Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: tunnel vs open a hole

Re: tunnel vs open a hole

From: Bill Royds <broyds_at_rogers.com>
Date: Thu, 10 Apr 2003 19:35:13 -0400

The problem is something called addiction.
Once somebody starts smoking cigarettes, your body has a physical need for
nicotine. The short term pain of withdrawal is such a great barrier that the
long term benefitst are hidden well. Tobacco product manufacturers know this
and have been shown to have increased the nicotine level in "mild"
cigarettes to create more addicts.

Similarly, Microsfoft are sold by a monopoly, which is a commercial form of
addiction. The pain of not using a Microsoft product after having introduced
it to your company is very real. The slap on the wrists that MS recieved
after its conviction of monopoly practices is like that given to tobacco
companies for years after they were shown to be causing harm to society.

Beating your head against the wall is NOT addictive.

Security is similar in that the benefits are long term, but the costs are
immediate. Since a corporation's sole purpose in life is to make profits,
anything that reduces profits is not done. The only way to change that
mindset is to sue the life out of crappy software makers. But if they are
powerful enough to get something like UCITA passed, it is not going to be
easy.
----- Original Message -----
From: "Marcus J. Ranum" <mjr_at_ranum.com>
To: "George Capehart" <capegeo_at_opengroup.org>
Cc: "Behm, Jeffrey L." <BehmJL_at_bvsg.com>;
<firewall-wizards_at_honor.icsalabs.com>
Sent: Wednesday, April 09, 2003 10:15 PM
Subject: Re: [fw-wiz] tunnel vs open a hole

: George Capehart wrote:
: >Fair is fair. You're right. If the customers complained/sued, maybe it
would get someone's attention . . . ;-)
:
: Y'know, when someone buys cigarettes and smokes them and enjoys
: them for 20 years and doesn't quit even when their medical effects are
: well-documented - then turns around and sues the tobacco manufacturers,
: I think they're pretty lame. I think they should accept that a certain
amount
: of their pain is of their own doing.
:
: When someone beats their head against a wall, and it hurts and their
: friends tell them to stop, they shouldn't sue the wall, or their friends.
They
: should accept that a certain amount of their pain is of their own doing.
:
: When someone keeps using Microsoft IIS as a mission-critical component
: in spite of the literally hundreds of security problems it's had in the
last few
: years - well. I think they should accept that a certain amount of their
pain is
: of their own doing.
:
: There's one easy way to complain to a vendor that sells crap: stop buying
: the crap. They'll get the point pretty quickly. In fact, with the way most
of
: these software companies burn money they'll evaporate overnight.
:
: Continuing to put your good money down on crap that you know is crap
: eventually loses you your moral position from which to complain if what
: you get is crap.
:
: mjr.
: ---
: Marcus J. Ranum http://www.ranum.com
: Computer and Communications Security mjr_at_ranum.com
:
: _______________________________________________
: firewall-wizards mailing list
: firewall-wizards_at_honor.icsalabs.com
: http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Apr 10 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos