lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4127418302.20040115213118@digitaldefense.be>
From: fulld-j at digitaldefense.be (Joris De Donder)
Subject: January 15 is Personal Firewall Day, help the cause

> There have been alot of 'complaints' or FUD replies concerneing the
> efforts for personal firewall day, 1/15/04, yet not a single, "this would
> work much better" replies or offerings.  do  any of the unsuporteres have

The main problem is the user. Annie for example opens/runs every
attachment she receives. Now if you say to Annie that all she needs to
do to be secure is installing (buying) a PFW (from a short list of
sponsors (*)), using an Anti-Virus program and keeping her system
updated, you actually encourage her to continue her dangerous
behavior. Fact is that even with a PFW, up to date AV and system,
Annie (who is part of the Administrators group btw) will get infected
if she keeps opening/running every attachment.
And then it's game over. This is not 1998, trojans/backdoors are
becomming more and more advanced (public rootkit projects for MS
Windows are becomming more common) and no PFW (a program that is
running on the same, now compromised, system) can prevent a 'modern'
backdoor/trojan from "getting out".

So we need to change Annies behavior. An obvious (technical) solution
would be to give Annie an email client that's incapable of launching
(possibly harmful) attachments, but that only solves part of the problem
since Annie just received a .scr file through her favorite IM client
and next week Annie will find and install a new filesharing program...

Annie needs to realise that she's not safe. She needs to realise that
even with a PFW, up to date AV and system, she can still get infected.
She needs to learn to 'think' when her new PFW pops up a message
saying that a file cald "iexpIlore.exe" (with a nice IE like icon)
tries to "connect to the internet".

So (unless ofcourse, we can move Annie and the millions like her away
from general purpose desktop computers like we know them today to some
new kind of secure frontends, that store their files and settings on a
remote server(**)) it's essential that we educate Annie.

Computer stores can play a very important role in this and for example
give their customers a flyer or 'brochure' with usefull tips and
guidelines.

ISPs could give the same information to their customers or even put
certain 'security requirements' in their contracts. They could send
their users a 'security newsletter' and/or setup a special
website/page with usefull information (usefull information != some
links to your sponsors and and some FUD text written by people from
the marketing dep.)

Conclusion: The purely technical solution (with obvious commercial
intentions) proposed by personalfirewallday.org will lead to a false
sense of security, resulting in more insecure systems.
User Education is an essential part of the solution.

Joris


(*) I see the list just got updated....
(**) No, I don't mean dumb terminals.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ