(Mis)Uses of Technology

by Mike Masnick

Firewalls Might Be More Useful If They Weren't So Damn Cryptic

from the not-helping-anyone dept

Like many people, I use a software firewall on my computer. On a semi-regular basis, it pops up absolutely cryptic messages, alerting me to something trying to connect to something. The details are never particularly clear, and while most of them are probably legitimate programs doing legitimate things, I've taken to simply denying them all. Every once in a while, this leads to problems, as certain applications stop working properly and I need to go in and figure out what the problem is. Apparently, I'm not the only one dealing with this. Dan Gillmor is complaining about a very similar issue as he tries to figure out if he should allow a certain connection that his firewall is warning him about. The answer appears to be that it shouldn't be a problem -- but he needed an expert to tell him that. That's leading some to wonder if firewalls shouldn't have a bit more expertise (and user friendliness) built in, to give you more clues about what the various connections might mean. Of course, that's incredibly difficult, and even the sample "solutions" provided by David Berlind raise more questions (for example, in one solution, he tries to provide more context by asking people to confirm what their email server is -- but a non-technical person might not know that information). Of course, instead of making the situation better, it looks like some firewall makers are making it worse by turning some of those messages into marketing messages. Jeremy Wagstaff has noticed that ZoneAlarm popped up one of its regular messages that's really just an advertisement for their new anti-spyware product, but it's designed to make you feel like your computer is unsafe.

Reader Comments (rss)

(Flattened / Threaded)

  1. identicon
    COD, Oct 26th, 2005 @ 4:53pm


    With a hardware firewall in place, and a strict no IE / no Outlook rule on my computers, I haven't felt the need for Zone Alarm in years.

    reply to this | link to this | view in thread ]

  2. identicon
    Techie, Oct 26th, 2005 @ 5:21pm

    Re: http://odonnellweb.com

    Yeah, so do you go with firefox that has just as may vulnerabilites as IE. Look at the DATA!

    reply to this | link to this | view in thread ]

  3. identicon
    thatguy, Oct 26th, 2005 @ 5:38pm


    I stopped using zone alarm as soon as fake threat advertising messages starting popping up. I mean what kind of crap is that? It's almost insulting to my intelligence for them to try to pull that shit.

    As far as not knowing what a process is doing when asked whether or not it should be allowed to connect to the internet, a simple google search can answer 9 times out of 10. At least this is what I do when I'm having one of those paranoia days.

    reply to this | link to this | view in thread ]

  4. identicon
    4ltern4te_Stre4m, Oct 26th, 2005 @ 5:42pm

    everyone wan' go heaven, nobody wanna get dead...

    Unfortunately, the only real answer to this particular problem (at the moment) is that users of technology will actually have to *learn* something about it. As we all may surmise, this will probably not happen with abandon. That's sad, because I like to think that if you use a computer as a function or condition of your employment, it should seem at least *fairly* important to you to make an effort to master it. If you sit at a computer at work, and you know nothing about it, your employer is getting ripped off. (as would be anyone else you'd work for)

    reply to this | link to this | view in thread ]

  5. identicon
    Landon, Oct 26th, 2005 @ 6:06pm


    Firewalls are pointless anyways. I dont really think that someone wants to get in your computer and mess you up. The only people that really need them are businesses. If its a program on your computer that is trying to send out a signal then its nothing a simple anti-virus program cant pick up. If your concerned about getting your computer hacked then you should just go play the lottery, youll have better chances. All software companies are trying to do is make people paranoid to try and sell their product.

    reply to this | link to this | view in thread ]

  6. identicon
    Anonymous Coward, Oct 26th, 2005 @ 7:12pm

    Re: Firewalls

    Too true. I have no firewall, since I got really freaking tired of allowing or denying every dang program on my computer access, and repeating the process every time I ran an update or made any changes to the program. Plus all of them screwed up my home wireless network. I've never been "hacked" yet.

    reply to this | link to this | view in thread ]

  7. identicon
    Neosin, Oct 26th, 2005 @ 7:17pm

    Re: Firewalls

    Well, i have 2 PCs, a fileserver and a laptop. However i have had people try to crack the fileserver many times. I make backups of everything i buy, games and movies and think about that for a min. If they did get that what would happen? You bet a good hardware firewall with NAT ENABLED! You gotta be safe it's no joke anymore. 5 years ago i would agree... it's not needed. But stupid people are doing stupid things these days on the computer. Quickbooks, MSMoney, bla bla bla passwords, it's to easy for people to steal IDs these days due to a open Xp machine on cable or DSL...

    So yea i'd say at least a good linksys cable/dsl router with NAT would work for most. LOL here is my IP come and get me suckas :D

    reply to this | link to this | view in thread ]

  8. identicon
    John Ramsay, Oct 26th, 2005 @ 7:31pm

    How about no settings at all?

    Why can't the router/firewall sense more with out bugging me. I feel like they manufacter should know which firewall setup by how I found anti-whatever software. If they snag me with a pretty lame fake-windows popup from a MSN entertainment page, then I deserve the block everything until I cry that I can't open somwthing as a result.

    reply to this | link to this | view in thread ]

  9. identicon
    h4x0r, Oct 26th, 2005 @ 8:34pm

    Re: Firewalls

    Ok, so your telling us your a ten year old idiot? When you check your email, they have the opurtunity to take your password, when you purchuse something online, they can grab your credit card numbers. I use a firewall (sygate PRO) and I notice ALOT of portsniffing. (for you n00bs that means they try to figure out which port is open so they can connect)

    Seriously, with idiots like you makes the h4x0rz (again for you n00bz, hackers) time worthwhile.

    Its like saying, "An astronaut doesnt need his space suit in outerspace..."

    Retarded ignorant bastard...

    reply to this | link to this | view in thread ]

  10. identicon
    VonSkippy, Oct 26th, 2005 @ 8:45pm

    Gotta love stupid people

    I love the dumbass people who think they don't need a firewall. More zombie systems for me - and since I get paid by the control count - bigger is definitely better. So leave your system directly connected to the net, or use a software firewall (basically the same thing), only thing that makes it a bit difficult is hardware firewalls, but then people are still so stupid I can usually get them to load the software payload I want just by sending them emails or setting up a web page. Moron's ROCK!!!!!

    reply to this | link to this | view in thread ]

  11. identicon
    Jeremy, Oct 26th, 2005 @ 8:49pm

    Ignorance is not bliss

    Your firewall is configured to alert you for all threats more than likely. Any software firewall worth it's weight will have a silent mode which does not pop up unless certain criteria, which the user sets, are met. Read the manual, help files, or pay someone with the knowledge to configure it for you. It is sort of like buying a guard dog and then getting aggravated when it barks...

    reply to this | link to this | view in thread ]

  12. identicon
    Jeremy, Oct 26th, 2005 @ 8:52pm

    Re: Firewalls

    Go look at your firewall logs (if you know wehre to find them) and then tell me nobody is trying to get into your computer.....

    I suppose germs don't really exist either right?

    reply to this | link to this | view in thread ]

  13. identicon
    Anonymous Coward, Oct 26th, 2005 @ 9:09pm

    Re: Firewalls

    Don't need a firewall? Hope you like that dialup or your linux box.

    ANY Windows installation isn't safe. Period. And I can say that without being a linux/OSX zealot either. As a Windows SysAdmin for 13 years, I've seen my share of "I thought it was protected" or "I have a virus scanner" (Unsaid: Way out of date or has a expired subscription)

    If you are on cable, the whole underground community knows your phone number. And they case your house constantly. If you don't lock your windows and actually pay attention, you'll get wacked with the next Blaster/Sasser/RedAlert/MyDoom/Etc variant

    Software firewalls drag on your CPU cycles. Cheap NAT routers can suffice, if you properly know how to set them up. REAL firewalls, such as the Cisco PIX take time, effort, and knowledge to maintain but nobody gets in.

    I enjoy watching my mail filter at work send all kinds of bogus crap from compromised DSL and cable connections (a majority of our spam)

    Wonder when I'll see your "I don't need a firewall" connection attempt to spam my mailbox...

    reply to this | link to this | view in thread ]

  14. identicon
    Jeremy, Oct 26th, 2005 @ 9:25pm

    Re: Firewalls

    ummmm yah, hmmmm ok. I am not going to give you a wan/lan lesson but could you go to http://www.whatismyip.com and post your real IP so I can test your hardware firewall with NAT ENABLED?

    reply to this | link to this | view in thread ]

  15. identicon
    Ryan, Oct 26th, 2005 @ 10:38pm

    Re: Firewalls

    Ooooohhhh a techie war....HOW GAY. Grow up you ignorant losers and get a freaking life instead of fighting over who's system is more secure.

    reply to this | link to this | view in thread ]

  16. identicon
    Stinky Old Fart, Oct 27th, 2005 @ 12:21am

    No Subject Given

    I would think that firewalls are going to progress just like everything else has. Used to be that computers were difficult to run. You had to have a degree just to turn the silly thing on, but as time wore on, computers got easier and easier to run.
    These days, you don't have to have very much of a computer IQ to get the a PC running, and with a little creativity, anybody can fix just about anything, as long as they don't let their fear get in the way.
    Firewalls have only been something that the general public has really had to worry about for the last 5 years or so. I imagine within the next 5 years, fire wall designers will refine their techniques and make these systems more and more user friendly.
    The other side of the coin is exposure. Many of the terms and phraises used in firewalls aren't apart of our normal lexicon. That will change too , thus easing people's pain.

    reply to this | link to this | view in thread ]

  17. identicon
    Um, Oct 27th, 2005 @ 3:09am


    Really, I think it should be said that you don't need a firewall IF your careful not to download this or go to that page or this. It's like a minefield out there, and yes I suppose you wouldn't need a firewall if you more or less were perfect in your web surfing. Though, even then you wouldn't be safe, but if you were not very important to anybody or are smart enough not to leave your creditcard number lying around, nobody's going to want to take shit from you (A good chance of that). A firewall has saved me many pains in the asses, and at least my firewall lets you confiqure it so that when intrusion does almost happen nothing pops up. Oh, as for blocking connections, it isn't that complex. If your somewhere you shouldn't be on the net, or have downloaded something you shouldn't have you simply block it. Or you could block everything, and then continuously configure your firewall for the programs you don't want blocked. One last note, software firewall Vs hardware firewall depends. If you've truely got something to hide, well eat your heart out with a hardware firewall. Otherwise, what's the point? I don't keep important information on my computer anyway and even if I did there is nobody out there who would give a damn about anything that I've got. For your average Joe, it's really just about knowing how to be safe on the internet with a dose of common sense.

    reply to this | link to this | view in thread ]

  18. identicon
    Pete Austin, Oct 27th, 2005 @ 3:39am

    Hackers are like Poker Players

    When a good poker player compliments you on how you played the last hand, it's possible you just did something really risky and he hopes you will repeat it.

    reply to this | link to this | view in thread ]

  19. identicon
    joe, Oct 27th, 2005 @ 4:19am

    Re: ridiculous

    well maybe if you actually payed for the program you wouldn't get the ad.... Ever thought how they could keep it free.. I've used a full copy of zone alarm security suite and never had one ad.. The reason.. I payed for the product......

    reply to this | link to this | view in thread ]

  20. identicon
    Jesse McNelis, Oct 27th, 2005 @ 5:04am

    Software firewall == useless

    Software firewalls are insane. They require that a user runs with admin priviledge to responsed to those popup connection messages. Running with admin priviledge is worst then any possible use the software firewall will give.

    reply to this | link to this | view in thread ]

  21. identicon
    Frank McCourry, Oct 27th, 2005 @ 6:05am

    So simple... it's stupid.

    Like it was said in some previous posts. Get a NAT enable firewall and get the software off of your system. I'm a Service manager for a computer repair company and I see this crap all the time. Users fall prey to software comapnies advertising a "better firewall". I had one customer with 4 firewalls installed and actually tried to get the cops involved because he was so paranoid about his computer constantly being hacked! He didn't even run a business, there was nothing of any value on his system. We sold hime a Linksys Cable/DSL router and uninstalled his software, he's been happy ever since.

    reply to this | link to this | view in thread ]

  22. identicon
    KB, Oct 27th, 2005 @ 6:51am

    Re: Firewalls

    I agree with this post. At least get a Cable/DSL router to block out any uncommon ports and keep your IP private. If you're sitting out on the Net with a global, you're going to get hacked, it's just a matter of time. And when you do get hacked, you probably won't know it until you see a charge on your credit card for something you didn't buy.

    reply to this | link to this | view in thread ]

  23. identicon
    Paranoid, Oct 27th, 2005 @ 7:03am


    You guys aren't nearly paranoid enough. Go get a cheap firewall box from linksys or whatever. it's better than software and costs the same in many cases as a software firewall. (if you don't use a freeby)

    Techie: Jeez, grow up. Firefox is better than IE just because every jackass and script kiddy on the planet is trying to hit IE. Firefox is less of a target, for the moment.

    reply to this | link to this | view in thread ]

  24. identicon
    malhombre, Oct 27th, 2005 @ 7:41am

    2 way street

    So I run ZA cause it's free and pretty easy to configure and especially reconfigure. Every so often I go in and wipe the slate clean as to whats allowed...then item by item I decide what to re-allow.

    While I realize that ZA isn't anywhere near as secure as a hardware firewall, I'm not going out and buy one for home use and there is at least one good reason to continue using it: keeping tabs on the outgoing stuff helps to find out what if anything is getting reported to 3rd parties.

    I am on cable, NAT router, wireless but so far no intrusions to date so it seems to be a pretty effective setup.

    Also, AVG antivirus (http://www.grisoft.com) has kept me in good stead for years at no cost. In addition to email, any and everything I download from the web, I force a scan (simple right-click) which has turned up scads of embedded virii in free stuff!

    For spyware, MS Antispyware AND Ad-Aware together work pretty well.

    In using all of these, you must set them to run the regularly scheduled downloads and updates to keep them current. Don't do that and will get hit.

    The bottom line: all for free, no successful intrusions in years, and much much easier and less intrusive than some of the commercial stuff (i.e. Norton Firewall).

    reply to this | link to this | view in thread ]

  25. identicon
    Nicholas, Oct 27th, 2005 @ 10:10am

    What a waste of time

    Any and all Software Firewalls are crap anyway. If you're going to have a firewall that isn't stand alone, at least put it on the router.

    The purpose of a firewall is to prevent someone from gaining access to any part of your PC. If your PC's software has to say, HEY!!! SOMEONE IS TRYING TO LOOK AT ME!!! It kinda defeats the purpose, doesn't it?

    reply to this | link to this | view in thread ]

  26. identicon
    thatguy, Oct 27th, 2005 @ 12:05pm

    Re: ridiculous

    You're absolutely right! But one thing zone alarm is forgetting is there are FREE alternatives out there (not to mention free ways to register their products if I chose to). And as soon as they started to try to TRICK me into buying their product, I started using the freeware.

    And obviously there IS a way for them to make it free if others are able to do it. They simply choose not to and pull sneeky acts in order to get more people to purchase. I find that an immoral business practice and therefore I will not use their products.

    Who wins now?

    reply to this | link to this | view in thread ]

  27. identicon
    Bob, Oct 27th, 2005 @ 2:36pm

    Re: ridiculous

    Even though Zonealarm is free gratis with the occasional odd pop-up now, it's still built much better than other free softwalls out there. I'll agree there's a lot of added complexity than former simpler versions that did the same thing, but still..

    It is freeware.. what do you expect from it.

    If you remember, the ad bubble popped 5 years ago. Finding freeware on the net today.. ahem, GOOD freeware.. is dwindling down to nothing. Generally speaking, the net is slowly maturing from a scientific and informational medium to a commercial one, where services are paid for instead of given out free. The trend would also apply to firewall software that is free.

    Although, they could make it easier I would agree on that. As most users simply want to install it and ignore it, they don't want to deal with it or even see it. They want to know they're protected, yet don't want the reminders of it.

    reply to this | link to this | view in thread ]

  28. identicon
    Viking, Oct 29th, 2005 @ 12:05pm

    Re: Firewalls

    Oh, not true at all. Ever hear of botnets? Read this little news item. Then install your firewall.

    reply to this | link to this | view in thread ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.