Internet 'Skinny-Dipping'

Why one of the founders of the firewall doesn't use a firewall

4:05 PM -- William Cheswick, who's considered one of the fathers of the network firewall concept, proudly shuns firewalls altogether today in his personal network. In fact, the last time he used a firewall was back in the grungy '90s. (See Who Invented the Firewall?)

Cheswick, who with Steven Bellovin wrote the book on firewalls in 1994 while at AT&T Bell Labs, says most of his home machines (the Linux ones, anyway) go "Internet skinny-dipping," with no network firewalls. He also uses a Mac that runs a host-based firewall, but no network firewall.

"I have carefully checked and turned off dangerous services," says Cheswick, lead member of the technical staff at AT&T Research. (See Expert: Mac Users Should Gird for Swell of Attacks.)

"There's an element of excitement and danger" to going firewall-less, he admits.

He's not just doing it on a lark, though. Cheswick says he gets better access to the Internet, and there are fewer things to break. And, he argues, today it's more about the client's security, anyway: "I have strong host security," he says. "I know people are trying to break into my machines," he says. "It's a discipline for me."

Still, Cheswick says he's not against firewalls altogether. They still have a role, but the focus instead should be on making hosts able to protect themselves without a "walled garden," he says.

— Kelly Jackson Higgins, Senior Editor, Dark Reading