On Wed, 06 May 2009 22:38:14 +0200, Anders Johansson wrote:
On Wednesday 06 May 2009 22:28:43 Jim Henderson wrote:
And yet it's one of the more popular avenues to compromise a system - trick the user into running something they didn't mean to and then connect outbound. Why? Because it's something a lot of systems don't protect against.
You managed to miss my point. If you're running a rogue application, an outbound connection should be the least of your worries.
Sure, it's not the only problem, but again, if your machine is being controlled for purposes of spamming the world, I would think that something that's in place to prevent that from taking place would be a good thing.
What local root/Administrator exploits do we not know about yet? What happened to that critical presentation you were going to deliver to a customer at 7am tomorrow?
We're not talking about local exploits, though. Changing the subject midstream distracts from the discussion itself.
And as for the pseudo-security presented by ZoneAlarm, the "security by popup" scheme simply does not work. Microsoft tried it in Vista, and people forced them to stop. The immediate and instantaneous reaction to a popup, any popup, regardless of circumstance, from a "normal" user is to click ok. I have seen it even from relatively experienced users. Error popups, warnings, whatever - it's gone a tenth of a second after it's appeared.
Depends on the user. I've seen normal users who use it who do question every time i comes up because they do want to be protected.
It's better to design for security correctly in the first place. Part of this is not running applications from untrusted sources, and part is to have a good security infrastructure - and in this, things like ZoneAlarm have no place at all
It's a combination of technological measures and educational measures for the users. ZA provides a technological measure that does have a positive effect - many people voluntarily run it because they recognise they need to protect themselves. Some of those people even pay for it. That's a difference between ZA and UAC - UAC wasn't really a user choice, it was forced on the users. Give the users a choice on methods to protect themselves, though, and they do take it. Well some do, and those who don't there's no change with. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org