Re: Is additional firewall necessary?

Sebastian Gottschalk wrote:
freesailor wrote:

What?
Windows does nothing to prevent malware sending data outside (even
having a so-called "native desktop firewall"),

I simply don't execute any malware. Now, that was easy.

So, you are every time sure it's not a malware.
As I'll say later, you are a genious or ...


do you believe it can stop malware installing and running too? :-O

Why should it stop something that can't even happen? How should malware get
executed automatically and without my consent? I'm not using any program in
any configuration which would allow such an insanely stupid thing.

So, you perfectly know how every programs behave.
As I'll say later, you are a genious or ...


And, again, I fail to see your argument. If the malware got executed,
you're hosed. It will simply bypass you "firewall" and do whatever it wants
to do.

So, you are ready to *trust* every program you make running without
using any security software, because you are *sure* it behaves well
*and*
at the same time you are *sure* that every malware is able to easily
circumvent any security software?

My God, this is one of the strangest "reasoning" I ran across!
Quite worrying ... :-(


After all, taking care involves nothing more than sane operation. I fail to
see why one should install any additional software. What threats should it
protect against, and why should they not trivially be addressed without
such software? Enlighten me.

You seems to live outside this world, at least outside of
"Windows-using real-world" ...

I still wonder if you can give just one example. Because, the default
assumption is that no such threat exists.

So, you didn't read my comment and/or you are fully unable to
understand that enterprise users can't act as skilled and
security-aware home users.
If you can't understand that, you'll keep on giving worthless advices.

For example, stopping any program that insists "calling home" just at
the first run,

Doesn't work, for obvious reasons.

It works everyday.
Didn't you noticed I'm talking about not-malware applications in this
case?

No, I didn't. But then, it's totally superfluos.

Oh, yes, tell us why! ... :-D


Maybe you aren't aware of this, but there is a lot of not-malware
applications around (many of those wants to "call home")

There is no not-malware application trying to "call home". Actually
competent people are aware that this is a big hype around technical
incompetence, and no such claim ever turned out to be serious. Or can you
provide any example?

Sure: Real Player just after installing it, for example.
I really don't like any program that tries to connect to its servers
without asking it to me explicitely, just because that's the marketing
choice of its maker, just like I hate programs that install themselves
at startup without asking for my permission.
Moreover, even when "uncheck internet call" is available on the program
panel you could misconfigure or forget to configure it: using a desktop
firewall avoid that (surprising, isn't it? ;-)


Ah... any argument here? Just give me an example of a program that would
normally qualify as a "desktop firewall" which is not trivially vulnerable
to various DoS conditions, doesn't introduce any known non-DoS
vulnerabilities and provides an adequate protection against threats that
justifies the introduced complexity.

Complexity? What complexity?

Eh... 3 MB of code with 300+ KB for an NDIS hook, hooking 200+ usermode
functions and sometimes even kernel functions... for a typical PFW...
certainly is an enormous amount of complexity added to the system.

Office software (especially Windows office software) is much more
complex and even more bound to OS internals.
So I suppose you just use Notepad and similar tools every time you need
to write a document ...


It seems you don't know what you are talking about ...

Or you don't. From the figures above, I'd just estimate about 100+
vulnerabilities and 1000+ deadlock conditions added to the system. Now, how
can you justify this?

If you "estimate" 100+ vulnerabilities just looking at program size,
there are just two cases:
1) you are a genius
2) you are ... well ...

Frankly speaking, it seems to me you are *NOT* a genius, so ... :-)


I rest my case. This is too obvious.


You have the ability of considering obvious what's not, and vice
versa!



Hm... your claim was that your never had any problem with this software,
and therefore is a necessity.

Not at all, never said that.
I just said that is *BETTER* having it rather not having.
Especially for a not security-aware user.

I easily debunked this with showing that the
same can be trivially achieved with this software, therefore proving that
it's not any necessity.

In fact, it's not a necessity, just good practice.


And the default assumption is that less software is better, due to
complexity. Thus, my argument wins.

Your argument could (hardly) be good for you, not for zillions of users
in the world.
(BTW, why you need a Windows machine, too? ;-)



Maybe you should look up what "riskware" means and why you cross-check
arguments doesn't even partially apply here.


No?
It applies perfectly, the fact is you are just unable to retort.
BTW: I was afraid you would go further with "conspiration theories"
about general antivirus companies compliciy and the like, happy not
having seen that (at least for now ... ;-)



Just one thing is sure: you ignore how the real world goes on.
In practice, you are saying: seat belts don't give you full security
(true), so don't fasten seat belts.

In practice, this shows how much you're lacking logic thinking.

Seat belts won't make you make vulnerable to car crashs, and neither does
full security exist in analogue world. That's why your analogy is bull***.

Even desktop firewalls won't make you more vulnerable: it's just your
belief, based on the strange assumption that they add *more*
vulnerability than they in fact *stop* and/or the mere *possibility*
they contain malware.

And, by the way, contrarily to what you said even seat belts can make
you *more* vulnerable to car crashes (the most cited case is the car
falling into a canal full of water), nevertheless the good advice
(being bad just in one case on many thousand car crashes) is to fasten
them.
So, you can see how easy for me is to show clearly that is YOU the one
who lacks logic thinking ... :-)

freesailor

.