Aren't desktop firewalls useful in cases where attackers use malicious PDFs/Office documents/browser exploits to run reverse shells? If the exploit tries to connect to evilhost.com:443, how can a server firewall know that the connection is not a legitimate HTTPS connection?
As far as I understand, desktop firewalls would block attempts like these, as long as the connection isn't initiated by a whitelisted program. Of course the exploit payload could include methods to whitelist itself, but I assume there is no one single method to do this, so the payload would have to include custom methods for each of the personal firewall vendors.
Disclaimer: I have no experience with personal firewalls, and if I'm talking out of my ass, please correct me.
OpenSUSE ships a modified version of OpenOffice.org that bundles Novell's patchset, which includes some nice improvements that Sun has declined to accept upstream for various technical and licensing reasons.
And another Ars article says:
Many of these patches maintained by Novell provide important features that are valuable to Linux users, including support for embedded multimedia via GStreamer, (...) and support for Mono-based automation and scripting.
Mono does not seem to be just means to an end, but an end in itself.