Forgive my naivete (and perhaps excessive subject) but it seems to me that internet communication all comes into a PC though a single port at a time and therefore through a "bottleneck".
Is there some reason we can't just have a blacklist and a whitelist with tick boxes against plain text strings to block or allow specific things passing through that route?
Perhaps you'd need one for text itself eg
That seems to me to eminently controlable and understandable. If anything that isn't listed comes in/out it should ask for what to do and add to the list of tick boxes as appropriate.
I've just been looking at Norton.symantic and it just looks like a total mess to me. They couldn't have made it any more complicated and less controlable if they tried. (Or perhaps they did and thats the idea to keep people paying out - A real firewall surely should last decades)
Norton is all very pretty and technical looking but I've spent all day on norton and I havn't got a clue what might still get though and what cant.
As far as I can see there is no way for a reasonably literate but novice "net user" to gain any form of firewall. They all come configured with so many holes they seem effectively pointless.
Try to block google or microsoft and you may as well just chuck the PC in the bin. And that I suspect is very telling about the overall state of security.
Perhaps there is something like that that works on vista but I havn't found it.
At the risk of sounding even more like a newbe ... sigh.