This debate has been taking place for years. I think the one thing everyone would agree on is that the weakest point in the security chain is the end user. Even those of us who may feel we are more knowledgeable than others. As humans we can all make mistakes. No matter what some internet celebrities may try and make you think. So the question that needs asked is – are firewalls useless because they require some user interaction? I’d have to say they aren’t useless by any means. But no matter how idiot proof you may try and a make a product. Someone will find a way to do something to find away around that. I think we could all agree that software firewall vendors have tried to tighten things up over the years. Zone Labs has made improvements within their product so that less user interaction is needed. This company has also tried to make it so that users are given more useful information when faced with an alert. Years ago and still today the one complaint about ZoneAlarm has been that it is to busy. Meaning you will be barraged with a large number of alerts. Now lets keep in mind this has become less and less of an issue over time. Zone Labs has made improvements in the software so that it can be installed to work more quietly. I’m using the ZoneAlarm firewall as my example because that is the software I’m most familiar with.
Even with all these improvements. We all know that alerts will occur. The decision on how that alert should be handled is in the end up to the customer. That of course is the weak link. If you sit down and listen to feedback from these people. The one thing you’ll hear time and again is that users are unsure of what to do when they see an alert. They are intimidated and uncomfortable trying to figure out what to do. Although in many cases with ZoneAlarm hitting the More Info tab would in fact help them to decide how to proceed. Granted at times that feature is still less than helpful and at times adds to the confusion. So this has been and still is a key area where users can make bad security choices. Most people don’t want to be hassled with these choices. They just want their software to work the way they want it to without interruptions or aggravation. The alerts are counter to this principle.
So does this weak link in the security chain make a software firewall useless? My personal opinion is no. The overall benefit outweighs any long term aggravation. It’s also been shown that most vendors understand where the weak point is. This is why we have seen that being strengthened. To reduce any negative decision that might be made at that level. ZoneAlarm is now designed to offer a suggestion of what to do. Either to allow or deny the activity or program that caused the alert. So it’s not as if security software developers are leaving the full choice up to the customer. But in the end the user can override the suggestion given. Other than taking the choice fully out of their hands. I’m not sure how much more this weak point can be strengthened. The overall feeling I get from most people is one of aggravation. None of them want to read the alerts or what they are being told. These are the same people that don’t want to do any reading etc. Yet when there PC is running like garbage because they refuse to use security tools. They will be the first people screaming and moaning about the situation. Which in many cases wouldn’t be occurring if they would use basic security practices. Such as running an updated antivirus and firewall software.
Microsoft hasn’t learned much over the years in regards to security. You can tell this by the method they have chosen to enable within Vista to supposedly help protect customers. I’m sure the company would argue other security advancements have been made. But what we see on the surface is a constant stream of alerts without any suggestion as to what to do. Most people aren’t going to have a clue as to why they are getting the alert or what it means. So what are these customers going to do? They are going to disable this security feature as soon as they figure out how. When you make the user experience aggravating. Your going to see people do one of several things. They will disable the security and not use it. If they decide that they must put up with the aggravation. You will see bad decisions being made that negate even having the security in place. Or these people will just look for another product or service to use. So in the end Vista does nothing to further secure the end user. Or to make the security experience more friendly.
With all that said. Software firewalls have stopped many machines from being exploited over the years. Users have learned how to interact with most modern day security products. The alerts have lessened to a large degree to where decisions aren’t having to be made constantly. Software firewalls are even more imbedded within the operating system to make them harder to disable. Over the years this has caused some problems when uninstalling some products. We have seen this same issue with antivirus software. The overall benefit of this close interaction. Is that security products have become hard to disable and the alerts have lessened. Yet with all the advancements it’s still up to the user to make some basic choices. These choices could in fact have negative consequences. Even with this in mind. I think the overall protection offered is still a benefit. You can’t just use a router to protect the inbound part of your connection. You need to know what is leaving your machine as well as what is trying to come in. A software firewall lets you know what is coming in and what is leaving. It’s not like routers don’t have weak security points as well. So no method of security is ever going to be foolproof.
People want the power of choice in most cases. Giving that benefit within a software firewall can aggravate and confuse them at times though. I’m not sure the answer is to take this power away from them. I’d still say education is key. Although some people will never learn from their mistakes. At this point I’m not sure it is fully possible to design a software firewall for home use that totally takes decisions out of the customers hands. I would tend to bet that the supposed security experts would like to do just this though. At the end of the day though I’m not sure the results would be any better for doing so.
Search results for firewall Iggy Uncensored
Test your antivirus firewall and pc security test.iggyz.com
What is a firewall – How do they work – Which one should I use firewall.iggyz.com
AntiVirus Protection – Virus news and help links page 1 antivirus.iggyz.com
ZoneLabs ZoneAlarm IMSecure Help zone.iggyz.com
Here is the thread that got me started on all this.
Forums » Security » How effective is a software firewall if…
Forums » Security » What price Vista supposed security
Forums » Security » [Poll] What Firewall Do You Use ’06