faq  flatforty  contribute  subscribe  configure  search  rdf  main  parent  thread	Door Locks by Ian M on Sunday 05/May/2002, @18:02 Just because you can break in through the window, doesn't mean you shouldn't lock your door. When GRC was talking to Microsoft about the full implementation of TCP/IP in Windows XP Microsoft had a hard time grasping this concept. They argued that because drivers could be installed in current machines giving windows machines raw sockets (and thus ip-spoofing capablity), what could be so bad about giving alll windows machines this by default? Having ZoneAlarm-like functionality would be nice in Linux because the crackers would have to go through the extra effort to get a program to connect to the internet without user permission. Though your right, checksums would be needed to verify programs or else getting around the firewall would be way to easy. Ian http://ian.webhop.org	Related Links  ·   Articles on Applications  ·   Also by Ian M  ·   Contact author Thread Threshold: 10 comments 20 comments 30 comments 40 comments 50 comments 60 comments 70 comments 80 comments 90 comments 100 comments 110 comments 120 comments 130 comments 140 comments 150 comments 160 comments 170 comments 180 comments 190 comments 200 comments 300 comments 400 comments 500 comments 1000 comments
	The Fine Print: The following comments are owned by whomever posted them. ( Reply ) Re: Door Locks by Simon on Monday 06/May/2002, @14:16 This is a good comment. Zone-alarm is protecting us from "legitimate" software calling out without our knowledge ie spyware. Further the spyware is only really hostile in the same sense that Mcdonalds is hostile, it's just something you want to keep under control before it does do you harm This software can only crawl so far up the hostility ladder before the principals will fall foul of anti-hacking laws. Commercial spyware that renames itself as mozilla to dial out would probably be illegal. Light protection could be quite effective against spyware. [ Reply To This | View ] Re: Door Locks by Michael on Tuesday 07/May/2002, @04:45 If you don't trust your applications, you need sandboxing. Sandboxing, as I hinted above, is more than a 'yes/no' question to "can program X connect to x.x.x.x on port Y". By definition, that's a lot of questions to answer for your web browser - or else you allow your web browser all access on port 80? In which case, what are you protecting by asking the question? Perhaps you really want your web browser not to send personal info? "Protect the info" then seems a better idea than pretending you've secured the network against information leakage, no? You have to learn from the mistakes windows software has made, not copy what they do to try and reach the same unsatisfactory point. [ Reply To This | View ] Re: Door Locks by Michael on Tuesday 07/May/2002, @04:19 No, simply put, ZA doesn't make anything harder for code running on the same machine as ZA. Period. (I would expand further on the performing moustaches stuff about raw sockets, but there's plenty of that elsewhere - suffice to say linux tcp/ip has them and I doubt you'll get far trying to get them removed - certainly not with cliched statements about doors and windows) [ Reply To This | View ] The Fine Print: The previous comments are owned by whomever posted them. ( Reply )

		"Sorry, security is not optional." -- Waldo Bastian
KDE®, "K Desktop Environment", "KDE Dot News", "got the dot?" and the KDE Logo® are trademarks or registered trademarks of KDE e.V. in the European Union, the United States and other countries. All other trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the poster. The rest: Copyright © 2000-2008 KDE e.V. for The KDE Project. For further information or comments on this site, please contact the Webmaster.

[ home | post article | flat forty | subscribe | search | rdf ]