Thursday, 3 July 2008

If you can't beat 'em, join 'em

I have to be careful what I say here, but this annoyed me. No, not because they are promoting firewalls, which suck, and will always suck, and should be shot, but because of this:
Firewalls are underrated, but only by an industry which is perpetually looking at selling you the next new thing.
Again, not because it's a lie, firewalls are not underrated, they couldn't be. No, because it's hypocritical crap. Sorry Matasano, you may have some of the finest security minds in the business, who could knock me into a cocked hat, but this is spin. If you don't like being part of an industry that is perpetually trying to sell the next new thing, don't build new things and try to sell them whilst pretending to be a research company.

You guys are supposed to be teaching people about security, not dragging it back into the 20th Century. No wonder "Firewall adoption is huge, and what most companies struggle with is with managing their rules and making sure they get the most out of their existing deployment” - when even the most stand-up, hands-on-hearts, honest to goodness pure security folks are trying to hawk them bloody firewall enablement software!

This is the most circular, hypocritical and ridiculous argument from a bunch of otherwise extremely clever and normally responsible people that I've read in a long time. And I've been reading PCI surveys.

No comments: