Re: Debian secure by default?
On Fri, May 16, 2008 at 08:54:27PM -0700, Lee Glidewell wrote:
>
> > > > > My 2 cents a default firewall would be nice
> > > >
> > > > You mean like Windows has? How about not. Here's why:
> > > > http://samspade.org/d/firewalls.html
> > >
> > > The nature and purpose of a "firewall" seems to be greatly misunderstood.
> > > Personally, I think security vendor hype is as much to blame as naivete.
> > >
> > So basically a firewall is useless ?
>
> Well, no, I wouldn't go that far. I would say, however, that a generic,
> all-purpose software firewall isn't going improve Debian's "out of the box"
> security.
While this is probably correct it is not how most nontechnical users
perceive it. This has to do a lot with marketing, I guess. When
Windows add (in this case) firewall to OS it advertise it loudly
and users are persuaded that now it is more safe (whether it is true
or not). And so most users assume that this apply to other OS as well.
And this is in my opinion one area where Window and Linux differ.
MS is aware of power the marketing is able to provide
_and has means_ (read finance) to use it extensively. To remedy
this (with assets that Linux community has) it is needed to educate users.
And this is what you are doing here. Thanks for great job.
But it is needed to be realized that most users do not really
care (because they do not really know) about details involved. So
we must be not surprised when other user ask similar question,
and more of when this happens often. Just be patient and explain
it every time or go easy and (in this case) make firewall
configured by default however inappropriate it may be.
Just my random thoughts. Be welcomed to disagree.
Misko
Reply to: