Re: Is additional firewall necessary?

Sebastian Gottschalk wrote:
freesailor wrote:

deactivate any desktop firewall, but by not using such a firewall you
open the door even to *simpler malware written by kids* ...

Now you're really showing what's really plain bull***.

ROTFL!

Must be so ROFTL that my system is trivially secure without running any
such "firewall" and would most likely suffer from newly introduced
vulnerabilities when installing such a thing.

Sure, if you install just application written by you, you'll be even
safer ...


But please, just state how such "simpler malware" could successfully
exploited a fully patched Windows XP SP2 in standard configuration.

What?
Windows does nothing to prevent malware sending data outside (even
having a so-called "native desktop firewall"), do you believe it can
stop malware installing and running too? :-O


Admitting that a well-written malicious application could circumvent
security software is no excuse for taking any care at all

And you're twisting "taking care" with "installing pseudo-security stuff".

LOL!
Just the second usual "false sense of security" bull*** I was talking
about!

I wonder... are you talking to a mirror? It seems like you have a problem
with logic thinking.

Same thing I'm sure about you, now.


After all, taking care involves nothing more than sane operation. I fail to
see why one should install any additional software. What threats should it
protect against, and why should they not trivially be addressed without
such software? Enlighten me.

You seems to live outside this world, at least outside of
"Windows-using real-world" ...


Moreover, using a (real) desktop firewall allows you to be alerted when
not-malware applications try to connect with outside, letting you the
option to deny this (you can think at many circumstances for it, some
legitimate, some much less but ...).

I fail to see any. Please enlighten my.

For example, stopping any program that insists "calling home" just at
the first run,

Doesn't work, for obvious reasons.

It works everyday.
Didn't you noticed I'm talking about not-malware applications in this
case?
Maybe you aren't aware of this, but there is a lot of not-malware
applications around (many of those wants to "call home") ... ;-)


sometimes even before you have the chance to uncheck the
"connect for updates" option (if there is any ...).

Can you provide an example of a legitimate or pseudo-legitimate program
behaving in such a way? I guess you can't, because such programs don't
exist.

It's a basic privacy safeguard, quite surprised to have to mention it
here ...

It's no safeguard, so I wonder why you wonder that such a thing has to be
mentioned somehow.

I repeat: you are leaving in a world apart.
Not just a paranoic, but a childish world, too ...



My advice: turn off the much-limited Windows XP SP2 firewall and
install a good desktop firewall.

Such a thing doesn't exist.

ROTFL!

Ah... any argument here? Just give me an example of a program that would
normally qualify as a "desktop firewall" which is not trivially vulnerable
to various DoS conditions, doesn't introduce any known non-DoS
vulnerabilities and provides an adequate protection against threats that
justifies the introduced complexity.

Complexity? What complexity?
It seems you don't know what you are talking about ...


I had to repeat it: I use ZoneAlarm since version 3.x (it was many
years ago). Only time I had some trouble was with a very old version
that had problems with Norton Antivirus (this is just one of the
reasons why I gave up with Norton and choose a less intrusive
antivirus, living happy since then ...).

And I repeat: I never used any "personal firewall" or "virus scanners". And
I never had any problems at all.

So, now it's clear: you REALLY don't know what you are talking about!
This explains a lot, thanks for the admission.

Well, I believe that various vendors have a political agenda. F.E. McAfee
detects the well known port scanner Nmap as riskware with various bogus
claims, but their own port scanner doesn't get detected beside the same
bogus claims would hold.
But I think most people would agree on that.

Maybe you're right, maybe you're just paranoid (just like people saying
antivirus companies are virus makers).
Your paranoia could be acceptable just if there weren't many
independent companies and you can always make cross-checks (the simpler
"technique" is to use an on-line antivirus and a different one off-line
and double scan every downloaded software).


No, I guess you couldn't. Since you obviously like to ignore how the
technology actually works.

Just one thing is sure: you ignore how the real world goes on.
In practice, you are saying: seat belts don't give you full security
(true), so don't fasten seat belts.
Quite useful and well-though approach ... :-D

freesailor

.