| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: smcmahon at eiv.com (Shawn McMahon) Subject: [OFFTOPIC] Zone Alarm On Thu, Jun 05, 2003 at 11:13:04AM -0400, JT said: > This is a lame basis for your argument. You provide 2 vulnerabilities that > are old. Everything has vulnerabilities, I will not waste my time search ZA It wasn't a basis for my argument. It was a specific answer to a specific assertion, which was that nobody here has had to flash upgrade a router in the last few years. Vulnerabilities that affect both of the major home router vendors, that have occured in the last few years, and that require a flash upgrade to fix, are perfectly reasonable responses to that. In summary, read the entire thread, or go play somewhere else. > for the most part. Which is easier? Right, the router is easier because they > just plug it in and go. You would have us believe that these "inept" users > WITHOUT ANY computer person are going to be smart enough to FIND zone alarm, > INSTALL it, CONFIGURE it, and then decide each time anything wants to hit > the net. Please, spend 30 more seconds and show me some CURRENT > vulnerabilities. And you would have us believe that if offered a choice between "go to this link, download it, and install it" and "go to Best Buy and spend money, then hook up cables", every single user in the entire world will choose the latter. This naive beyond belief, even if you don't count the people for whom the purchase option will take weeks even if they had the money. Most Windows users know how to install a program. Many (and I'm not by any stretch of the imagination saying all) are afraid of hardware, and many (ditto) will view the tradeoff of $40 for security as worthless. Are you going to write all x-hundred million of them personal emails talking them into it? There are people on the Internet for whom their PC represents a year's labor, and a new router represents months. Telling those people not to bother with any security is ridiculous. Nobody is saying that software firewalls are inherently superior to dedicated firewalls in all circumstances, or even most circumstances. But security that isn't used isn't security. If the choice is between doing nothing or downloading a program, and I assure you that in many cases it will be that choice, I'd rather they download the program and have SOME security, which means some resistance to being 0wnz0r3d and causing ME a problem despite my security. -- Shawn McMahon | Let every nation know, whether it wishes us well or ill, EIV Consulting | that we shall pay any price, bear any burden, meet any UNIX and Linux | hardship, support any friend, oppose any foe, to assure http://www.eiv.com| the survival and the success of liberty. - JFK -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030605/d79033bf/attachment.bin
Powered by blists - more mailing lists