Decius wrote:
] inignoct wrote:
] ] anyone else think this kind of thing should be the
] ] responsibility of the vendor?
] ]
] ] isn't this kinda like solving the problem of pollution by
] ] issuing filter masks, instead of fixing the factory?
]
] Well, the reality is that there is an established computer
] security industry that offers security products. These
] programs are often seen as preferable to vendor solutions
] because security updates to vendor software usually includes
] other bug fixes when can break production systems. Even if all
] of the software vendors completely separated computer security
] patching from their other patching, and did all of their
] patching online automatically, it would still be possible to
] misconfigure your system in such a way that it would be
] insecure.
]
] In this case, I could see the tool they are talking about here
] useful even in a vendor perfect environment. If you haven't
] applied the latest patches, then you can't connect to the
] network. School dorms, and other large, open networks would
] benefit greatly from such a technology.

perhaps. i'm not sure i like the idea of being forced to install software that checks my machine for updates and fails to let me connect without them. there's a lot of technical issues here that could be "solved" in a really wrong and detrimental way.

RE: Cisco security initiative / 4 major firms working to head off Net attacks