"Workstation" Product defaults to wide-open firewall

Bastien Nocera bnocera at redhat.com
Mon Dec 8 10:32:51 UTC 2014

----- Original Message -----
> Am 08.12.2014 um 10:50 schrieb Bastien Nocera:
> >> We don't need open or preconfigured high ports.
> >>
> >> What we really need is a user notification with options to allow or
> >> deny like we do with SELinux.
> >>
> >> That would be a appropriate solution for a workstation.
> >
> > No it wouldn't be, because users don't like being asked security questions
> STOP THAT - you do NOT speak for "the users"

I do, when it's been researched that asking users security questions doesn't work.

> you speak just for the careless part but they are already trained
> monkeys click on "yes" and "OK", at least they are responsible for their
> click

Yeah, that's so useful. "Oh, you clicked it, it's your fault". That's not
the type of OS I want to help implement, sorry.

> for brand new PC users the sad in that attitude is they will never have
> a chance raise their voice about it - if you are aksing the right users
> in a survey you can always have the reulst you want

Because Internet surveys aren't biased. *eyeroll*

> the rest is fine with think and answer a question of the OS and *after
> that* repsonsible for his own decision - making the decision implicit
> "we open that for you without asking" is dangerous and harmful

How can users make their own decisions and be responsible for their own
decisions when they don't know about firewall ports? Or firewalls? Or
TCP/IP? You're starting with the wrong preconceptions.

More information about the devel mailing list