On Thursday 16 August 2007 05:09, Robert Van Nostrand wrote: > The correct answer for the better of all now/future Debian users is to not > put a gun in the hands of a child. > For those mental midgets that are willing to put their CC info on a box > that they have no clue about then they deserve to have their identity > stolen. I agree with most of your sentiment: Debian isn't for the first-time linux user, generally. It's easier to break, harder to install, but the reward is that you get a much more powerful system. But does lack of information make anyone deserve identity theft? I don't think anyone deserves to have their identity stolen, because to deserve something bad you had to have done something bad. Being ignorant about debian isn't a bad thing. We all were once, and if everyone came at us with that attitude, would we have learned? I doubt it. My point is, that to debate if a firewall should be in the installer may circle around practical points, more/less how many people use a firewall or what benefit would a firewall have? But nobody should be pointing fingers. My personal view is that there are plenty of simpler distributions out there, knoppix for first-time users, Ubuntu/Suse for novices, and RedHat for people who need hand-holding. Debian is primarily for advanced users, and for users who have someone looking over their shoulder. We shouldn't over-simplify debian so that users not in it's target audience can use it. Putting a firewall in debian by default is also somewhat similar to Microsoft's attempts to pacify everyone: When windows' virus problem became worrisome to the average user, Microsoft added a firewall to their installation, to try to make users think that Windows was safe now. What happened? Well, security went down the toilet. Users thought they were safe without doing anything, so they didn't do anything. Microsoft succeeded at pacifying everyone, and so shot themselves in the other foot (the first foot is being so forceful and monopolizing the industry). I don't think a firewall by default is even a safe idea, just for that reason: Users who don't really know what it is, but hear "it makes me safe", will assume that it protects them from everything without them doing anything. -- Sincerely, Jack firstname.lastname@example.org My GPG Public Key can be found at: https://www.theanythingbox.com/pgp.htm (top link is current) I appreciate signatures, but if you only know me online, please use the --lsign-key, not the --sign-key. I appreciate trust -- but too much makes it less valuable.
Description: PGP signature