[Full-Disclosure] January 15 is Personal Firewall Day, help the cause
Joris De Donder
fulld-j at digitaldefense.be
Fri Jan 16 12:55:21 GMT 2004
>> Conclusion: The purely technical solution (with obvious commercial
>> intentions) proposed by personalfirewallday.org will lead to
>> a false sense of security, resulting in more insecure systems.
>> User Education is an essential part of the solution.
> I must say that I've been absolutely amazed by the negative reactions to
> this. You complain that what "annie" needs is education. The
> personalfirewallday.org site does *precisely* that.
No, it does not. It claims that Annie will only be safe if she
installs a certain product.
> Have any of the
> people criticizing the effort even bothered to go look at the site?
Have any of the people criticizing the
pro-security-pro-awareness-but-anti-snakeoil-people even bothered to
read what these people are saying?
> I found:
> 1) A vision statement
I found FUD:
"Your connection to the Internet is a two-way street: you can venture
forth onto the Internet, but many criminals can follow that same
connection right into your computer and do anything they want with
it--unless you have a personal firewall."
> 3) Explanations of personal firewalls, antivirus protection and OS
> updating and links to resources for each
"The best personal firewalls not only keep threats from getting on your
computer, but they also keep threats already on your PC from getting
Compromised == compromised! See my other post.
> Everything you claim "annie" needs is right there on that one website.
> And you think that's a *bad* thing?
The website doesn't tell Annie that her own behavior, the way she uses
her desktop computer, is important. In fact, the website does the
opposite, it tells Annie that if she applies a certain technical
solution, her behavior doesn't matter.
> I realize it is possible to be so
> blinded by hatred that you can't even think logically, but I didn't
> realize how many in this industry were blind.
Yes, someone doesn't agree with a Microsoft sponsored website so he has
got to be a blind Microsoft hating penguin head...
Full-Disclosure is hosted and sponsored by Secunia.