Forums
New posts
Articles
Product Reviews
Policies
FAQ
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Menu
Log in
Register
Install the app
Install
Forums
General Discussions
Switcher Hangout (Windows to Mac)
What Are Your Security Settings?
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="cwa107" data-source="post: 987791" data-attributes="member: 24098"><p>It all goes back to my theory that an ounce of prevention is worth a pound of cure. If the firewall doesn't break anything, I don't see the harm in running it (or recommending it when asked).</p><p></p><p></p><p></p><p>And I understand where you're coming from. In the Windows world, there is a much stronger case for running a software firewall, simply by virtue of the sheer number of worms that exist for the platform. Chances are much exponentially higher that you would encounter one on a public network.</p><p></p><p></p><p></p><p>Oh, I don't know about that. Microsoft releases patches almost weekly (I'm keenly aware of them since I'm tasked with implementing updates for my desktops at work). Usually any reported vulnerability is patched inside of a week, it's very rare that an exploit exists before the patch is released.</p><p></p><p>Apple on the other hand has a track record of taking 6 months or more to release an update, and it's not exactly unusual that an exploit is released before that update finally surfaces. Examples:</p><p></p><p>This one was reported to Apple back in June and the patch was released about 2 weeks after the exploit was built and shown off as a proof of concept:</p><p><a href="http://www.engadget.com/2010/01/13/leopard-and-snow-leopard-flaw-exploited-in-proof-of-concept-rea/#comments" target="_blank">Leopard and Snow Leopard flaw exploited in proof of concept, real-world tomfoolery surely coming soon -- Engadget</a></p><p></p><p>This one was reported and patched by Sun in their own Java implementation, but it took Apple over 6 months to get theirs done:</p><p><a href="http://arstechnica.com/apple/news/2009/05/apple-has-yet-to-patch-critical-java-vulnerabilitya-vulnerability-in-the-java-virtual-machine-which.ars" target="_blank">Apple has yet to patch "critical" Java vulnerability</a></p><p></p><p>So you can see where my sentiment comes from. But it doesn't matter - clearly you have your own strongly held beliefs and that's fine. But I'm sure you can now understand why I made the recommendation.</p></blockquote><p></p>
[QUOTE="cwa107, post: 987791, member: 24098"] It all goes back to my theory that an ounce of prevention is worth a pound of cure. If the firewall doesn't break anything, I don't see the harm in running it (or recommending it when asked). And I understand where you're coming from. In the Windows world, there is a much stronger case for running a software firewall, simply by virtue of the sheer number of worms that exist for the platform. Chances are much exponentially higher that you would encounter one on a public network. Oh, I don't know about that. Microsoft releases patches almost weekly (I'm keenly aware of them since I'm tasked with implementing updates for my desktops at work). Usually any reported vulnerability is patched inside of a week, it's very rare that an exploit exists before the patch is released. Apple on the other hand has a track record of taking 6 months or more to release an update, and it's not exactly unusual that an exploit is released before that update finally surfaces. Examples: This one was reported to Apple back in June and the patch was released about 2 weeks after the exploit was built and shown off as a proof of concept: [url=http://www.engadget.com/2010/01/13/leopard-and-snow-leopard-flaw-exploited-in-proof-of-concept-rea/#comments]Leopard and Snow Leopard flaw exploited in proof of concept, real-world tomfoolery surely coming soon -- Engadget[/url] This one was reported and patched by Sun in their own Java implementation, but it took Apple over 6 months to get theirs done: [url=http://arstechnica.com/apple/news/2009/05/apple-has-yet-to-patch-critical-java-vulnerabilitya-vulnerability-in-the-java-virtual-machine-which.ars]Apple has yet to patch "critical" Java vulnerability[/url] So you can see where my sentiment comes from. But it doesn't matter - clearly you have your own strongly held beliefs and that's fine. But I'm sure you can now understand why I made the recommendation. [/QUOTE]
Verification
Post reply
Forums
General Discussions
Switcher Hangout (Windows to Mac)
What Are Your Security Settings?
Top