On Thu, 15 Jan 2004 09:28:39 -0800 Ron DuFresne <[EMAIL PROTECTED]> wrote: > >There have been alot of 'complaints' or FUD replies concerneing the >efforts for personal firewall day, 1/15/04, yet not a single, "this >would >work much better" replies or offerings. do any of the unsuporteres >have >something better to offer that is;
Okay, here's the deal. a) If this is truly an 'education' effort and not a security software pushing effort, it's an extremely poorly named one. The average uneducated user is going to look at this and say "huh?"..and I don't mean the "let's find out more about this" huh...I mean "this makes no sense and I don't even begin to understand firewall and I'm moving on to the next easy thing to grasp" huh. "Safe computing" day or something else warm and fuzzy would have been far better. b) If the name simply must be something technical, then personal firewalls are probably the 3rd most valuable thing to push. Patching and AV are waaay ahead. I would say anti-spyware is probably even more important to the average Windows user than a personal firewall. Personal firewalls are also far too complex for the average user to be good as an 'on message' movement. If they can understand that stuff, they already understand patching, AV, and clicking "no" when prompted to install malware. c) When you center an education effort around a niche product whose very existence depends on the very security holes that cause the problem...don't expect to garner much support. The marketing behind these products has far more sinister potential than that of $150/hour security consultants. So to wrap up...IMHO, if this had been "safe computing day"--focusing on patching, AV, and possibly anti-spyware, it would have gotten far far more positive reaction. Leave the personal firewalls out--not nearly enough bang for the buck. Now...not to be fatalist, but while this effort is well intentioned, the bottom line is the population in general toast until the primary players fix their code and defaults. There are millions of unsafe PC's out there manned by non-experts, and there are a handfull of key software companies manned by plenty of experts. Where should the primary effort be? -Mike _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html