“Security experts and vendors this week welcomed the introduction of Windows Firewall, part of Windows XP Service Pack 2 (SP2), as a valuable way of protecting PCs. But while the firewall is an improvement, it falls short of the standard of protection expected of commercial firewalls, according to some industry observers,” Matthew Broersma writes for Techworld.com.
“Windows Firewall–which replaces the old Internet Connection Firewall–marks the first time all up-to-date PCs will have a firewall switched on by default, an important step in stopping the spread of viruses, according to industry analysts. However, the software suffers from two major flaws, critics say: it does not block outbound traffic, and it can be switched off by another application, possibly even by a clever worm,” Broersma writes.
Full article here.
MacDailyNews Take: An insecure veriosn of Microsoft Windows? Say it isn’t so! For our Windows-only friends, information about smoothly adding a Mac OS X machine to your computing arsenal can be found here.
It took MS years to make this update, and this is the end result?
Hilarious!
With the money, man (woman) hours and personnel at M$’s disposal why does this happen? How can this happen? The inmates continue to run the asylum……
Wow, so now Windows users get a false sense of security. This could be worse than before. But, it’s free. And, after all, cost is the only thing that matters in the Windoze world.
As usual, the clueless Mac zealots are ignorant beyond belief.
The MacOS X firewall by default does not block outbound traffic either.
“it can be switched off by another application, possibly even by a clever worm”
Something which can be done on any operating system, even MacOS X, if you have the necessary privileges.
If a stupid Windows user downloads a trojan and runs it with administrator rights, it’s Microsoft’s fault.
If a stupid MacOS X user downloads a trojan and runs it with administrator rights, it’s the user’s fault.
The hypocrisy is staggering.
If a stupid Windows user downloads a trojan, it has hundreds of ways to run itself with administrator rights.
If a stupid Mac OS X user downloads a trojan, he has to run it explicitly with administrator rights.
Hypocrisy, you say?
“…two major flaws, critics say: it does not block outbound traffic…”
“…MacOS X firewall by default does not block outbound traffic either…”
It sounds like the Windows version can’t block outgoing traffic while the Mac can if you want.
Certainly blocking the outbound traffic is of interest once the machine has become diseased but this is a Windows phenom. More reason to have ‘outbound blocking’ on Windows and not a strong reason for Mac to make this a default setting.
I can think of a few dozen styles of worms for OSX but the matter of the fact is that once we kill it, it’s gone. On Windows XP if it’s lodged in the registry, startup items, init files, boot records, and Explorer (which is the cause of most of the bloody viruses) then you’re screwed. I’ve booted other people’s computers into safe mode and it was still busted. There are scripts that will write over windows system files and add a little code of their own. The brutality that a little batch file or script (even from a website) can cause is absolutely mind boggling.
I hope NOBODY out there belives that one kid from Germany truly was responsible for 70% of the viruses for 2004 (as reported by CNET). Makes people trust M$ by blaming it on one guy. Windows will never be safe, but I fear it won’t be long before OSX is next. Just be smart and you’re fine. That won’t ever happen for Windows users…unfortunately.
“It sounds like the Windows version can’t block outgoing traffic while the Mac can if you want.”
Yes, the MacOS X firewall can if you configure it to do so using Terminal.app. It’s not available in System Preferences.
Using Terminal.app and manually configuring a firewall is out of the question for most MacOS X users.
There are some 3rd party GUI config tools for the MacOS X firewall, but I don’t know whether they support configuring blocking of outgoing traffic.
“If a stupid Windows user downloads a trojan, it has hundreds of ways to run itself with administrator rights.”
Not if the user is logged in as a non-admin user on a patched Windows system (keeping your Windows patched is as easy as on MacOS X, you enable auto update).
So, yes, I do say hypocrisy.
Wait, a commercial firewall developer thinks Microsoft’s free firewall isn’t up to the challenge? Wow, what a surprise! What if Microsoft had put a full-fledged firewall into SP2? The same companies would be whining about how Microsoft bullied them out of the market.
So let me get this right. As long as you surf only as a non admin user you are safe on Windows. How do you download and launch software upgrades? Store them in a universal folder and switch to the admin user before launching? What a piece of shit.
Don’t ever connect to the internet and you will be safe then.
“Not if the user is logged in as a non-admin user on a patched Windows system (keeping your Windows patched is as easy as on MacOS X, you enable auto update).”
Once again, incorrect information from a Windows idiot!
ActiveX controls can and do install on PC’s even when the user is a non-admin which leads to a host of spyware, malware and visruses. Admin rights mean nothing…. nothing on a Windows PC.
Microsoft is like Zorg Industries where Mac OS X IS the 5th Element
Of course Mac users don’t have cool software like SpyBot Search and Destroy which at last count scans for more than 16,000 potential problem items. Nice…
“ActiveX controls can and do install on PC’s even when the user is a non-admin which leads to a host of spyware, malware and visruses. Admin rights mean nothing…. nothing on a Windows PC.”
You are either clueless or a liar.
“So let me get this right. As long as you surf only as a non admin user you are safe on Windows. How do you download and launch software upgrades? Store them in a universal folder and switch to the admin user before launching? What a piece of shit.”
What a clueless and ignorant Mac zealot.
You right click on the application and select “Run As”. It will give you a dialog box similar to the one on MacOS X where you can enter your admin password.
If Windows detects that it’s a setup application it will automatically display the dialog if you just double click the application.
MacZealot4…But isn’t the standard Windows install and all for the user to be an admin? So, most would be admins unless they might just happen to be in a company with techies setting it up differently.
So most are still vulnerable.
No hypocrisy out of our end.
Has any virus, trojan, worm or any other malciously distributed code or “security flaw” caused any widespread or appreciable damage (i.e. hundreds of thousands of wasted man-hours, billions in lost sales, and/or days of computer downtime) on any machine running Mac OS X to date?
Let’s look at what one site has to say:
http://www.ciac.org/ciac/bulletinsByType/vndr_apple_bulletins.html
I believe I counted ten (10) reports since OS X was released in 2001, but don’t take my word for it, check out the link.
And the answer for M$:
http://www.ciac.org/ciac/bulletinsByType/vndr_ms_bulletins.html
Not going to bother counting – you do it. I think you’ll see the difference pretty quickly.
Yeah, I sure do “miss” having to run SBS&D and AdAware and PopUpStopper now that I have a 17″ iMac on my desk at work. That’s saves me an hour a week right there in productivity!
Do any of you people have kids that use XP? Don’t you realize the majority of Windows users are kids AND adults who don’t keep up on “auto-update” or “security patches”?
These are the same people who download all that crap from the internet. They have no idea that opening up an email attachment or illegally downloading a song can screw up their PC forever. Yes, there are still people out there like that.
IF MICROSOFT IS GOING TO SELL A PRODUCT TO THE MASSES, THEN THEY SURE AS ALL HELL BETTER MAKE SURE IT IS SAFE FOR THE MASSES.
(Instead of putting out a shitty product, and then blaming everybody else.)
Ooooh! Do you smell bacon?
I smell bacon!
�Stupid Windows user� is somewhat redundant is it not?
Ha ha ha ha ha ha
This is Gates’ version of a joke right?
A super weak SPARK-Wall!
Every hacker is the world has already installed and broken this thing!
A sense of false security could increase sales, yeah, thats what they are thinking.
hahahahahahahahahahaha
BUY A MAC!
Remember the article:
http://zdnet.com.com/2100-1105_2-5309182.html
SP2 is already causing some concern. It constrains more than protecting. Sure, it improves the security of windows systems but at the cost of new restrictions affecting the built in firewall, internet explorer and other OS components.
Yesterday, we had confirmation that all versions of AFS for Windows whether released by IBM/Transarc or OpenAFS.org are incompatible with XP SP2 and that a patched version has to be installed. Guess how many other products will be affected as well.
As soon as people will have – once more – to issue patches to fix the patch that patched the latest released patch to fix security issues which were patched by SP2 people will realize the Pandora Vase is still wide open.
At least Microsoft are now admitting that Windows security is a problem and trying to sort out the mess. Of course they’ll make mistakes along the way, but if they move in the right direction, that’s a good thing. I also thnk we’re all forgetting that OSX updates can also break Mac software occasionally.
I still wouldn’t buy Windows myself though. Sounds like too much hard work.
At least Microsoft are now admitting that Windows security is a problem
__________
Uh, Dave? They didn’t have to ‘admit’ it.. Every Tech Publication since 95 has been admitting it. Don’t pat Bill and Paul on the back for lazily slopping together this mess they call Windows XP.
MacZealot 1-5 are (obviously!) trolls. Please don’t feed trolls by responding to their drivel. It only encourages them to come back again and again. Why? Because conflict and bickering are what trolls thrive on. I don’t know why. I don’t know what terrible thing is wrong with trolls’ brains. But I do know that the best (only) deterrent is to completely ignore them.
And if you like trolls and bickering with trolls, the trolls are infecting you with troll disease future troll
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />