you disagree
with everything I've said and are therefore narrow-minded and your forum is
not the place to discuss any of these questions at all."

If you do not understand why the end-user learning curve and any notions of
(actual) security are effectively mutually exclusive, there is very little
discussion left to have.  Owning a system does not qualify one to speak
expertly to all aspects of its existence (security in this case), any more
than a teenager would be judged a qualified race car driver just because he
commutes in a Porsche.  If this basic understanding is subject to debate,
the discussion isn't about security any more, it's about the
my-opinion-is-my-opinion-dammit dynamic and it needs to leave the mailing
list so others don't have to be bothered with it.

And if rationally disagreeing with one point that someone has made is
tantamount to irrationally disagreeing with them all and being accused of
same, the person mounting such accusations similarly needs to take their
concerns off-list.

I thought about making this comment off-list but I think the point is one
that needs to be said out here.  Part of the problem-- no, the *biggest*
problem-- with discussing security issues is dealing with parties that don't
appreciate what security actually means and have some need to dilute the
concept into convenience factors and pseudo-engineering or marketing claims.
Security has never been about having every party with an opinion getting a
vote and a say so.  In fact, security is quite the opposite; and *that* is
the reason why the very notion of a personal firewall routinely fails once
you get out of marketing blah blah and technobabble, and into what people
actually do with the things.  Everybody has to have a say so, and
everybody's say so is "let me and what I want in."  By the time you're done,
all those everybodys are, well, in.  And there is therefore no security at
all.  Just lots of sitting ducks.  Quack quack. :)

<sigh>

-----Original Message-----
From: Peter Stendahl-Juvonen [mailto:peter.stendahl-juvonen at welho.com] 
Sent: Wednesday, July 24, 2002 9:38 AM
To: list at dshield.org
Subject: RE[5]: RE[2]: [Dshield] "Personal Firewalls" are mostly snake-oil?



Russell, et all.

I believe I understand the reasons for narrow-mindedness towards opinions
being expressed contrary to one's own. However, I do not support such
behaviour. For openness sake: intolerance in usually caused by uncertainty
or fear of something "different", something beyond one's scope. 

However, I do not understand what is meant by '"Gradual" and "security" are
mutually exclusive in any context that means anything in systems or network
administration.'

<snip>




More information about the list mailing list