Message-ID: <200311100314.hAA3EliA015956@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: WinME firewalling 

On Mon, 10 Nov 2003 07:43:32 +0530, morning_wood <se_cur_ity@...mail.com>  said:
> Actualy winMe is quite safe out of the box ( its win9x ) and
> does not have the remote compromises that affect winXP / win2k

Except that out of the box, it installs IE, and some Outlook variant,
and who knows what else that's got horrible holes in it....

Yes, out of the box it's mostly secure against random stray packets that
happen to be wandering the net.  On the other hand, that's distinct from
being "secure" or "safe".

Unfortunately, a $50 firewall isn't going to protect against many of the
email/web based trojans/viruses.  Might try Zone Alarm and tell the
granny to panic if something she doesn't know about tries to "phone home"
(Probably won't take more than a long afternoon to get it trained which
apps are authorized).

I hate to say it, but there's no such thing as good, *totally* invisible
security.  People need to get used to the idea that their computers *do*
require ongoing maintenance just like their cars do.  Download patches,
change the oil, actually pay attention to the alert popups/red dashboard
lights, and so on. Yes, trying to make it less obtrusive is a laudable
goal, but the user *does* have to take some responsibility here.... 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031109/050bc4c5/attachment.bin

Powered by blists - more mailing lists