"Workstation" Product defaults to wide-open firewall
h.reindl at thelounge.net
Mon Dec 8 10:41:39 UTC 2014
Am 08.12.2014 um 11:32 schrieb Bastien Nocera:
>> Am 08.12.2014 um 10:50 schrieb Bastien Nocera:
>>>> We don't need open or preconfigured high ports.
>>>> What we really need is a user notification with options to allow or
>>>> deny like we do with SELinux.
>>>> That would be a appropriate solution for a workstation.
>>> No it wouldn't be, because users don't like being asked security questions
>> STOP THAT - you do NOT speak for "the users"
> I do, when it's been researched that asking users security questions doesn't work.
you asked the right persons
the people i am working with in the meantime are trained to call me by
phone in doubt if their computer asks something
>> you speak just for the careless part but they are already trained
>> monkeys click on "yes" and "OK", at least they are responsible for their
> Yeah, that's so useful. "Oh, you clicked it, it's your fault". That's not
> the type of OS I want to help implement, sorry.
open it by default and say "oh it's the applications fault" is the one
you want to implement, i git that in your other response
>> for brand new PC users the sad in that attitude is they will never have
>> a chance raise their voice about it - if you are aksing the right users
>> in a survey you can always have the reulst you want
> Because Internet surveys aren't biased. *eyeroll*
did i say that?
you have multiple type of users but you design a OS just for the careless
>> the rest is fine with think and answer a question of the OS and *after
>> that* repsonsible for his own decision - making the decision implicit
>> "we open that for you without asking" is dangerous and harmful
> How can users make their own decisions and be responsible for their own
> decisions when they don't know about firewall ports? Or firewalls? Or
> TCP/IP? You're starting with the wrong preconceptions
THAN EDUCATE THEM INSTEAD GIVE UP
how can they learn about firewall ports of firewalls if they never got
asked - how did i learn or the people i know?
ask a user a question and you have some options:
* he knows about it (not all users are clueless)
* he don't know but asks Google before click
maybe he got more interested in the topic later
frankly that's how i became an IT professional 12 years ago
* he clicks yes anyways
what you are doing is click "yes" for anybody and the expect that the
knowledgeable people fix that wrong settings on each and every instance
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 181 bytes
Desc: OpenPGP digital signature
More information about the devel