WindowsXP will include a firewall of sorts

[InfoSec News <isn () c4i org>]

Forwarded by: Patrice Boivin <lori.pat () ns sympatico ca>

http://www.wired.com/news/business/0,1367,46144,00.html

Associated Press 
12:20 p.m. Aug. 17, 2001 PDT  
      
WASHINGTON -- A promotional website for Microsoft's
soon-to-be-released Windows XP operating system said it would offer
the same protection from viruses and hackers that major corporations
use.

Not so, said a Microsoft executive who had the reference removed from
the website after the Associated Press questioned it.

"I'm sure that was an unintentional overexuberance there," said Mark
Croft, manager for the new Windows product due in stores in October.

Croft said Microsoft's plan to add firewall software, designed to
protect Internet surfers from hackers, "is a good step from having
nothing" but it is not the full-fledged protection found in firewall
products sold separately.

"It was not our primary goal to provide a really high-end and
sophisticated firewall when there are a lot of other totally valid
firewall options for Windows today," Croft said.

Microsoft's plan to include numerous new features in Windows XP such
as the firewall, which complete with stand-alone products made by
others, has angered its competitors and raised questions among state
regulators.

State attorneys general who joined with the U.S. Justice Department in
suing Microsoft for antitrust violations four years ago are currently
weighing whether to go back to court to challenge Windows XP.

A federal appeals court Friday rejected Microsoft's bid to delay the
original lawsuit, clearing the way for new hearings to determine a
penalty for the company's anticompetitive behavior.

Whatever the outcome, experts say consumers should examine closely any
firewall claims made by Microsoft or its rivals before assuming
they're safe on the Internet.

On the website, Microsoft said the new firewall feature "makes your
information, computers, and family data safer from intruders as soon
as you start using Windows XP."

"For years, business networks have been able to protect themselves
from outside attacks by using firewalls," it added. "Windows XP offers
that same security to consumers with Internet Connection Firewall
protection."

Before the company pulled the reference on Thursday, experts expressed
concerns that such claims would leave consumers thinking they were
safer than they were.

"The firewall on the operating system isn't going to provide the most
protection for people," said Tom Powledge of Symantec, which makes a
competing firewall but has a marketing partnership with Microsoft.
"People are going to think they're secure when they're not."

Internet firewalls protect users from both outside attacks, such as
those that clog computers with traffic, and inside damage caused when
users unwittingly download a virus or a "Trojan horse" malicious
program.

Businesses have long needed firewalls because they're a prime target
for hackers, and the rapid rise of broadband cable and Digital
Subscriber Line (DSL) Internet connections in American homes has
increased demand for firewalls among average users.

Microsoft's firewall is only reliable against inbound attacks, Croft
acknowledged. Other programs, either sold or given away for home users
by companies such as Symantec, McAfee, Zone Labs and Internet Security
Systems, do much more.

"Without that outbound protection, users may have a false sense of
security," said Chris Le Tocq, a business analyst with Guernsey
Research. "It's like buying insurance which doesn't work."

But Le Tocq said Microsoft's strategy of including a firewall may pay
huge dividends down the road because it could give the software giant
a huge consumer advantage over rivals that make their own firewall
products.

"Frankly, I think that the personal firewall guys ... they're going to
be roadkill," he said.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.