> Ingress being disabled doesn’t really net you all that much nowadays when it comes to restricting malware.

But how much of this is because ingress is typically disabled so ingress attacks are less valuable relative to exploiting humans in the loop to install something that ends up using egress as part of it's function.

▲

Dylan16807 3 hours ago | parent [-]

Since we're talking about programs that are trying to set up a connection no matter what, I'm going to say "not much". It's not significantly shrinking the attack surface and forcing attackers onto a plan B that's meaningfully harder to do. It just adds this layer of awkwardness to everything, and attackers shrug and adapt.

▲

ectospheno 3 hours ago | parent [-]

You block inbound to block inbound. Of course it doesn’t do anything for outbound. Acting like you can just turn inbound filtering off because of that is disingenuous.

	▲	Dylan16807 2 hours ago \| parent [-]
		Nobody suggested "just turn inbound filtering off"?? We're talking about an alternate universe of program design. And we're talking about malware in general, not inbound or outbound specifically.