Internet Connection Security for Windows Users |
by Steve Gibson, Gibson Research Corporation |
Firewall Vulnerability Disclosure Policy Our release of the first version of LeakTest caught the complacent PC security industry by surprise. It upset the users of insecure security products and the vendors of those products. And it is no surprise that these vendors were embarrassed by the sudden exposure of their products' extreme vulnerability to the light of public scrutiny. Neither is it any surprise that they reacted, in some cases, by defensively claiming that I had an obligation to secretly inform them in advance before revealing these facts to the public.
It is not, and never was, my intention to embarrass or harass specific firewall vendors. My ShieldsUP! external security testing facility doesn't know or care which firewall you may or may not be using, and neither does LeakTest. All of my tests focus upon the technology of security. They don't play favorites. They are unbiased, and all firewall vendors are treated alike.
vendor representations. If the products being sold are insecure, users deserve, want, and need to know. No two firewalls are the same, but there is no way to know from the surface how they compare. Claims are just that. Users need to have the ability to test their systems and firewalls, both from the outside in (with ShieldsUP! and someday NanoProbe) and from the inside out (with LeakTest). Over time the user community and PC press need to develop a general awareness of which firewalls seem more secure and which seem to be less. But when pitted against vendors' massive marketing budgets, a general awareness of the truth would not be achieved by having me secretly whispering into the ears of those companies who were producing inferior firewalls. So I can't do that.
My tests have been, are, and will always be generic and unbiased pure technology. After that, together, we will let the chips fall where they may.
security of their products. If they don't, who will? |
|
Gibson Research Corporation is owned and operated by Steve Gibson. The contents of this page are Copyright (c) 2024 Gibson Research Corporation. SpinRite, ShieldsUP, NanoProbe, and any other indicated trademarks are registered trademarks of Gibson Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy. |
Last Edit: Oct 06, 2003 at 14:29 (7,676.50 days ago) | Viewed 2 times per day |