On Mon, 21 Mar 2005 08:35:32 -0500, Paul A. Houle wrote: > One of the reasons why security products for Windows are so bad is that > there isn't really a firewall API in Windows so every firewall product > finds a set of hooks that look good and then they pray that they don't > blow up the network stack. There is a firewall API, at least in Windows XP SP2+. The main reason they all suck is that they're all based on badly flawed assumptions that have no relation to usability, eg "I can ask users to confirm each outgoing connection and they will make the right choice". This is clearly ridiculous, if I had a pound for every time I've been asked by friends whether they should allow XYZ app to connect to the internet I'd be a rich man. It's pretty much a textbook case of why you shouldn't ask users to make complicated security decisions. Even worse, from the perspective of malware authors it's trivial to hide yourself so the programs identify is obfuscated or appears benign. So asking these questions achieves nothing and just confuses users - bad plan! thanks -mike
