Daniel M Gessel wrote: > Firewalls seem like an ideal solution: a trusted network inside an effective > firewall is free from the (not insignificant) overhead of security. > > But firewalls aren't completely effective and are only one tool that we all > use on a daily basis.
The biggest problem with firewalls is what they lack, rather than what they have. They aren't, generally, integrated with an authentication system. They are sometimes integrated with a protocol verification system, but not often, because that's much harder to get right and keep working. So the usual workaround is to add a VPN, where strongly authenticated machines can become part of the inside rather than the outside. This doesn't actually pass any authentication information to the inside services, so complicated work-arounds exist. The second biggest problem is that we started using a firewall-evading technology to invite other people to run code on our machines -- web browsers. -dsr- _______________________________________________ Discuss mailing list Discuss@driftwood.blu.org https://driftwood.blu.org/mailman/listinfo/discuss
