Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: Firewall Primitives

Re: Firewall Primitives

From: Marcus J. Ranum <mjr_at_ranum.com>
Date: Mon, 11 Nov 2002 17:34:54 -0500

Stephen P. Berry wrote:
>As a result, customers, on the whole, get the security the dumbest customers
>deserve.

I'm convinced - and scared - by your logic. I've also had a few
other private emails pounding on me for the "Customers get the
security they deserve" crack. So I'd formally like to recant. ;)
You (you know who you are) have all talked me out of it.

Basically, we're dealing with a problem that is on the order of
a public health issue. Imagine there's a sexually-transmitted
disease that can kill if you get it. But lots of people ignore
it because mitigation is a pain in the neck and the rest of the
people are ignorant. So maybe only a small percentage of the
population protects themself. Sooner or later, that percentage
gets it _anyhow_ because within a long enough time, everyone on
earth has it and, well, the few clueful people are still stuck
on earth. Now, there are fixes - but they are draconian and
involve trampling on people's "right" to be stupid. This is the
kind of thing I was talking about a few months ago: make it
illegal/impossible to run a PC with Windows that doesn't have
an antivirus program (a simple technical problem: make it part
of the O/S and boot process...) and mandate personal firewalls,
etc. Sure there are technical details I'm blowing over but you
could take a HUGE bite out of the problem by just making stupidity
no longer an option... But I don't think I want to live in that
kind of world.

Anyhow - the relationship between customer requirements, what
vendors build, and what customers buy has always fascinated
me. Depending on which perspective you adopt, you can lay
the blame squarely at the feet of any one of the parties involved.
Which means, in practical terms, that the blame is shared - or
should be shared. And, perhaps, pretty much evenly.

mjr. 

---
Marcus J. Ranum				http://www.ranum.com
Computer and Communications Security	mjr_at_ranum.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Nov 11 2002
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos