Look folks, it's Friday, and almost the start of a long weekend here in the Us <woohoo! we love long weekends> and I just don;t wish to spend it replying to all the eggheads trying to disparage someones attempt to do a good thing<TM>. So, my last to the list on this topic before the long drive home, is this short exchange between me and Paul Robertson about this lists thread on the topic <thanks for permission to post this Paul> headers removed to lighten the bandwidth consumption just a tad;;
---------- Forwarded message ---------- Subject: Re: not sure On Fri, 16 Jan 2004, R. DuFresne wrote: > if you follow fulldisclosure, but thor larkholm put out a notice there and > a few other lists about personal firewall day. And many on the full I saw the early ones and replied off-list to one poster, but I'm not directly subscribed to full-disclosure. Feel free to pass along anything or this message if you think it's appropriate. > disclosure list have mis-interpreted this event as a marketing ploy by M$, > tru-secure and a number of anti-viri vendors and personal firewall 1. TruSecure doesn't do home user things[1] and the Web site is hosted on my personal machine[2]. I tried at first to do this as a completely community-sponsored event, and got lots of "Great idea!" but no help from anyone other than Russ Cooper[3] content-wise. 2. I went to the vendors, and "sponsorship" meant they put time and effort into the event. That's it. No money, nothing in trade, just actual work on the project. 3. I don't even run Windows. My comments on Windows are pretty evident to anyone with access to Google. Despite that, Microsoft stepped up to the plate and provided excellent resources, as did the personal firewall vendor that I started this whole thing saying bad things about at the NTBugtraq retreat. All the vendors allowed me final say in what got posted- despite the fact that I've said not nice things about them. I won't stop being me anytime soon either. 4. This was targeted at consumers- you know, the folks who're nothing but victims? The content was made to be consumer-level, the message was to get some protection. It wasn't aimed at getting them to switch software, turn into security gurus, or conflict with "Computer Security Day," "Anti-Virus Day," or "Whine about someone else trying to do something positive Day." Obviously it did conflict with the latter. 5. The start of this was a question I got when I was busy shooting down other's ideas for making the general Net better- "What would you do?" So I said "well the easiest thing is to stop all the compromised Windows boxes that are zombies and spam relays, and the quickest way to do that is with a personal firewall..." So it started. So far nobody shooting this down has stepped up and done anything better, and I doubt I'll be holding my breath- but if they do, I'll support it if it IS better. 6. I'm not, and never have been in marketing. [1] Arguably, ICSA Labs has an interest in the vendor stuff, but they were too busy to get involved. [2] I take the threats against my server quite serioiusly. [3] Russ and I both work for TruSecure, so that's how the TS/Labs logos got put on the site. W/O any participation by our marketing folks. > vendors. It's really been quite an outcry of fowl by many of the new kids > on the IT sec block. You might wish to look in and checkout the turmoil > <smile>. > It generally takes about 10 years for people to get past the "folks will use better software if they're informed!" stage- some of us took longer than that. Ah well, I'm glad it's all downhill from here, but it was a great learning experience. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions [EMAIL PROTECTED] which may have no basis whatsoever in fact." [EMAIL PROTECTED] Director of Risk Assessment TruSecure Corporation _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
