1. Home
  2. Networking Firewalls
  3. Alternatives to using a Personal Firewall
  4. Page 2

Alternatives to using a Personal Firewall

I don't continuosly monitor "home phoning". Before I install any software I search the web for reviews, user opinions, articles and so forth to get an idea of the software quality and the vendor reputation. In case of freeware I am especially cautious - I might even browse the EULA :-) Then I decide whether I want to accept the risk of running/installing. That's my sense of security. Í take responsibilty of what is running on my machine. I don't see any idea in allowing a program to run and then afterwards try to control what it's doing other than by configuring it.

I do, however, regularly use "Port Explorer" from DiamondCS to monitor my overall network activity. A piece of software I would recommend to anyone curious about what networking stuff is going on. If I am really suspicious about something I will packet sniff my wire using "ethereal". But that really happens very seldom - and it is not something I would ever recommend to a novice.

Furthermore, in many cases with PFW's, You are only left with the option of allowing or denying the traffic. How would You prevent a piece of software that is supposed to use the net from phoning home? And if it does'nt ask You, how would You know, without sniffing, if it was phoning home sensitive information or it was just checking for product updates? And, as others in here have also pointed out, in many cases phoning home or not is something that the software allows You to configure.

I would also like to add that privacy is to some extent a weird topic. Many users are happily revealing all kinds of more or less sensitive information in unscrambled form to the internet each and every day. They also leave traces behind at web sites they visit, forums they post to and mails they write. But when they hear about a software product phoning home, all hell is loose. And don't get me wrong. I definately don't defend "phoning home" for no obvious reasons. But on the other hand I don't support privacy hysteria either.

/B. Nice

Reply to
B. Nice
Loading thread data ...

I'm allways a little puzzled over statements like "without permission". Most home users are running their machines with administrative rights, which means they permit programs they run to do _everything_: They permit it to mess up anything from their registry to their system and personal files. But after the rise of PFW's, doing networking stuff has become some kind of de facto special case. I don't really get that, but that was a sidestep :-)

Back to the issue: Surely, I agree that with something like the Genuine Advantage Notification MS is really stretching it, and I don't defend that. But to relate it to the topic, I have a question for You: How many users do You believe actually have succeeded in preventing it from phoning home with the sole help from their PFW?. Did You succeed?

I am not sure I get Your point. Please clarify what kind of risk You are thinking of that would sacrifice Your livelihood.

/B. Nice

Reply to
B. Nice

I have no idea how many users have prevented it. I've used ZoneAlarm and Outpost. With ZoneAlarm it's simple; Outpost is more obtuse. I initially set ZoneAlarm to tell me when it was trying to access the Internet, and the message to that effect popped up every time I booted. I got tired of manually denying access each time, so I changed its permissions to permanent denial -- I enable it only when I want to update my Windows OS. So yes, I succeeded.

But interestingly, I just did another Windows update, and it installed a new version of Windows Genuine Advantage Notification. ZoneAlarm doesn't detect it trying to contact the Internet, and I don't see any sign of it with Port Explorer (which I'm just learning to use). So if it is still "phoning home", it's now under the radar and not where I've been able to detect it.

My point is that if I were like you in that I wouldn't allow any software on my system whose vendor I don't trust with my privacy, I wouldn't allow any Microsoft software on my system, because I certainly don't trust Microsoft with my privacy. Particularly, I wouldn't allow the Visual Basic compiler, which "phones home" every time I compile my program. I currently make most of my living selling a program largely written in VB, which requires support, modification, and the development of new versions. If I removed the VB compiler because of privacy issues, it would perhaps be noble. But it would be stupid.

Reply to
zzy

What are you talking about? And you know this for a fact. How?

Duane :)

Reply to
Duane Arnold

This is how root kits usually work. And Zone Alarm will not detect any malware, too, which wants to phone home. And no other "Personal Firewall" ever will do so reliably, because it's impossible already in theory. Now, if someone will create a provision to detect this special version again, then a simple code update will do to prevent thereupon.

What Microsoft created with WGAN is very near to a root kit. They did the same thing Sony did lately. And I'm wondering, why they're not getting hit for that - perhaps, because their lawyers have the better concept. And because, it's clear that their customers have to bite the bullet, or they cannot use Windows again at all.

You're describing the monopoly problem here.

Yours, VB.

Reply to
Volker Birk

The whole thing is ridiculous. At best, the VB complier wants network access for possible assemblies that it may need to access that may be on another machine on the LAN. The software may have some kind of TCP software in it that will make it check for a network connection.

The PFW with application control is probably too stupid to know the difference and flags anything trying to use TCP in a LAN or WAN situation and just flags it.

Duane :)

Reply to
Duane Arnold

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.