On Mar 13, 2012, at 3/13 9:16 PM, Cameron Byrne wrote:

> 
> > That's reality, and much as I love the e2e principle I think the ordinary
> > citizen is better off behind default-deny.
> >
> 
> I am not trying to be dense, but why?
> 
> What is the negative scenario of not having a homenet firewall on? Using real 
> examples from the last 5 years .... I would like to know how a cpe firewall 
> protects against real threats to modern software.
> 
It seems hard to predict a priori what a "real threat" is going to be. And it 
seems unlikely that "modern software" is all that will be found in average 
homes. For example, will the Android version on the refrigerator display be 
updated? 


> > Personally I haven't run without an on-board firewall since I got my
> > first wireless card (late 1999?). But we can't assume that applies to
> > every home device.
> >
> 
> Most PC software has shipped with a firewall on for the last ~10 years
> 
And these have to be then managed, and the triggers for "should this flow be 
allowed" will then transition to the PC as opposed to the CPE. Did the system 
become any simpler, really?

But the real issue to my mind is _non-PC_ software; the firmware on some 
power-line bridge written for the cheapest dollar by pulling together some 
version of Linux because the device had to sell for $25. Not only do all these 
devices now need firewalls (unlikely), they now need an easy way to manage 
these firewalls (next to impossible).

-Ashok

> Cb
> >   Brian
> > _______________________________________________
> > homenet mailing list
> > [email protected]
> > https://www.ietf.org/mailman/listinfo/homenet
> _______________________________________________
> homenet mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/homenet

_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet

Reply via email to