"Workstation" Product defaults to wide-open firewall

Reindl Harald h.reindl at thelounge.net
Tue Dec 9 19:35:35 UTC 2014


Am 09.12.2014 um 20:20 schrieb Bruno Wolff III:
> On Tue, Dec 09, 2014 at 19:20:10 +0100,
>   Reindl Harald <h.reindl at thelounge.net> wrote:
>>
>> * Firefox asks too
>> * it is not hard to accept a self signed cert
>> * BUT it is hard enough to defeat the "click OK somewhere" reflex
>
> There should be a way to disable FF's you need to click twice to accept
> certs that are not signed by authorities it recognizes.

why?

to make it easier for phishers to catch the "first click i do not thing 
as long nothing explodes" users?

if you are too lazy to click twice it can't be that important and 
hopefully you also would be too lazy if it affects your online banking 
or other sites asking for your credentials and the time if you no longer 
too lazy you have left the compromised wireless network

a recent study proved that within *20 minutes 10 % of users* eneterd 
there *company credentials* in case of a good made phishing to be part 
of a winning game - until that i thought the large amount of phsing 
mails are seeking the single idiot out of a million because the mails 
don#t cost money and i am still shocked about the sad reality

if you would be long enough in the security business you would tend to 
require sign security relevant questions with it's own blood by any user 
and hence a "we accept any connection blindly" default is unacceptable 
in the current IT - it masks the problems by make them worser without 
*any* intention to solve them

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20141209/41dd019c/attachment.sig>


More information about the devel mailing list