Mailinglist Archive: opensuse (1332 mails)
| < Previous | Next > |
[opensuse] Re: Interactive Firewall Needed
- From: Jim Henderson <hendersj@xxxxxxxxx>
- Date: Wed, 6 May 2009 15:35:04 +0000 (UTC)
- Message-id: <gtsan7$v26$1@xxxxxxxxxxxxx>
On Wed, 06 May 2009 08:43:32 -0500, L. V. Lammert wrote:
It's not a question of the user being put in that position, it's (as
Prasun points out) a question of the user knowing they launched an
application and that application needs access to resources external to
the machine.
Have you ever used a product like ZoneAlarm on Windows? That's the model
they're talking about, and it's very good because it puts the user in
control and gives the user information.
You seem to be asserting that all users are conditioned to say "OK" or
"Yes" to everything. That assertion is a false assertion, easily
provable by me introducing the example of my mother, who I have trained
to not just agree to anything the computer asks her. She's not a
computer expert, and she doesn't need to know that port 1234 is needed
for application FooBizBan on her machine. But when she launches
FooBizBan and does something with it that requires access to the
Internet, she is asked "Application FooBizBan is attempting to access the
Internet. Do you wish to allow this?"
If she recognizes the application as one she's just started, she knows to
allow it.
Jim
--
Jim Henderson
Please keep on-topic replies on the list so everyone benefits
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Sorry, your assumptions are wrong on boht counts. A *USER* should not be
put in a position of knowing what is secure or not - that is just good
security practice.
It's not a question of the user being put in that position, it's (as
Prasun points out) a question of the user knowing they launched an
application and that application needs access to resources external to
the machine.
Have you ever used a product like ZoneAlarm on Windows? That's the model
they're talking about, and it's very good because it puts the user in
control and gives the user information.
You seem to be asserting that all users are conditioned to say "OK" or
"Yes" to everything. That assertion is a false assertion, easily
provable by me introducing the example of my mother, who I have trained
to not just agree to anything the computer asks her. She's not a
computer expert, and she doesn't need to know that port 1234 is needed
for application FooBizBan on her machine. But when she launches
FooBizBan and does something with it that requires access to the
Internet, she is asked "Application FooBizBan is attempting to access the
Internet. Do you wish to allow this?"
If she recognizes the application as one she's just started, she knows to
allow it.
Jim
--
Jim Henderson
Please keep on-topic replies on the list so everyone benefits
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |