lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: fulld-j at digitaldefense.be (Joris De Donder)
Subject: January 15 is Personal Firewall Day, help the cause

>> Conclusion: The purely technical solution (with obvious commercial
>> intentions) proposed by personalfirewallday.org will lead to 
>> a false sense of security, resulting in more insecure systems.
>> User Education is an essential part of the solution.
>>
> I must say that I've been absolutely amazed by the negative reactions to
> this.  You complain that what "annie" needs is education.  The
> personalfirewallday.org site does *precisely* that.

No, it does not. It claims that Annie will only be safe if she
installs a certain product.

> Have any of the
> people criticizing the effort even bothered to go look at the site?
Have any of the people criticizing the
pro-security-pro-awareness-but-anti-snakeoil-people even bothered to
read what these people are saying?

> I found:
> 1) A vision statement
I found FUD:
   "Your connection to the Internet is a two-way street: you can venture
    forth onto the Internet, but many criminals can follow that same
    connection right into your computer and do anything they want with
    it--unless you have a personal firewall."
    
> 3) Explanations of personal firewalls, antivirus protection and OS
> updating and links to resources for each
I found:
   "The best personal firewalls not only keep threats from getting on your
    computer, but they also keep threats already on your PC from getting
    out."
Compromised == compromised! See my other post.

> Everything you claim "annie" needs is right there on that one website.
> And you think that's a *bad* thing?
The website doesn't tell Annie that her own behavior, the way she uses
her desktop computer, is important. In fact, the website does the
opposite, it tells Annie that if she applies a certain technical
solution, her behavior doesn't matter.

> I realize it is possible to be so
> blinded by hatred that you can't even think logically, but I didn't
> realize how many in this industry were blind.
Yes, someone doesn't agree with a Microsoft sponsored website so he has
got to be a blind Microsoft hating penguin head...


Joris

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ