I first came up with the line above about four years ago, soon after I got my first software firewall, from ZoneAlarm.
Nothing has happened since to change my mind, except to make the call more urgent.
USA Today's test of a half-dozen "honeypot" computers, left unprotected with broadband connections, should be required reeading. It's gone from threat to certainty that your computer will be turned into a spambot zombie if you don't have a firewall.
The situation is so dire I had to change my mind on something.
That something is Microsoft's mandatory firewall in Windows XP.
When I first downloaded the SP2, with its mandatory firewall, I was more than a little dubious. After all I already had a good one, from Trend Micro.
I got angry when, over the course of time, Microsoft practically forced me to use their firewall, rather than Trend's. They brought up an error message saying "Trend's off" and, upon clicking the button, I got the screen to turn Microsoft's on. When I rejected that solution I found that Trend's was turned off permanently, that I couldn't turn it on. I was hosed, unless I let Microsoft do the job.
This is the kind of "embrace and extend" stuff I hate from Microsoft. But in the case of making firewalls mandatory, I can't complain.
Some two-thirds of home PCs are still going around without firewalls. The reasons are cost and the difficulty of configuring the things. So having one in the operating system, with pre-sets, makes great sense. It's not a great solution for the savvy user, but anything is better than being naked in this storm.
Really, at this point everyone needs firewall, antivirus, and antispyware software. That you can get all this for $40/year from Norton and probably much cheaper elsewhere (practically free if you want to use a hodgepodge of different programs) means there is no reason not to do so. That said, many people still don't. It's kind of like seatbelts and motorcycle helmets. I certainly don't want the government enforcing a "computer seatbelt" law, but maybe the ISPs could do so. It should be easy for them to check if you have a firewall and throttle your uplink if you don't. Now, one might say the unprotected deserve what they get, but just as unnecessary injuries and deaths increase the cost of healthcare for everyone, rampaging worms, viruses, and spam have negative economic impact. On the other hand, like Speed Limits, Prohibition, and the War on Drugs the cure might be worse than the disease when it comes to forcing people to act in their own best interest.
Permalink to CommentI have never heard of Microsoft forcing people to use the SP2 firewall. MS provides instructions on how to turn it off.
1. click 'Start' button then 'Control Panel' option.
2. click on 'Security Center' then 'Windows Firewall' option.
or (in classic view) double click on the 'Windows Firewall' icon - see Firewall dialog.
3. click on the 'Off (not recommended)' option then click OK.
Experienced users are recommended to turn off the SP2 firewall and use ZoneAlarm or Sygate, etc. instead.
Software firewalls do something that SP2's firewall does not do--block and filter outbound connections as well. The quote from Microsoft: "Windows Firewall will automatically allow all outbound connections, regardless of the program and the user context."
Why block outbound connections? Software packages send information back to "home-base" all the time. Spyware can collect information and send it back to the author. These are invasions of your privacy that Zone Alarm and most other software firewalls stop, - but SP2 won't.
SP2's firewall will be good because it will decrease the number of targets for hackers and authors of spyware. Users who are not experienced enough to install a software firewall will have an easy option available to them and turned on by default. But a good software firewall is a better option.
BillK
Permalink to Comment