Leythos schrieb:
And this is any better if you are using a personal firewall? You're joking! If you run malware with admin rights, you will lose anyway! Your concept is simply wrong. We do not need a personal firewall that tries to protect its settings from other programs with the same rights (that doesn't work) -- we need to enforce that regular users don't work with admin rights!
Wolf
Dude, you and I were pointing to the same thing, you just didn't take what I wrote as I intended.
Try to look at it with the eyes of the average user. What does he/she want? Something that just works right after install. And when installing Skype, they want good sound quality on their connections. If opening an inbound port is what Skype needs to work well, that's it.
Average users don't care for a second what ports are open and why. So why ask questions about something they would'nt know how to answer properly anyway? And an open port really is not the end of the world. There would'nt be much web surfing in a world of closed ports. It is only a problem if Skype has a flaw AND someone figures out how to take advantage of it AND decide to hit on You. If You are not ready to accept that kind of risk, don't install Skype in the first place. It's that simple.
Yup. When running as admin any program can do anything :-)
/B. Nice
At the present situation only the latter is in question.
Users usually aren't aware of risks, that's why their even think of installing Skype.
I know, but that is true for a lot of app's. My point was that an open port in itself is not the end of the world.
Then they better start. That's why I am preaching it all the time.
'fraid not. He'll never understand that it's utterly pointless to try and protect Windows from its administrator and that no personal firewall will change anything about this.
cu
59cobalt
I think you both misunderstand, I fully agree that a user running as an Administrator can't protect his computer 99% of the time. I never have questioned it. What I was trying to say is that most people already run as Administrators, and while the malware can make an exception in the Windows Firewall rules without alerting the user, most of the third party apps WILL notify the user about the change, but I didn't say anything about it blocking the change (which a few will do unless the user approves it manually).
And my point was that no firewall or packet filter whatsoever is an excuse for running defective software. Not doing so is an essential part of host security.
Me too, but, you know, user education is one of the six dumbest ideas of computer security.
Eh, yes. Using Sygate Personal Firewall:
- By default inbound connexion are prevented,
- Skype cannot change this, even when run in an admin session,
- I am informed of the first atempt of Skype to connect to internet; I can then choose to allow connexion, inbound or outbound, permanently or just for once
Windows firewall doesn't deserve that name, and you are probably a troll, repeating and repeating endless that Windows firewall is good for user and that they don't need any personal firewall
Are you paid by Microsoft? Or do you simply want to prevent user to protect themselves before yopu want to hack their computer? Just try with mine :-)
Sure. But then again, what is non-defective software? And maybe more important: How do You determine that it is?
In fact, I will have to disagree with You on this one :-)
In my opinion You cannot do without.
Ooh, spooky. Actually that's quite bad.
It could, if it wanted. Wanna write a feature request?
And if Skype wanted to, it could answer the question on your behalf. Serious malware usually does so.
Neither does Sygate PFW.
Or, wait, Windows Firewall actually can be used in conjunction with ICS as a routing firewall.
Assuming that "X-Newsreader: Microsoft Outlook Express 6.00.2900.2869" is correct, that would be kinda trivial.
Same for the Windows Firewall.
Of course it can, though it probably doesn't.
Unless Skype made any attempts to bypass this, of course.
Read [1] to understand why you can't rely on Sygate (or other personal firewalls).
Besides, you forgot to mention that with Sygate you have an interactive service running with SYSTEM privileges, thus rendering your system vulnerable to shatter-style attacks.
[1]
Actually any reasonably spread software which has a short and not-so-serious bug history qualifies as such. It's easier to explicitly tell which software is defective.
That's right. But user education fails in reality, and that's why the current situation is that bad.
I don't think so. And I don't think, that this list is of any value.
Yours, VB.
I don't think so.
Computer systems have to be as secure as possible out of the box. And this means, all social engineering attacks are remaining threats.
And for the PEBKAC problem, there is nothing but user education. And therefore it's so important.
Yours, VB.
Once again: It is important, but you can clearly see that is reality it fails so badly.
I don't either. I suppose Sebastian is referring to [1]. However, even though the author has some points there I cannot agree with most of his reasoning.
[1]
This is obviously not reasoning, it's a sarcastic and polemic view on (sadly) harsh reality. It should give you an idea rather than an advice.
Just take a look at the Blaster and Sasser worms - this is where user education has failed.
Which makes the statements utterly pointless in this discussion.
User education can only fail if the users actually *got* educated in the first place.
cu
59cobalt
Failing user education also is the fail to educate users in first place.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.