Microsoft Windows Vista includes a two-way firewall. TO THE TOP

Discussion in 'Windows Vista Security' started by I.C. Greenfields, Feb 14, 2009.

  1. I.C. Greenfields

    Sam Hobbs Guest

    I responded to the comment: "My point is that there is no middle ground - if
    you don't trust it to access the internet, don't have it on your system (who
    knows what other horrible things it could be doing that you aren't aware
    of).". That is such an extreme comment that I had to reply to it. You seem
    to be saying something different now.

    Your next sentence was: "There is no problem having an API that allows a
    program you have given permission to execute the ability to configure your
    firewall. You indicated your trust when you installed or executed the
    program.". Perhaps I misunderstood that. If so then I will assume you have
    now explained that adequately.
     
    Sam Hobbs, Feb 19, 2009
    #61
    1. Advertisements

  2. I.C. Greenfields

    Sam Hobbs Guest

    You are intentionally ignoring other comments I made.
    It is a little confusing, since the internet was built upon existing
    software. For example HTML initially used SGML which is a word-processing
    standard.

    The IETF defines the internet; the standards are called Request For Comments
    (RFCs) which is a misleading term but everything that you call the internet
    is defined in RFCs and the RFCs are the standards. RFC 1831 defines RPCs:

    RPC: Remote Procedure Call Protocol Specification Version 2
    http://www.ietf.org/rfc/rfc1831.txt?number=1831

    It clearly calls RPC a protocol and says it is for the internet.

    In addition to all that, when I used MySQL a few years ago, it did not work
    unless I configured my firewall to allow it access to the internet.

    Also, note that the comments I replied to are probably now clarified such
    that all this is not relevant.
     
    Sam Hobbs, Feb 19, 2009
    #62
    1. Advertisements

  3. I.C. Greenfields

    Root Kit Guest

    Erhmmm... No need to update your Adobe - ever??? - That's a perfect of
    example of shooting oneself in the foot right there.
    What about all the other bad stuff a company's program may do to your
    machine that you wouldn't like if only you knew about it?
     
    Root Kit, Feb 19, 2009
    #63
  4. I.C. Greenfields

    Sam Hobbs Guest

    Not totally hypothetical. Software that "phones home" happens and is quite
    common.
     
    Sam Hobbs, Feb 19, 2009
    #64
  5. I.C. Greenfields

    +Bob+ Guest

    Might want to check your system time there, smart guy, for a guru you
    seem to have some real issues.
     
    +Bob+, Feb 19, 2009
    #65
  6. I.C. Greenfields

    +Bob+ Guest

    Is this really a demonstration of your wit? Or do you dumb down this
    posting personality intentionally to resemble an illiterate dolt?
     
    +Bob+, Feb 19, 2009
    #66
  7. I.C. Greenfields

    +Bob+ Guest

    I didn't say that. I said that there is no need for IT to check for
    updates. I'll check when I think it's appropriate.
    Yawn. Another strawman.
     
    +Bob+, Feb 19, 2009
    #67
  8. I.C. Greenfields

    +Bob+ Guest

    I wasn't saying the "phone home" part is hypothetical. It's the
    scenario he's set up that's hypothetical... and he's gone so far as to
    suggest that we're violating some unknown EULA by controlling our own
    machine. Then he suggests that we're in mortal danger without
    automatic updates turned on. It's hypothetical nonsense.

    I'll give just one specific retort to this hypothetical: I've never
    had automatic updates turned on in MS-Windows in any version and I've
    never gotten a virus or had malware running on my machines (of which
    there have been dozens). That's not luck, it's just intelligent setup
    and use.
     
    +Bob+, Feb 19, 2009
    #68
  9. I.C. Greenfields

    Root Kit Guest

    And at the same time you are pointing directly at one of the main
    problems with outbound control. You are saying they *could* hook.
    Well, maybe they could (even that is questionable) - but are they
    doing it? The key point here is that it's simply practically
    impossible to hook into each and every possibility for malware to use.
    It's a game you can only loose.
     
    Root Kit, Feb 20, 2009
    #69
  10. I.C. Greenfields

    Root Kit Guest

    Strawman or not - it hits the nail on the head. And it was your own
    wording.
     
    Root Kit, Feb 20, 2009
    #70
  11. I.C. Greenfields

    +Bob+ Guest

    That would make your posting interface unique among those in the
    world.
     
    +Bob+, Feb 20, 2009
    #71
  12. I.C. Greenfields

    +Bob+ Guest

    Not the issue, keep checking. The rest of us are accurately reflecting
    GMT.
     
    +Bob+, Feb 20, 2009
    #72
  13. I.C. Greenfields

    +Bob+ Guest


    First, it was not my wording. That noted, it's a strawman. It's a
    waste of time to respond to it.
     
    +Bob+, Feb 20, 2009
    #73
  14. I.C. Greenfields

    measekite Guest

    I think your total lack of any sense at all underscores your lack of an IQ
    at all.
     
    measekite, Feb 20, 2009
    #74
  15. I.C. Greenfields

    measekite Guest

    Then you are you posting?
     
    measekite, Feb 20, 2009
    #75
  16. Why are you posting? You didn't say anything. Just FYI
     
    measekite.monkey, Feb 20, 2009
    #76
  17. I.C. Greenfields

    Sam Hobbs Guest


    There you go, you are getting it correct now; I knew you could. Yes, I was
    talking about the developers of ZoneAlarm.

    You will likely respond by saying that since I did not answer your question
    about how they would do it, that I don't know what I am talking about. So go
    ahead, have the last word; this discussion is getting too off-topic.

    I trimmed all newsgroups from my reply except
    microsoft.public.windows.vista.security. I don't know what newsgroup you are
    replying through.
     
    Sam Hobbs, Feb 21, 2009
    #77
  18. I.C. Greenfields

    Sam Hobbs Guest


    And if the United States was to take that attitude about terrorism then the
    USA would have been attacked by terrorists again such as in 9/11. Just
    because it is impossible to be totally thorough, that is not justification
    for not trying.
     
    Sam Hobbs, Feb 21, 2009
    #78
  19. I.C. Greenfields

    Sam Hobbs Guest


    Note that you clipped the part where I said "the internet was built upon
    existing software". Yes, RPC existed in Unix before the internet.
     
    Sam Hobbs, Feb 21, 2009
    #79
  20. I.C. Greenfields

    Root Kit Guest

    You're taking this pretty off topic now, but okay let's have a look at
    your flawed analogy.

    First of all you should be very careful about making analogies between
    the real and the virtual world in the first place. They seldom
    compare.

    You're saying "it's no justification for not trying". This is a
    nonsense comment, because I have never advocated anything like "not
    trying". I'm advocating using countermeasures that actually work
    effectively and has a positive cost/benefit outcome.

    It's actually quite amusing that you start mentioning
    counter-terrorism, because if you look at it, the US has in fact put
    in place lot of countermeasures that have a lot in common with host
    based per application outbound control: They are close to useless and
    easily bypassed but they serve the purpose of giving the users (the
    public) a warm feeling of security. For your government it's not
    enough to just put in place countermeasures that have a proven record
    of actually making a difference. It's equally important just to make
    you believe they are doing something.

    I can highly recommend listening to what security expert Bruce
    Schneier has to say about these things. He is excellent at looking
    through the smoke and go right to the point.
     
    Root Kit, Feb 21, 2009
    #80
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.