[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <01a101c32b75$437e6230$6e01a8c0@tekwiz>
From: ptourvi1 at twcny.rr.com (JT)
Subject: Zone Alarm
Again, using ZA puts the choices in the uninformed users hands, they decide
whether to use it or not, give them the router and you have taken that
choice away.
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Shawn McMahon
Sent: Thursday, June 05, 2003 9:37 AM
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Zone Alarm
On Wed, Jun 04, 2003 at 04:03:57PM -0500, Schmehl, Paul L said:
>
> There *are* cases where "not so great" security is better than "really
> great" simply because "really great" won't get used and "not so great"
> is therefore better (than nothing.) It's all well and good that experts
And I would submit that most of us here are in fact guilty of that; how
many of us have at least one password, somewhere, that's ~8 characters,
mostly letters, as opposed to 128 random alphanumerics? Who here has a
house with a deadbolt and an alarm system, but no armed guards? A car
that you park in parking lots, with no bomb-sniffing dog going under it
before you get in?
Security that won't get used isn't security, it's theory. It belongs in
classrooms and labs. Security is a process, as well, not a binary flag.
It's not "exit code 1, insecure" one day, and "exit code 0, secure" the
next.
--
Shawn McMahon | Let every nation know, whether it wishes us well or ill,
EIV Consulting | that we shall pay any price, bear any burden, meet any
UNIX and Linux | hardship, support any friend, oppose any foe, to assure
http://www.eiv.com| the survival and the success of liberty. - JFK
Powered by blists - more mailing lists