Information Security News mailing list archives
Re: Personal Firewalls Spring Security Leaks - Update
From: InfoSec News <isn () c4i org>
Date: Mon, 3 Dec 2001 01:56:54 -0600 (CST)
Forwarded from: Felix von Leitner <leitner () vim org> Thus spake InfoSec News (isn () c4i org):
http://www.newsbytes.com/news/01/171949.html
By Brian McWilliams, Newsbytes ALISO VIEJO, CALIFORNIA, U.S.A., 07 Nov 2001, 12:08 PM CST Software firewalls deployed by millions of PC users offer only "illusory" protection against Trojan horses and other malicious programs, security experts warned today.
This is actually correct. A packet filters is only useful if one can be sure that what little protection it offers can't be circumvented. That means that it can not share the same machine with other applications that use untrusted data. This is so basic, it's embarassing that it needs to be mention at all :( Personal Firewalls aren't.
Techniques for defeating the outbound data filters in popular personal firewalls such as Zone Alarm and Norton Personal Firewall have been independently posted on the Web by several researchers.
This, however, is complete and utter bullshit. You can _never_ restrict outgoing traffic in a meaningful way, i.e. you can never lock a box down in a way so that an evil attacker could not leak supposedly secret information out, except if you don't allow any data to flow out at all. Instead of explaining to the illiterate users of this snake oil software the risks they are exposing themselves to, this article dumbs them down even more. It is very sad that this drivel is published at all, and then forwarded to a respected mailing list as this, but it is even sadder that apparently noone except me considers this nauseatingly stupid, bordering on criminal. Felix - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Re: Personal Firewalls Spring Security Leaks - Update InfoSec News (Dec 03)
- <Possible follow-ups>
- Re: Re: Personal Firewalls Spring Security Leaks - Update InfoSec News (Dec 04)