"Workstation" Product defaults to wide-open firewall

DJ Delorie dj at redhat.com
Mon Dec 8 17:54:55 UTC 2014


> > I, for one, am happy to welcome our new more-reasonable-less-paranoid
> > overlords.  I've been disabling my firewall for ages, as my machines
> > are behind an enterprise firewall anyway
> 
> that don't apply for a notebook, especially not if the enduser is=20
> connected to a public WLAN and if you think that you are proctected=20
> because a firewall in front of the WAN security is not your bussiness
> 
> https://www.google.at/search?q=3Dsecurity+attackers+from+the+inside
> 
> * one infected machine inside the LAN
> * vulnerable port open
> * you are done
> 
> and no, that is not theory, that happens every single day again and=20
> again and hits people feeling safe because a firewall in front of the=20
> internet until they learn it the hard way
> 
> "less-paranoid" =3D=3D no business in security
> 
> before Edward Snowden made informations public a lot of people which=20
> told that things are happening also where called "paranoid"

I'm aware of all your rhetoric and I'm aware of the security concerns.

If you really want full security, your only choice is to disconnect
from the Internet.  Everything else is a compromise, and I choose to
place my compromise somewhere else than where you choose.


More information about the devel mailing list