#1 I've never understood this as a concept. Why on earth would you first run an FTP server and then block the port it uses?
Sure it helps if someone sneakily installs stuff but that's the reason why so many things are nowadays tunneled via HTTP. Because everything is always blocked.
The point about load balancer whitelisting was a good one.
#2 works only if you choose iOS style environment where a single entity, Apple in that case, decides what to run and what not to run.
Otherwise it falls to the "Cute rabbit" category. E.g: If user gets a mail "Click here to see a cute rabbit!" they will click everything, bypass all security dialogs just so they can see the cute rabbit. And/or they will grow desensitised and click "Yes" on all dialogs. The old UAC dialog in Windows Vista was an excellent example of this. Everyone just automatically clicked yes because it popped up all the time.
#3 is just "Don't write buggy software". Yeah. We wouldn't if we were smart enough.
I would say you should probably never run an FTP server at all these days (perhaps in a chroot jail, or container, but seriously, why do you need it?). I've worked on website migrations where I've only opened up 22, 80 and 443 only to be told that they have just signed a new contract with a 3rd party and they require FTP and MySQL to be open to their (usually disparate) range of IPs.
I usually try to educate the 3rd party on using something like SSH tunneling, and have, on occasion, sent them screenshotted docs on how to do so. This works much more effectively than preaching security at them. Make it easy and they usually follow.
Regarding the "Cute rabbit" theory, I've heard this discussed as both a security design issue, and a UI design issue. I tend to think the solution to this needs to come from the UI side, but it's difficult as apparently we're driven by "punishment and reward" and a computer can't easily admonish you for doing the wrong thing. This feedback is probably required to prevent people clicking on everything remotely lagomorphic.
I suggest a mouse that gives you an electric shock every time you click on an identifiably spammy / malwary link.
You could even customise it to give you a shock when you break your HN noprocrast settings!
Yeah blocking ports is lame. The worst type of IT guy you can meet it's the "i-wont-open-port-53627-for-your-app-because-those-ports-are-dangerous" asshole.
Sure it helps if someone sneakily installs stuff but that's the reason why so many things are nowadays tunneled via HTTP. Because everything is always blocked.
The point about load balancer whitelisting was a good one.
#2 works only if you choose iOS style environment where a single entity, Apple in that case, decides what to run and what not to run.
Otherwise it falls to the "Cute rabbit" category. E.g: If user gets a mail "Click here to see a cute rabbit!" they will click everything, bypass all security dialogs just so they can see the cute rabbit. And/or they will grow desensitised and click "Yes" on all dialogs. The old UAC dialog in Windows Vista was an excellent example of this. Everyone just automatically clicked yes because it popped up all the time.
#3 is just "Don't write buggy software". Yeah. We wouldn't if we were smart enough.