Windows Vista's half-cocked firewall

Discussion in 'Security' started by Jason, Feb 6, 2007.

  1. Jason

    Jason

    Joined:
    Sep 26, 2005
    Messages:
    2,081
    Likes Received:
    0
    Location:
    Chicago,IL
    When is a personal firewall not truly a firewall? How about when it's made by Microsoft? Last week I listed how home users won't see all of the "new" security features available within Windows Vista, the new operating system from Microsoft. One of those "new" security features is the Windows Firewall, available in all editions of Windows Vista. The Windows Firewall is of course not new; it's already available in Windows XP SP2, but it works only one-way, that is, it only blocks malicious inbound connections. In Windows Vista, Microsoft says its new Windows Firewall is now two-way, that it adds outbound protection, but a closer look reveals that this is more deceptive marketing spin. With Windows Vista what you get turns out to be a half-cocked firewall that's hardly worth the upgrade.

    <B class=a3 style="COLOR: #c30">What's what[/B]
    Let's define terms. Within the new Windows Firewall with Advanced Security on Local Computer console, after clicking Continue on the trivial User Account Control dialog box, you will see that both inbound and outbound connections are now represented. Further, inbound and outbound connections are either allowed or blocked for three distinct profiles: Domain Policy (corporate networks), Private Profile (home networks), and Public Profile (Wi-Fi hot spots). Under each profile there are different icons followed by some legalese: For example, a "good" icon (a white check mark in a green circle) appears next to the sentence "Inbound connections that do not match a rule are blocked," and a "blocked" icon (the Not symbol in red) appears next to the sentence "Outbound connections that do not match a rule are allowed."<TABLE cellSpacing=0 cellPadding=0 align=right border=0><TBODY><TR><TD>[​IMG]</TD><TD width=220><SPAN class=a3 style="COLOR: #cc3300">[​IMG] In Windows Vista, Microsoft says its new Windows Firewall is now two-way, that it added outbound protection, but a closer look reveals that this is more deceptive marketing spin. [​IMG] </SPAN></TD></TR><TR><TD colSpan=2>[​IMG]</TD></TR></TBODY></TABLE>

    It's confusing, so let's break it apart further. Basically, if there's a rule, inbound connections from the Internet to your computer are blocked, which is what you want: protection from malware. Thus, the blocked icon here makes sense. But for outbound--that is, those connections starting within your computer and going out to the Internet-- connections are allowed except when excepted. Here Microsoft uses the good icon. This is not good.

    <B class=a3 style="COLOR: #c30">Outbound protection is…where?[/B]
    In an e-mail, Rowan Trollope, Vice President of Consumer Engineering at Symantec, offered this interpretation: "We have discovered that though Vista's outbound firewall is 'on' by default, all outbound connects that do not match a rule are allowed. In the default configuration, there are no outbound 'block' rules, only allow rules. In other words, even though [the Windows Firewall outbound protection is] on, it is not doing anything."

    Microsoft shouldn't be surprised to see these comments about its firewall in print. I've been voicing my Windows Vista firewall concerns for more than a year, and before that, I was pestering the company about having only one-way firewall protection in Windows XP SP2.<TABLE cellSpacing=0 cellPadding=0 align=left border=0><TBODY><TR><TD
     
    Jason, Feb 6, 2007
    #1
    1. Advertisements

  2. Jason

    Bistro

    Joined:
    Oct 17, 2006
    Messages:
    28
    Likes Received:
    0
    It was probably programmed by a Wisconsin Swiss cheese manufacturer....:angry:

    Let's go, ZoneLabs....you're WAY behind the power curve here!! Give us ZoneAlarm for Vista NOW!!
     
    Bistro, Feb 6, 2007
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.