> There have been alot of 'complaints' or FUD replies concerneing the > efforts for personal firewall day, 1/15/04, yet not a single, "this would > work much better" replies or offerings. do any of the unsuporteres have
The main problem is the user. Annie for example opens/runs every attachment she receives. Now if you say to Annie that all she needs to do to be secure is installing (buying) a PFW (from a short list of sponsors (*)), using an Anti-Virus program and keeping her system updated, you actually encourage her to continue her dangerous behavior. Fact is that even with a PFW, up to date AV and system, Annie (who is part of the Administrators group btw) will get infected if she keeps opening/running every attachment. And then it's game over. This is not 1998, trojans/backdoors are becomming more and more advanced (public rootkit projects for MS Windows are becomming more common) and no PFW (a program that is running on the same, now compromised, system) can prevent a 'modern' backdoor/trojan from "getting out". So we need to change Annies behavior. An obvious (technical) solution would be to give Annie an email client that's incapable of launching (possibly harmful) attachments, but that only solves part of the problem since Annie just received a .scr file through her favorite IM client and next week Annie will find and install a new filesharing program... Annie needs to realise that she's not safe. She needs to realise that even with a PFW, up to date AV and system, she can still get infected. She needs to learn to 'think' when her new PFW pops up a message saying that a file cald "iexpIlore.exe" (with a nice IE like icon) tries to "connect to the internet". So (unless ofcourse, we can move Annie and the millions like her away from general purpose desktop computers like we know them today to some new kind of secure frontends, that store their files and settings on a remote server(**)) it's essential that we educate Annie. Computer stores can play a very important role in this and for example give their customers a flyer or 'brochure' with usefull tips and guidelines. ISPs could give the same information to their customers or even put certain 'security requirements' in their contracts. They could send their users a 'security newsletter' and/or setup a special website/page with usefull information (usefull information != some links to your sponsors and and some FUD text written by people from the marketing dep.) Conclusion: The purely technical solution (with obvious commercial intentions) proposed by personalfirewallday.org will lead to a false sense of security, resulting in more insecure systems. User Education is an essential part of the solution. Joris (*) I see the list just got updated.... (**) No, I don't mean dumb terminals. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html