Original subject: Re: when installing a firewall,
Originated by: MMoraes @ SMTP (Mark Moraes)
{firewalls-owner @
GreatCircle .
COM} 8/17/94 9:21p
>The thread "Bypassing internet firewall" in comp.infosystems.www,
>comp.protocols.tcp-ip, comp.security.unix, alt.internet.services is
>amusing, started by article <32qicr$83c @
bmerha64 .
bnr .
ca> on Aug 16th.
>Guy wants to use Mosaic, is peeved that he can't because of his
>firewall...
> Mark.
(Nothing personal, Mark. I am taking exception to a mindset, not you.)
I take exception to the use of the words "amusing" and "peeved" in the
above. I am in the same situation. I am behind a firewall which seems
fairly secure, but also forms a fairly tight system of denial of service,
as far as many PC networking programs (Mosaic included) are concerned. Is
it possible we PC users are viewed as "amusing" in our petty, scratching
attempts to obtain access to the network in a fashion that is normal
among Unix users?
I waded through the long diatribe this list went through about not using
Hacker's Site lists, and I saw the arguments that we should seek to
maintain access rather than destroy it. Now I find that there is another
risk, of exactly the same sort, but it is being condoned, rather than
denounced. It is nothing less than the proliferation of firewalls. This
list, in effect, is putting information into the hands of site
administrators which is then used to build draconian firewall systems
which are just as capable of a denial-of-service attack as any hacker is.
Once security is obtained, further efforts to provide or restore access
to the network are not pursued, in the name of "security". Paths to petty
tyranny lead in many directions from this point, with the system
administrator (and the network policy wonks behind him/her) as the prime
suspects.
Effectively, a firewall is a way of banning the whole Internet, as a
suspected Hacker Site.
Do not misunderstand me. I am not denouncing firewalls, just their
misuse. In fact, due to my personal (negative) experiences with them, I
plan to become a great deal more educated in their use. My hope is to aid
the design of better ones which provide both security AND common user
access. I feel we must guard against the mindset that security is worth
(even partial) denial of access. We must also guard against becoming
passive, and content with a secure network. We must employ the same
passion that went into the arguments against Hacker Site Lists into
making sure that the users we are responsible for protecting are not
protected to the point of suffocation. If such a thing happens, and the
net becomes useless to a majority of the users, it will cease to exist.
(And now for the sarcastic part.) Oh, and by the way, thank you for this
need for firewalls, all you crashers, break-in artists, and information
thieves. Your contribution has been noted. I find it interesting that
many of your type consider information to be free, and so justify taking
it, while failing to consider how the world will change in reaction to
your misguided crusade. The reaction is to make all of us less free.
Thanks, guys.
Andrew Esh
Follow-Ups:
|
|
