RE: Annoying pop-ups

["R. DuFresne" <dufresne () sysinfo com>]

Gregory,

I'm sorry if you took my statements to be M$ bashing, though I have
pounded them in the past, and might well do so in the future, my comments
were meant to be far more general in nature, geared towards "vendors" in
general.  With a pointer at those offering wireless toys and trinkets.  Of
course, if a service is/needs to be turned on by default, it should be
clearly identified and explained in the accompanying documentation, with
clearly marked out links to further web based info, rather then forcing
the less technical to get smart and learn how to locate the information.

Thanks,

Ron DuFresne


On Fri, 1 Nov 2002, Gregory Austin wrote:

> Ron and Richard,
>
> At 10:18 PM 10/31/2002 -0500, Ron DuFresne wrote:
>
> > AGREED!  I've long advocated that vendors make folks shoot themselves in
> > the foot if they wish to, rather then ship products and appliances that
> > leave a hole in their heads from the time they install or plug-in.
>
> At 06:07 PM 10/31/2002 -0600, Richard Scott wrote:
>
> > I strongly disagree.  Users who wish to use this software, and the vast
> > majority of users, are not always inclined to review such functionality.
> > Given that we all purchase cars, do we insist on the manufacturing methods
> > to construct the car, do we insist that all the safety checks have been
> > executed to ensure they work?
> > In fact do we all not speed at some time or another?
> >
> > The issue here is that Microsoft and other vendors need to understand that
> > default settings are acceptable to the techno people of the world.  But
> > given the technology push to fulfill the "Family Entertainment Learning
> > experience"  not everyone will understand the implications of this
> > "vulnerability"/annoyance.
> > Microsoft and others need to change their mindset, after all XP machines are
> > not server engineered and such functionality is not needed for home use.
> > With many features, the necessary procedure should be FULLY documented to
> > instruct the user how to TURN ON the server, not turn it off.
> > It has long been argued that security and privacy is lowered to increase
> > usability.  Here is the crux of the problem, it's an engineering one.  We
> > should be engineering components that operate in the high security setting
> > that allows the user to do what they wish.  And if and only if they require
> > such a service, a well documented process for switching the functionality on
> > and having it work correctly should be given.
>
>       While, generally speaking, I agree with the premise that dangerous 
> services should have to be turned on not off, you guys miss my point 
> entirely.  There are many "dangerous" features in MS's desktop OS's (take 
> UPNP or the RDP server, for example)-- but the messenger service is not one 
> of them.  The service provides useful functionality used by admins all over 
> to broadcast messages to their LAN's (particularly easy and useful in flat 
> environments).
>
>       An ardent Microsoft basher myself, I'd love to jump on your anti-MS 
> bandwagon here but I can't.  I wouldn't put the base install of anything 
> unfiltered on the Internet, would you?  It's a wee bit silly to demand that 
> MS set their operating system to have every feature turned off by default, 
> even the useful non-dangerous ones like the messenger service.  It's 
> silly.  The network functionality built into their software was designed, 
> to some extent, for the soft warm LAN not the cold, hard Internet.
>
>       Consider the stated problem:
>
>               How do I keep from getting those pop-ups hitting my machine's 
> netbios ports from the Internet?
>
>       Now think about my response:
>
>                Firewall it, you moron. (so I'm paraphrasing myself here)
>
>        And finally, think about where you're reading this in the first place:
>
>                Could it be a list about . . . hmmmm . . . *filtering* traffic?
>
> Greg
>
> P.S.  Forget your "they should have made it different in the first place" 
> argument for a moment and answer this:  If your dear sweet grandmother was 
> going to hook her Windows 98 machine up to her shiny new cable modem, and 
> you were the one helping her do it, would you turn off all the services and 
> build some sort of weird bastion98 installation, or would you just firewall 
> it?  (Either by buying a packet-filtering/NATing cable modem, or by 
> installing some personal firewall software like ZA?)   What's that?  You'd 
> firewall it?  Go figure.
>
> ==============================
> Greg is, among other things,  a moron.
> Anything he has said above is solely his
> own opinion, not that of his employer.
> ==============================

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards