Forwarded from: Felix von Leitner <leitnerat_private> Thus spake InfoSec News (isnat_private): > http://www.newsbytes.com/news/01/171949.html > By Brian McWilliams, Newsbytes > ALISO VIEJO, CALIFORNIA, U.S.A., > 07 Nov 2001, 12:08 PM CST > > Software firewalls deployed by millions of PC users offer only > "illusory" protection against Trojan horses and other malicious > programs, security experts warned today. This is actually correct. A packet filters is only useful if one can be sure that what little protection it offers can't be circumvented. That means that it can not share the same machine with other applications that use untrusted data. This is so basic, it's embarassing that it needs to be mention at all :( Personal Firewalls aren't. > Techniques for defeating the outbound data filters in popular personal > firewalls such as Zone Alarm and Norton Personal Firewall have been > independently posted on the Web by several researchers. This, however, is complete and utter bullshit. You can _never_ restrict outgoing traffic in a meaningful way, i.e. you can never lock a box down in a way so that an evil attacker could not leak supposedly secret information out, except if you don't allow any data to flow out at all. Instead of explaining to the illiterate users of this snake oil software the risks they are exposing themselves to, this article dumbs them down even more. It is very sad that this drivel is published at all, and then forwarded to a respected mailing list as this, but it is even sadder that apparently noone except me considers this nauseatingly stupid, bordering on criminal. Felix - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Dec 03 2001 - 04:54:49 PST