Again, using ZA puts the choices in the uninformed users hands, they decide whether to use it or not, give them the router and you have taken that choice away.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shawn McMahon Sent: Thursday, June 05, 2003 9:37 AM To: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] Zone Alarm On Wed, Jun 04, 2003 at 04:03:57PM -0500, Schmehl, Paul L said: > > There *are* cases where "not so great" security is better than "really > great" simply because "really great" won't get used and "not so great" > is therefore better (than nothing.) It's all well and good that experts And I would submit that most of us here are in fact guilty of that; how many of us have at least one password, somewhere, that's ~8 characters, mostly letters, as opposed to 128 random alphanumerics? Who here has a house with a deadbolt and an alarm system, but no armed guards? A car that you park in parking lots, with no bomb-sniffing dog going under it before you get in? Security that won't get used isn't security, it's theory. It belongs in classrooms and labs. Security is a process, as well, not a binary flag. It's not "exit code 1, insecure" one day, and "exit code 0, secure" the next. -- Shawn McMahon | Let every nation know, whether it wishes us well or ill, EIV Consulting | that we shall pay any price, bear any burden, meet any UNIX and Linux | hardship, support any friend, oppose any foe, to assure http://www.eiv.com| the survival and the success of liberty. - JFK _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html