lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200401151910.TAA10874@sunf10.rd.bbc.co.uk>
Date: Thu, 15 Jan 2004 19:10:05 GMT
From: Brandon Butterworth <brandon@...bbc.co.uk>
To: bugtraq@...urityfocus.com
Cc: full-disclosure@...ts.netsys.com
Subject: Re: January 15 is Personal Firewall Day, help the cause


> I just wanted to remind everybody that tomorrow is Personal Firewall Day.

Yuk.

Whilst I support people taking care of their security I rank personal
firewalls on the same level as virus detection

They don't fix the real problems and lead to a dependency culture of
constant upgrades (if people bother) and alternative vendor sales fud

Unwitting people pay money in good faith, believe they're now safe and
expose themselves to other attack vectors that bypass the firewall

The products sell on glossy features like reporting to users all the
things it saved them from - "someone tried to send you some packets
from their server on port 80, they must be trying to steal all your
files" creating pointless emails and wasting time explaining (which
they don't understand as it's a black box, it said attack so it must
have been)

I'd rather they spent the money with their ISP who hopefully has some
clued staff who will remind them when to patch and handle those that
don't when something attacks or hopefully before

I see vendors are getting into this now including products that deny
access from unclean machines (will this work?)

brandon

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ