Mailinglist Archive: opensuse (1425 mails)
| < Previous | Next > |
Re: [opensuse] Re: Interactive Firewall Needed
- From: Anders Johansson <ajohansson@xxxxxxx>
- Date: Wed, 6 May 2009 23:17:22 +0200
- Message-id: <200905062317.22455.ajohansson@xxxxxxx>
On Wednesday 06 May 2009 22:46:44 Jim Henderson wrote:
The topic is security. This whole discussion is a little akin to sending a
serial killer out on the streets with the proviso that he's not allowed to use
a crossbow.
"Nobody is talking about killing people with guns! Look, he can't use a
crossbow!"
The (apparently not so obvious) point is that once you have a local exploit,
you also have the means to bypass, or completely remove, your ZoneAlarm.
I've seen it often enough. Even the most arduous user will give up after 100
clicks and allow full access to their email program (for example)
No, they run it because they believe the advertising (including free ads, like
this thread) and think it makes them safe
Sure, and some people try to cure serious diseases with homeopathic
medicine. It still doesn't mean it works
Anders
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
You managed to miss my point. If you're running a rogue application, an
outbound connection should be the least of your worries.
Sure, it's not the only problem, but again, if your machine is being
controlled for purposes of spamming the world, I would think that
something that's in place to prevent that from taking place would be a
good thing.
What local root/Administrator exploits do we not know about yet? What
happened to that critical presentation you were going to deliver to a
customer at 7am tomorrow?
We're not talking about local exploits, though. Changing the subject
midstream distracts from the discussion itself.
The topic is security. This whole discussion is a little akin to sending a
serial killer out on the streets with the proviso that he's not allowed to use
a crossbow.
"Nobody is talking about killing people with guns! Look, he can't use a
crossbow!"
The (apparently not so obvious) point is that once you have a local exploit,
you also have the means to bypass, or completely remove, your ZoneAlarm.
Depends on the user. I've seen normal users who use it who do question
every time i comes up because they do want to be protected.
I've seen it often enough. Even the most arduous user will give up after 100
clicks and allow full access to their email program (for example)
It's a combination of technological measures and educational measures for
the users. ZA provides a technological measure that does have a positive
effect - many people voluntarily run it because they recognise they need
to protect themselves. Some of those people even pay for it.
No, they run it because they believe the advertising (including free ads, like
this thread) and think it makes them safe
That's a difference between ZA and UAC - UAC wasn't really a user
choice, it was forced on the users.
Give the users a choice on methods to protect themselves, though, and
they do take it. Well some do, and those who don't there's no change
with.
Sure, and some people try to cure serious diseases with homeopathic
medicine. It still doesn't mean it works
Anders
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |