Ansgar -59cobalt- Wiecher
Guest
|
 Posted:
Fri Dec 16, 2005 5:21 pm Post subject:
Re: Recurrent question |
|
|
Kerodo wrote:
| Quote: | In article <40dr6mF19hmiuU1@individual.net>, usenet-2005@planetcobalt.net says...
Kerodo wrote:
In article <43a164e9@news.uni-ulm.de>, bumens@dingens.org says...
Kerodo <loopback@localhost.com> wrote:
Yep, just because something isn't perfect 100% of the time doesn't
mean it's useless.
"Personal Firewalls" aren't "not 100% perfect". They're completely
useless because of being superseeded by the Windows-Firewall,
That's completely ridiculous. They do entirely different things.
No. Both filter inbound connections. That can be done reliably. The
Windows Firewall prevents applications from listening on ports. That
can be done reliably as well. Personal Firewalls try to prevent
applications from communicating outbound. That cannot be done
reliably. Which is why the Windows Firewall is sufficient.
The key to your argument is the word "reliably".
|
Exactly. Security needs to be reliable otherwise you don't have security.
And IIRC this group is still comp.SECURITY.firewall rather than
comp.PROBABILITY.firewall, isn't it?
| Quote: | So it depends on what exactly you mean by that.
|
Look it up in a dictionary.
| Quote: | It goes back to that AV being useless argument. By your definition of
"reliably" then all AVs are useless too because they don't catch 100%
of the threats and hence are not "reliable". Yet we still use them
don't we? Why?
|
Signature-based detection is reliable, it will detect every matching
pattern (though it will sometimes produce false-positives), hence I
consider AV software useful.
| Quote: | Because they will and do catch a high percentage of the threats.
|
No. Because they are reliable in the scenarios they are made for. Why do
people always come up with this "high percentage of the threats"
bullshit? A security (counter-)measure does not have to be reliable for
100% of all imaginable scenarios, but it has to be reliable for 100% of
the scenarios it is designed for, otherwise it is useless.
| Quote: | And catching most is better than catching none.
|
Not from a security PoV.
| Quote: | Also to say that the reason why Windows Firewall is sufficient is
because Personal Firewalls can't catch all outbound, is another
illogical and silly argument. What does one have to do with the
other?
|
A security measure has to be reliable. Outbound control is not reliable,
hence it cannot be a security measure. Period. Plus, once you run
malicious code on your system, you're toast anyway.
| Quote: | I would say that the Windows Firewall is not sufficient because it
makes no attempt to try to catch outbound. Some attempt is better
than none.
|
You are wrong.
| Quote: | Why do you think people "try" at things?
|
Software isn't people. Software is not supposed to try, but to DO.
| Quote: | Nobody is perfect, yet we keep trying simply because some success is
better than none, and to give up entirely is unacceptable. You would
have everyone give up the attempt to catch outbound simply because it
might be difficult at times.
|
It's not "difficult at times", it's impossible unless Microsoft
re-designs the IPC in Windows.
cu
59cobalt
--
"Der Computer ist da, um zu rechnen, nicht um Ausreden wie 'Kann nicht
durch Null teilen' auf den Bildschirm zu schreiben."
--Marco Haschka in de.org.ccc |
|
Ansgar -59cobalt- Wiecher
Guest
|
| Posted:
Fri Dec 16, 2005 5:21 pm Post subject:
Re: Recurrent question |
|
|
Kerodo wrote:
| Quote: | He can be somewhat interesting, however, his stance and arguments are
way too black and white. He leaves no room for anything else.. which
is not good.
|
Security is binary. Either you are secure in a given scenario, or you
are not. There's no middle ground.
cu
59cobalt
--
"Der Computer ist da, um zu rechnen, nicht um Ausreden wie 'Kann nicht
durch Null teilen' auf den Bildschirm zu schreiben."
--Marco Haschka in de.org.ccc |
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in