Don,
You are a very accomplished system software architect, and I don’t
discount your opinion. But don’t you think that there is an element of
“Marketing”? Who is/are going to throw the dirty laundry out in the public.
When I was in that business ( firewall, antivirus), I used to have
static ip from my local ISP, and my systems were crashing like anything,
if I did not have a firewall. Now a days, router does have a bit of it -
we sold / licensed to linksys ( way before cisco bought it )… So I’ve
been through this, I knew what we were doing, and when it comes to win16
family ( win95, Me etc), it was way too important… I don’t remember
the year, but I think it is 2000 or 2001 when I was visiting India,
people all over were using the zoneAlarm ( the free version)… And you
know, being a strong believer of Math and a person who backed out after
finshing 2/3 of Phd thesis, I did want to see what is the truth behind
it… All said, the systems goes down without it quite frequently.
So I guess I have to trust my experience and what I saw !!!
Also I had discussion with some very qualified and experienced
Architects - we all agreed that even if some securities are in the
hardware breaking would not be that difficult if a bunch of people get
their hands on it and do signal processing analysis…
But sure, I don’t like hooking. It’s a pain to resolve compatibility
issues, those bugs that shows up in a leap year or such.
-pro
Don Burn wrote:
Pro,
If that was only the case, too many of the secutity folks I have met
said it was easy (in fact mention starting with the regmon sources and
looking blank when someone asks did you pay sysinternals?), so why not do it
versus a file system filter? The other claim is that it gives them more
security than other schemes that work.Yes there are times that it is needed, but I have seen too many
products that did it because the developers didn’t give a damm, and some of
them are well known firms.