Zone Alarm (free addition) and Netscape dialup accelerater.

I just installed the free edition on my computer and it's blocks my
netscape dialup accelerator (No DSL in my area of the sticks yet. This
is the best you can get).

The Zone Alarm blocks the accelerator automatically each time it tries
to operate, it never allows me a decision via popup messge to allow the
accelerator.

Is there a way to get the Zone Alarm firewall to accept the accelerator?

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

eacantdraft@hotmail.com wrote:
> Is there a way to get the Zone Alarm firewall to accept the accelerator?

There is life beyond Zone Alarm.

Yours,
VB.
--
Viel schlimmer als die Implementation von PHP ist jedoch das Design.

Rudolf Polzer in de.comp.security.misc

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 29-Aug-2006, eacantdraft@hotmail.com wrote:

> I just installed the free edition on my computer and it's blocks my
> netscape dialup accelerator (No DSL in my area of the sticks yet. This
> is the best you can get).
>
> The Zone Alarm blocks the accelerator automatically each time it tries
> to operate, it never allows me a decision via popup messge to allow the
> accelerator.
>
> Is there a way to get the Zone Alarm firewall to accept the accelerator?

Is it possible that it asked you once and you denied it (with the
'remember' check)?
Have you gone into 'programs' and looked to see if it is listed, and if it
is you can change the setting there.
Otherwise, perhaps look around and try some other free firewall(s)?
I had some problems with the ZA free version blocking stuff I did not want
it to block myself, even after putting the site/host in the trusted zone,
somehow it still blocked some packets - this did not help my game let me
tell you.
I ended up paying for the full suite - seems to work much better - 60-70
bucks, with a possible 30 dollar rebate is not that much, and then if you
do have problem(s) you can ask their tech support directly. Plus, of
course they are going to make sure that version works*, since that is what
they expect to make money on/with.
Another thought, have you checked netscapes help page to see if anyone
else has had this problem before and what if anything can be done about
it?

*Sebastian / Volker / any others - please, no snide remarks about this, if
Consumer Reports advises people to run a software firewall, I think they
have more respectability than someone that posts here and tells people to
turn off their firewall and learn to close services themselves (but does
not usually even say how or where to find out how) - not everyone has time
or inclination to do such, therefore using a pf is better for them.
--
We apologize for the inconvenience

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On Tue, 29 Aug 2006 18:11:21 GMT, "ArtDent"
wrote:

>*Sebastian / Volker / any others - please, no snide remarks about this, if
>Consumer Reports advises people to run a software firewall, I think they
>have more respectability than someone that posts here and tells people to
>turn off their firewall and learn to close services themselves (but does
>not usually even say how or where to find out how) - not everyone has time
>or inclination to do such, therefore using a pf is better for them.

If you are skilled enough to install and properly configure a personal
firewall you are also skilled enough to be able to shut down services
or to run a script that does the job for you.

The advice of consumer reports is not an argument.

Hopefully this was'nt a snide remark.

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

ArtDent schrieb:

> *Sebastian / Volker / any others - please, no snide remarks about this, if
> Consumer Reports advises people to run a software firewall, I think they
> have more respectability than someone that posts here and tells people to
> turn off their firewall

Well, I cannot see any arguments on Consumer Reports, whereas Sebastian
and Volker typically provide some. Sometimes it is just a matter of
what you want to read.

>and learn to close services themselves (but does
> not usually even say how or where to find out how)

how often did they post the link http://www.dingens.org/index.html.en?

> - not everyone has time
> or inclination to do such, therefore using a pf is better for them.

If you have time to order, download and install a personal firewall you
also have time to shut down unnecessary Windows services.

> We apologize for the inconvenience

So do I :-)

Regards
Thomas

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 29-Aug-2006, "Thomas" wrote:

> how often did they post the link http://www.dingens.org/index.html.en?
>
> > - not everyone has time
> > or inclination to do such, therefore using a pf is better for them.
>
> If you have time to order, download and install a personal firewall you
> also have time to shut down unnecessary Windows services.

Erm... pardon my ignorance please, but what the???
I (and others) should run this instead of that. What is the point then?
Instead of running a pf, which will usually check for updates periodically
to keep ahead or at least abreast of current 'threats', you are suggesting
that I (and others) should run _this program_ instead, once? What about
when Windows programs/OS update themselves and reset to their not so
secure defaults? Must we run this program/script again then? And, how
would we know we needed to if Windows is set for auto updating like _most_
Windows users should have it set for? Again, I am talking about the
_normal_ (yes, yes, I know there is no such thing) Windows user, people
that are not that computer savvy. If we could indeed keep all ID ten T's
off the net, it would be wonderful to the max, but we must live and work
in/with the 'real' world where your local auto mechanic or lawyer or
doctor or etc. does not feel that they have the time to learn all this
'stuff'. Can we please stop with the elitism I see here so much. I have
seen people say that if you can't figure this (shutting down services)
out, you should not be on the net, well then, should we say that if you
can not dis-assemble and re-assemble your car you should not be driving
it? Specialization is the way of the world today. Do you doctor
yourself? Do you go to court and represent yourself? No, you go to a
'specialist', which is the equivalent of what a pf is to the
average/normal user.
Dang, sure hit my button, heh.
I apologize if this seems to be pointed at you or anyone in particular,
but, as the saying goes - if the shoe fits...

I just do not think that such elitist advice is very helpful / productive
to the people that are trying to get answers to their questions here and
wish it would stop.

--
I am not a complete idiot.
Parts are missing.

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

"ArtDent" wrote in message
news:tC1Jg.2978$xQ1.250@newsread3.news.pas.earthlink.net...
>
> On 29-Aug-2006, "Thomas" wrote:
>
> > how often did they post the link http://www.dingens.org/index.html.en?
> >
> > > - not everyone has time
> > > or inclination to do such, therefore using a pf is better for them.
> >
> > If you have time to order, download and install a personal firewall you
> > also have time to shut down unnecessary Windows services.
>
> Erm... pardon my ignorance please, but what the???
> I (and others) should run this instead of that. What is the point then?
> Instead of running a pf, which will usually check for updates periodically
> to keep ahead or at least abreast of current 'threats', you are suggesting
> that I (and others) should run _this program_ instead, once? What about
> when Windows programs/OS update themselves and reset to their not so
> secure defaults? Must we run this program/script again then? And, how
> would we know we needed to if Windows is set for auto updating like _most_
> Windows users should have it set for? Again, I am talking about the
> _normal_ (yes, yes, I know there is no such thing) Windows user, people
> that are not that computer savvy. If we could indeed keep all ID ten T's
> off the net, it would be wonderful to the max, but we must live and work
> in/with the 'real' world where your local auto mechanic or lawyer or
> doctor or etc. does not feel that they have the time to learn all this
> 'stuff'.

That's one reason why I never advise these people to install Zonealarm. If I did
then they'd have to spend time learning how to use a complex product which most
of them would never be able to understand. This would cause them to get into a
worse mess than they were in before they installed the unnecessary personal
firewall software, just like the OP has.

It's much better to configure doctor/lawyer/mechanic PCs so that they remain
secure without bothering the user (who, as you say, doesn't have time to learn
about computer security) with security related questions.

Sometimes this is difficult when the doctor/lawyer/mechanic insists that because
all their friends mistakenly think Zonealarm is essential then they must have it
too. For some reason they rarely insist on checking whether all updates for all
software on the PC are present or whether an administrator account is in use
when a user account is all that's required or whether any unnecessary services
are exposed to an untrusted network or indeed whether any unnecessary software
is installed on the PC and running at each startup. These things are all simple
to do, much simpler than understanding how to correctly configure Zonealarm.
Do the "Consumer Reports" that you mention advise users to find out how to do
any of these simple things? or do they simply say "Install a firewall"?

[Rest snipped]

Jason

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 29-Aug-2006, "Jason Edwards" wrote:

> Do the "Consumer Reports" that you mention advise users to find out how
> to do
> any of these simple things? or do they simply say "Install a firewall"?

First, just fyi, 'Consumer Reports' is a magazine in the US that does not
accept any advertising and 'tests' things in their labs and such like.
Everything from cars to washing machines to computers and their
peripherals.
Second, yes, they _told_ people how to do all those things, (not just how
to find out how, although I am pretty sure there were useful links for
further info) using user accts, etc., the fw section was just that, a
section in the whole 'article'. They used language a computer 'noob'
would understand, when they introduced a 'new' word, they explained it.
They really are a wonderful organization, probably modeled after something
people over in Europe have had for ages - we are the 'johnny come
latelies' after all. :) They are at www.consumerreports.org if you care
to give them a look.
The problem is that not everyone that buys a computer will read that very
good article, and if someone comes here and poses a question I think it is
better to try to talk with them at the level they seem to put forward, not
look down from some lofty perch and yell 'you are not good enough', and
spout jargon they probably do not even understand.
Hand holding over 'sink or swim'.
I mean, hey, it is in our own best interest after all, if we can help keep
someones machine from becoming another zombie that spews spam all over the
place, I say we make any and every effort to do so, up to and including
being 'nice'. Even if we have to grit our teeth to do it. :|
--
We apologize for the inconvenience.

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

wrote in message
news:1156871545.008633.148900@m73g2000cwd.googlegroups.com.. .
: I just installed the free edition on my computer and it's blocks my
: netscape dialup accelerator (No DSL in my area of the sticks yet. This
: is the best you can get).
:
: The Zone Alarm blocks the accelerator automatically each time it tries
: to operate, it never allows me a decision via popup messge to allow
the
: accelerator.
:
: Is there a way to get the Zone Alarm firewall to accept the
accelerator?

It would be a good idea to ask your question on the ZoneLabs User
Forums, or read some posts on the subject there...I remember reading a
thread about conflicts between the firewall and some web accelerators.
Your ISP's Help page might have some information on the subject, too.
Good luck.

charlie R
:

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

ArtDent schrieb:

> On 29-Aug-2006, "Thomas" wrote:
>
> > how often did they post the link http://www.dingens.org/index.html.en?
> >
> > > - not everyone has time
> > > or inclination to do such, therefore using a pf is better for them.
> >
> > If you have time to order, download and install a personal firewall you
> > also have time to shut down unnecessary Windows services.
>
> Erm... pardon my ignorance please, but what the???
> I (and others) should run this instead of that. What is the point then?

The point is very simple:
1 A personal firewall can by design not do what it is advertised to
do. Why would you think that software A could control software B but
not vice versa? As a matter of fact, any well written malware will
control the firewall and not the other way round. Note that the author
of such malware can even test his code against the firewall (as this is
publicly available) whereas the firewall author cannot. So it is much
more likely that the malware will control the firewall. Thus,
controlling outbound traffic with a personal firewall is just a dream.
And if it is about inbound traffic alone, the integrated XP firewall
will do just fine.

2 Configuring a packet filter requires even more knowledge about all
this computer stuff than stopping unnecessary services. Just clicking
on the allow button whenever a process wants to access the internet
does not really help. Also, most of your "normal" users will have no
idea what is behind the cryptic name of such a process requiring
internet access.

> Instead of running a pf, which will usually check for updates periodically
> to keep ahead or at least abreast of current 'threats', you are suggesting
> that I (and others) should run _this program_ instead, once?

No. You should check your services again once you installed a new piece
of software. Takes a minute.

> What about
> when Windows programs/OS update themselves and reset to their not so
> secure defaults? Must we run this program/script again then?

see above

>And, how
> would we know we needed to if Windows is set for auto updating like _most_
> Windows users should have it set for? Again, I am talking about the
> _normal_ (yes, yes, I know there is no such thing) Windows user, people
> that are not that computer savvy. If we could indeed keep all ID ten T's
> off the net, it would be wonderful to the max, but we must live and work
> in/with the 'real' world where your local auto mechanic or lawyer or
> doctor or etc. does not feel that they have the time to learn all this
> 'stuff'.

That is why I suggest to rather configure the pc than learning a lot
about IP and packet filters. It is easier for them.

> Can we please stop with the elitism I see here so much.

This is not elitism. This is just pragmatic.

> I have
> seen people say that if you can't figure this (shutting down services)
> out, you should not be on the net, well then, should we say that if you
> can not dis-assemble and re-assemble your car you should not be driving
> it? Specialization is the way of the world today.

I think that even in your car you should at least understand the basic
security mechanisms.

> Do you doctor
> yourself? Do you go to court and represent yourself? No, you go to a
> 'specialist', which is the equivalent of what a pf is to the
> average/normal user.

No, the specialist would be somebody who knows about all this stuff and
configures it for you. Installing a personal firewall is exactly the
equivalent to doctoring yourself or representing yourself at court.
Yes, the specialist will ask for some money, but do your doctor or
lawyer work for free?

> Dang, sure hit my button, heh.

Seems so :-)

> I just do not think that such elitist advice is very helpful / productive
> to the people that are trying to get answers to their questions here and
> wish it would stop.

I admit that the tone sounds elitistic from time to time but what is
wrong if somebody tells a poster that he can achive what he wants

- without paying a dime vs buying a software product
- with more security and control than the software product can offer
- without adding software that uses disk space and consumes resources
- with less learning to do

Yes, installing a personal firewall seems so much easier. But if you
want to configure it, it turns out that it is not. And if you don=B4t
configure it, it is useless anyway.

Regards
Thomas

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 30-Aug-2006, "Thomas" wrote:

> Yes, installing a personal firewall seems so much easier. But if you
> want to configure it, it turns out that it is not. And if you don´t
> configure it, it is useless anyway.

I do not agree with this. At least for myself.
I find it much easier to only google at need, (if/when get some pop-up
from pf) rather than having to search around for all the 'general' info I
would otherwise need. Besides, while I am trying to find all this general
info, my computer would not be 'protected' as well as I think it should
be. Better - in my mind - is to have a pf blocking things until I google
them and can then make a knowledgeable decision whether to 'allow'
something or 'deny' it.
They are making these programs as intuitive as they can, I don't think you
can say that about OS's. :)
--
We apologize for the inconvenience

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

ArtDent schrieb:

> On 30-Aug-2006, "Thomas" wrote:
>
> > Yes, installing a personal firewall seems so much easier. But if you
> > want to configure it, it turns out that it is not. And if you don=B4t
> > configure it, it is useless anyway.
>
> I do not agree with this. At least for myself.
> I find it much easier to only google at need, (if/when get some pop-up
> from pf) rather than having to search around for all the 'general' info I
> would otherwise need. Besides, while I am trying to find all this general
> info, my computer would not be 'protected' as well as I think it should
> be. Better - in my mind - is to have a pf blocking things until I google
> them and can then make a knowledgeable decision whether to 'allow'
> something or 'deny' it.

Fine, but who does really do this in real life?

If you really want to "protect" your computer in a hands free and
hassle free mode, buy a cheap NAT router. Although not designed as a
security device, it will still do the job much better (and with less
hassle) than a personal firewall.

> They are making these programs as intuitive as they can, I don't think you
> can say that about OS's. :)

Addressing security issues with intuition is not necessarily a good
idea ;-)

Regards
Thomas

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

"ArtDent" wrote in message
news:Uc5Jg.247$v%4.161@newsread1.news.pas.earthlink.net...
>
> On 29-Aug-2006, "Jason Edwards" wrote:
>
> > Do the "Consumer Reports" that you mention advise users to find out how
> > to do
> > any of these simple things? or do they simply say "Install a firewall"?
>
> First, just fyi, 'Consumer Reports' is a magazine in the US that does not
> accept any advertising and 'tests' things in their labs and such like.
> Everything from cars to washing machines to computers and their
> peripherals.
> Second, yes, they _told_ people how to do all those things, (not just how
> to find out how, although I am pretty sure there were useful links for
> further info) using user accts, etc., the fw section was just that, a
> section in the whole 'article'. They used language a computer 'noob'
> would understand, when they introduced a 'new' word, they explained it.
> They really are a wonderful organization, probably modeled after something
> people over in Europe have had for ages - we are the 'johnny come
> latelies' after all. :) They are at www.consumerreports.org if you care
> to give them a look.

Type computer security in the search box.
The third article in the list (when I did it) dated 9/06 is only missing
anti-virus software and advice on when/why/how to use a user account instead of
an administrator account. Other than that it's fine. No mention of personal
firewall software at all.

Jason

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 30-Aug-2006, "Jason Edwards" wrote:

> No mention of personal
> firewall software at all.

In the printed magazine, in the article titled 'Stay Safe Online' -
subtitled 'Best Software Tools & Strategies', they list 7 steps to
security.
Step one is labeled 'Enable existing protection', in there they state, and
I quote "Start by activating a firewall", they mention XP's and Mac OS X's
built in firewalls, but explain that those only block incoming
communications, they go on to say that: "For greater protection, you can
also use a firewall that blocks outgoing communications".
--
We apologize for the inconvenience

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

"ArtDent" wrote in message
news:ncEJg.984$v%4.268@newsread1.news.pas.earthlink.net...
>
> On 30-Aug-2006, "Jason Edwards" wrote:
>
> > No mention of personal
> > firewall software at all.
>
> In the printed magazine, in the article titled 'Stay Safe Online' -
> subtitled 'Best Software Tools & Strategies', they list 7 steps to
> security.
> Step one is labeled 'Enable existing protection', in there they state, and
> I quote "Start by activating a firewall", they mention XP's and Mac OS X's
> built in firewalls, but explain that those only block incoming
> communications, they go on to say that: "For greater protection, you can
> also use a firewall that blocks outgoing communications".

Obviously not the same writer as the article I found.
What is the date of this issue? September 2006?

Why would a user be expected to enable existing protection?
Why wasn't it enabled for them?

I'd like to know how a computer with blocked outgoing communications could do
very much on a network. Requesting a web page might be difficult, not to mention
an IP address if it's using DHCP.

Ok so maybe I should assume that they meant it only blocks selected outgoing
communications based on rules set up by the user.
How would the average Windows user know how to correctly set up the rules and
what would stop malware changing the rules? What would stop malware making other
changes to the firewall or disabling it completely while making it look to the
user like it's still working? What would stop malware using communication
channels which are not blocked by the firewall? Why is the average personal
firewall user not aware of these issues?
Why are groups like microsoft.public.security.* full of people who, in many
cases, seem to already have personal firewall software but are still in a dazed
and confused state about why their computer seems to be possessed?

Jason

> --
> We apologize for the inconvenience

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 31-Aug-2006, "Jason Edwards" wrote:

> Obviously not the same writer as the article I found.
> What is the date of this issue? September 2006?

Yes, Sept. '06. There are several 'sections' to the whole 'article', and
this was/is in the second main section.

> Why would a user be expected to enable existing protection?
> Why wasn't it enabled for them?

I think most new computers nowadays do have it turned on by default,
unless they come with some other 'security' software (McAfee, Norton,
whatever), which would / should be on instead. They (CR) seemed to be
trying to make sure people were aware of it in the first place.

> I'd like to know how a computer with blocked outgoing communications
> could do
> very much on a network. Requesting a web page might be difficult, not to
> mention
> an IP address if it's using DHCP.
>
> Ok so maybe I should assume that they meant it only blocks selected
> outgoing
> communications based on rules set up by the user.
> How would the average Windows user know how to correctly set up the
> rules

Google? Help files within the program? Yes, I know 'most' or 'average'
users won't, but the answers aren't usually too hard to find, all the
software can do is make it as easily available as possible, without
shoving it in the face of a more advanced user.

> and
> what would stop malware changing the rules? What would stop malware
> making other
> changes to the firewall or disabling it completely while making it look
> to the
> user like it's still working?

I think checksums and maybe 'other' methods, hey, I am not the
programmers, I do not know _all_ the inner workings.
The obvious (to us) is to be careful and knowledgeable while surfing,
checking emails, etc., I'm sure the programmers do all they can, but it
does indeed come down to the users behaviour online. No matter if they
put brakes on a car, if you fall asleep at the wheel and don't hit them,
you will hit that wall in front of you - same for surfing online even with
a firewall, it is (supposed to be) subservient to the user, if they don't
'use' it correctly it really isn't the softwares 'fault'.

>What would stop malware using
> communication
> channels which are not blocked by the firewall?

Program permissions?

> Why is the average personal
> firewall user not aware of these issues?

Lack of specific education about it?
Whether it is the software coporation(s) that does not shout about any
possible deficiencies (is there any corp. that does?), or just the user
not paying attention to what _is_ reported in the media.

> Why are groups like microsoft.public.security.* full of people who, in
> many
> cases, seem to already have personal firewall software but are still in
> a dazed
> and confused state about why their computer seems to be possessed?

There are indeed people that should not use computers, but until there is
some kind of test (like a drivers test for your drivers license) before
you are allowed to buy one, any schmuck/bozo/moron/whatever with an IQ
under 80, but with the money, can go buy whatever they want. Or, even if
they are almost a genius, but know nothing about computers, just that they
want one because everyone else has one.

And all we can do is to try to help if / when we can.

> Jason

--
Never raise your hand against a child.
It leaves your groin unprotected.

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

"ArtDent" wrote in message
news:jEHJg.1043$v%4.285@newsread1.news.pas.earthlink.net...
>
> On 31-Aug-2006, "Jason Edwards" wrote:
>
[snip]
> > Ok so maybe I should assume that they meant it only blocks selected
> > outgoing
> > communications based on rules set up by the user.
> > How would the average Windows user know how to correctly set up the
> > rules
>
> Google?

A minefield of incomprehensible information to the average Windows user if the
subject is firewall configuration.

> Help files within the program?

The last time I looked at the help in ZA it wasn't very helpful. As an example
it would refer to a box for an IP address and say something like "In this box
you enter an IP address".

> Yes, I know 'most' or 'average'
> users won't, but the answers aren't usually too hard to find, all the
> software can do is make it as easily available as possible, without
> shoving it in the face of a more advanced user.

Why would personal firewall software want the user to understand it?
If they understood it they might conclude that they don't need it.

>
> > and
> > what would stop malware changing the rules? What would stop malware
> > making other
> > changes to the firewall or disabling it completely while making it look
> > to the
> > user like it's still working?
>
> I think checksums and maybe 'other' methods, hey, I am not the
> programmers, I do not know _all_ the inner workings.
> The obvious (to us) is to be careful and knowledgeable while surfing,
> checking emails, etc., I'm sure the programmers do all they can, but it
> does indeed come down to the users behaviour online.

You don't think that Microsoft should fix Internet Explorer then?
It is after all the major route that malware takes into a home Windows PC,
particularly when Microsoft's implementation of Java is in use.

> No matter if they
> put brakes on a car, if you fall asleep at the wheel and don't hit them,
> you will hit that wall in front of you - same for surfing online even with
> a firewall, it is (supposed to be) subservient to the user, if they don't
> 'use' it correctly it really isn't the softwares 'fault'.

Windows isn't to blame then? It's either the user's fault or incorrect use of
the personal firewal.

>
> >What would stop malware using
> > communication
> > channels which are not blocked by the firewall?
>
> Program permissions?
>
> > Why is the average personal
> > firewall user not aware of these issues?
>
> Lack of specific education about it?
> Whether it is the software coporation(s) that does not shout about any
> possible deficiencies (is there any corp. that does?), or just the user
> not paying attention to what _is_ reported in the media.

We sure don't hear Microsoft shouting about the deficiencies in Internet
Explorer.

>
> > Why are groups like microsoft.public.security.* full of people who, in
> > many
> > cases, seem to already have personal firewall software but are still in
> > a dazed
> > and confused state about why their computer seems to be possessed?
>
> There are indeed people that should not use computers,

Why? Why can't they have a computer which doesn't fill up with malware after a
few weeks of use?

> but until there is
> some kind of test (like a drivers test for your drivers license) before
> you are allowed to buy one, any schmuck/bozo/moron/whatever with an IQ
> under 80, but with the money, can go buy whatever they want.

I'm not sure the car analogy is good one because a properly designed computer
for the average user shouldn't be able to hurt anyone else no matter what the
user does.

> Or, even if
> they are almost a genius, but know nothing about computers, just that they
> want one because everyone else has one.

Perhaps they should have been supplied with one which is secure by default and
doesn't require detailed knowledge to keep it secure.
Instead they get an insecure operating system and some personal bloatware which
claims to make it more secure but is actually designed to do little more than
sell (make money).

This is not the user's fault and it is definitely not something which can be
solved with personal firewall software.

Jason

>
> And all we can do is to try to help if / when we can.
>
> > Jason
>
> --
> Never raise your hand against a child.
> It leaves your groin unprotected.

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 31-Aug-2006, "Jason Edwards" wrote:

> > > How would the average Windows user know how to correctly set up the
> > > rules
> >
> > Google?
>
> A minefield of incomprehensible information to the average Windows user
> if the subject is firewall configuration.

There is a lot, you do have to know how to narrow your search, but you are
assuming that the average Windows user is too dumb?
incomprehensible = too dumb
Your bias is showing.
Too lazy I would agree with.

> > Help files within the program?
>
> The last time I looked at the help in ZA it wasn't very helpful. As an
> example
> it would refer to a box for an IP address and say something like "In
> this box
> you enter an IP address".

Oh come on, what, is that the pop-up box you are talking about? When you
hover your mouse over the field? I meant the 'real' help files.
Besides, what more do you want it to say? If you had a question about
what is was going to _do_ with that ip address, you should have hovered
above or below where it said what that box was for (besides entering the
number). Are you being obtuse on purpose here or what? Bias peeking out
again?

> > Yes, I know 'most' or 'average'
> > users won't, but the answers aren't usually too hard to find, all the
> > software can do is make it as easily available as possible, without
> > shoving it in the face of a more advanced user.
>
> Why would personal firewall software want the user to understand it?
> If they understood it they might conclude that they don't need it.

I think almost all software would prefer that its user know how to use it
as fully as possible, I think your bias is peeking out yet again.

> > > and
> > > what would stop malware changing the rules? What would stop malware
> > > making other
> > > changes to the firewall or disabling it completely while making it
> > > look
> > > to the
> > > user like it's still working?
> >
> > I think checksums and maybe 'other' methods, hey, I am not the
> > programmers, I do not know _all_ the inner workings.
> > The obvious (to us) is to be careful and knowledgeable while surfing,
> > checking emails, etc., I'm sure the programmers do all they can, but
> > it
> > does indeed come down to the users behaviour online.
>
> You don't think that Microsoft should fix Internet Explorer then?

Entirely up to them. The only time I use it is for manual Windows
Updates.
Otherwise, I use Firefox.
Free enterprise in action.

> It is after all the major route that malware takes into a home Windows
> PC,
> particularly when Microsoft's implementation of Java is in use.

And I try to spread that as loudly as possible everywhere I can, to try to
persuade people to use any other alternative they like.
Firefox, Opera, there are quite a few 'good' browsers out there, I tell
people this every chance I get.

> > No matter if they
> > put brakes on a car, if you fall asleep at the wheel and don't hit
> > them,
> > you will hit that wall in front of you - same for surfing online even
> > with
> > a firewall, it is (supposed to be) subservient to the user, if they
> > don't
> > 'use' it correctly it really isn't the softwares 'fault'.
>
> Windows isn't to blame then?

Of course it is. It is why we need pf's.

> It's either the user's fault or incorrect
> use of the personal firewal.

Yep.
That's pretty much it in a nutshell.
Bad online habits and / or improper usage (allowing things before knowing
what they are).
Back to the car thing, do you blame the car when the driver is drunk?

> > >What would stop malware using
> > > communication
> > > channels which are not blocked by the firewall?
> >
> > Program permissions?
> >
> > > Why is the average personal
> > > firewall user not aware of these issues?
> >
> > Lack of specific education about it?
> > Whether it is the software coporation(s) that does not shout about any
> > possible deficiencies (is there any corp. that does?), or just the
> > user
> > not paying attention to what _is_ reported in the media.
>
> We sure don't hear Microsoft shouting about the deficiencies in Internet
> Explorer.

Not their job. Their job is to try to sell it to you.
That is Consumer Reports job. NY Times, PCWorld, PCMag, WSJ, your local
newspaper, etc. etc. etc.

> > > Why are groups like microsoft.public.security.* full of people who,
> > > in
> > > many
> > > cases, seem to already have personal firewall software but are still
> > > in
> > > a dazed
> > > and confused state about why their computer seems to be possessed?
> >
> > There are indeed people that should not use computers,
>
> Why? Why can't they have a computer which doesn't fill up with malware
> after a
> few weeks of use?

Because it is not the computer, per se, but the users behaviour in the
long run.

> > but until there is
> > some kind of test (like a drivers test for your drivers license)
> > before
> > you are allowed to buy one, any schmuck/bozo/moron/whatever with an IQ
> > under 80, but with the money, can go buy whatever they want.
>
> I'm not sure the car analogy is good one because a properly designed
> computer
> for the average user shouldn't be able to hurt anyone else no matter
> what the
> user does.

What utopia are you living in? I would really like to move there too!
If Joe six pack or Freddy the lawyer go surfing 'dodgy' sites, clicking
here, clicking there, open emails with no clue what is inside, download
the latest 'cool' p2p app, and otherwise do all the things 'we' know
better than to do, do you really think that the criminals won't get in
with your 'properly designed computer'?
Please, tell me where I can buy one or three of these!

And don't give me 'linux'. that would be untrue for the purposes and users
we are talking about here.
You have already said they can't even google.

> > Or, even if
> > they are almost a genius, but know nothing about computers, just that
> > they
> > want one because everyone else has one.
>
> Perhaps they should have been supplied with one which is secure by
> default and
> doesn't require detailed knowledge to keep it secure.

Where?
Where do I get one of these wonderful machines you keep talking about?
Quit with the fantasy already, we are trying to stay in the 'real' world
here, ok?

> Instead they get an insecure operating system and some personal
> bloatware which
> claims to make it more secure but is actually designed to do little more
> than
> sell (make money).

Yep, that is the way it is right now. So, we try to patch / fix / do what
we can about it.
Up to and including using a pf.

> This is not the user's fault and it is definitely not something which
> can be solved with personal firewall software.

I disagree.
I mean I know what you are trying to say about the bloatware Winblows and
all that, but that is what we have to deal with.
It is the users fault because we all do actually go out and give these
companies our good money for, as you say, 'insecure operating system'. If
your fantasy machine was available, I bet we would buy that instead, yes
indeed.
And, it is the users fault if he/she/it does not 'bother' to learn how to
use the program (pf) correctly. Is it a hammers fault if you hit your
thumb instead of the nail you are holding? No, it is the fault of the user
for improper 'usage' (aim, in this case).
Also, there is no 'solution', nothing will be 'solved' in this real world
we live in - in my or your lifetime in all probablity - so, with the OS we
have to deal with, proper security is an ongoing 'process', and at this
time pf's can help,

This has sure gotten long!
--
Don't Panic!

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 30-Aug-2006, "Thomas" wrote:

> who does really do this in real life?

Me. Am I truly _that_ unique?

> If you really want to "protect" your computer in a hands free and
> hassle free mode, buy a cheap NAT router. Although not designed as a
> security device, it will still do the job much better (and with less
> hassle) than a personal firewall.
>

We do at the office, where we have dsl. But still run pf's because I can
only trust my own 'wisdom', and must even sometimes allow clients to use
my computer (guest account of course) to access the internet (Firefox).
At home I am still on dial-up, do they make any routers that can handle
that? I would still use a pf, but that is just my paranoia over what was
pre-installed.

> > They are making these programs as intuitive as they can, I don't think
> > you can say that about OS's. :)
>
> Addressing security issues with intuition is not necessarily a good
> idea ;-)
>

True, but I hope you know I was referring to the 'gui aspect' there and
not the inner workings as such.

--
Never raise your hand against a child.
It leaves your groin unprotected.

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

"ArtDent" wrote in message
news:26MJg.3871$xQ1.10@newsread3.news.pas.earthlink.net...
>
> On 31-Aug-2006, "Jason Edwards" wrote:
>
> > > > How would the average Windows user know how to correctly set up the
> > > > rules
> > >
> > > Google?
> >
> > A minefield of incomprehensible information to the average Windows user
> > if the subject is firewall configuration.
>
> There is a lot, you do have to know how to narrow your search, but you are
> assuming that the average Windows user is too dumb?
> incomprehensible = too dumb

No, incomprehensible = information which does not associate with anything the
reader already knows and thus does not provide them with any additional insight,
even if it would provide such insight to a reader who already has suitable
existing knowledge.
This has nothing to do with being dumb.

> Your bias is showing.
> Too lazy I would agree with.
>
> > > Help files within the program?
> >
> > The last time I looked at the help in ZA it wasn't very helpful. As an
> > example
> > it would refer to a box for an IP address and say something like "In
> > this box
> > you enter an IP address".
>
> Oh come on, what, is that the pop-up box you are talking about?

No idea. It's been a long time since I last had a PC in front of me with ZA on
it.
I was going to put ZA on a PC today so I could give a clearer explanation of why
I think the built in help is useless, but I think that would be a waste of time.
The average Windows user does not understand the help in ZA so I can see no
reason why the vendor would wish to improve it.

> When you
> hover your mouse over the field? I meant the 'real' help files.
> Besides, what more do you want it to say? If you had a question about
> what is was going to _do_ with that ip address, you should have hovered
> above or below where it said what that box was for (besides entering the
> number). Are you being obtuse on purpose here or what? Bias peeking out
> again?
>
> > > Yes, I know 'most' or 'average'
> > > users won't, but the answers aren't usually too hard to find, all the
> > > software can do is make it as easily available as possible, without
> > > shoving it in the face of a more advanced user.
> >
> > Why would personal firewall software want the user to understand it?
> > If they understood it they might conclude that they don't need it.
>
> I think almost all software would prefer that its user know how to use it

I think that there is much software out there which is targeted at home Windows
users and which would prefer that they spend money on it rather than know how to
use it. Getting the user to know how to use it is less important because this is
secondary to persuading them to purchase it.

> as fully as possible, I think your bias is peeking out yet again.

What is this bias? Do you mean I'm biased against products which have only the
goal of sales instead of quality or usefulness? If so then ok I'm biased.

>
> > > > and
> > > > what would stop malware changing the rules? What would stop malware
> > > > making other
> > > > changes to the firewall or disabling it completely while making it
> > > > look
> > > > to the
> > > > user like it's still working?
> > >
> > > I think checksums and maybe 'other' methods, hey, I am not the
> > > programmers, I do not know _all_ the inner workings.
> > > The obvious (to us) is to be careful and knowledgeable while surfing,
> > > checking emails, etc., I'm sure the programmers do all they can, but
> > > it
> > > does indeed come down to the users behaviour online.
> >
> > You don't think that Microsoft should fix Internet Explorer then?
>
> Entirely up to them. The only time I use it is for manual Windows
> Updates.
> Otherwise, I use Firefox.
> Free enterprise in action.

So if there were only one major car manufacturer, and if the default
configuration of their products was so flawed that the engine fell to pieces
after a few weeks, you would not complain to the car manufacturer you would tell
car owners that it's up to the manufacturer whether these problems are fixed and
that owners should immediately fit a different make of engine?

>
> > It is after all the major route that malware takes into a home Windows
> > PC,
> > particularly when Microsoft's implementation of Java is in use.
>
> And I try to spread that as loudly as possible everywhere I can, to try to
> persuade people to use any other alternative they like.
> Firefox, Opera, there are quite a few 'good' browsers out there, I tell
> people this every chance I get.

No doubt these people never question why the manufacturer never fixed the
configuration of the existing engine.

I don't think there's any point responding to the rest of your points as you
appear to believe that it is Microsoft's job to sell products with a default
insecure configuration and the job of other people to fix it with additional
software. I don't think anything I can say will change that.

The fantasy computer described at the end of your post does exist in the real
world, at least in my real world. I have two computers at home running XP pro
SP2 in constant use by three teenagers and their friends. The only firewall on
them is the built in one. They do not have any other "protection" software and
they do not even have anti-virus software. Both are free of malware. Both use
Internet Explorer. I know it will not be possible for you to believe this.

I believe that the best way to control malware is to configure your
network/computers/procedures so that you never get it. The best way to deal with
it if you do get it at home is to spend a few minutes restoring a drive image.
Anyone who can correctly use a personal firewall can also do this but I don't
see many people telling home users to make a backup image of their computer. The
article I found on your favorite web site does contain advice on backing up to
an external drive.

Jason

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 1-Sep-2006, "Jason Edwards" wrote:

> I have two computers at home running XP pro
> SP2 in constant use by three teenagers and their friends. The only
> firewall on
> them is the built in one. They do not have any other "protection"
> software and
> they do not even have anti-virus software. Both are free of malware.

If you have no anti-virus software, how can you be so sure it is so clean?
Not that I am saying it necessarily isn't, just wondering how you would
know then.
These teenagers and their friends, would you say they are 'average'
computer users, like what we have been discussing? Or are they perhaps a
bit more knowledgeable than most?

> Both use
> Internet Explorer. I know it will not be possible for you to believe
> this.

I can believe it, just wondering why, when there are other 'better'
browsers available (some for free too).
You were the one complaining about it earlier.

> I believe that the best way to control malware is to configure your
> network/computers/procedures so that you never get it.

Tried to sneak that one in, eh? Procedures. So, the user _does_ matter.

>The best way to
> deal with
> it if you do get it at home is to spend a few minutes restoring a drive
> image.

Re-active instead of pro-active?
In the meantime, how much spam has the zombie spewed?

> Anyone who can correctly use a personal firewall can also do this but I
> don't
> see many people telling home users to make a backup image of their
> computer. The
> article I found on your favorite web site does contain advice on backing
> up to
> an external drive.

Not my 'favorite', just an example of one 'respectable' source that
advises using pf's.
--
Religion is the most malevolent of all mind viruses.
Arthur C. Clarke

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

ArtDent schrieb:

> On 30-Aug-2006, "Thomas" wrote:
>
> > who does really do this in real life?
>
> Me. Am I truly _that_ unique?

In this case I think yes.

> > If you really want to "protect" your computer in a hands free and
> > hassle free mode, buy a cheap NAT router. Although not designed as a
> > security device, it will still do the job much better (and with less
> > hassle) than a personal firewall.
> >
>
> We do at the office, where we have dsl. But still run pf's because I can
> only trust my own 'wisdom',

but a pf is somebody else=B4s wisdom....or somebody else=B4s stupidity,
depending on the implementation.

>and must even sometimes allow clients to use
> my computer (guest account of course) to access the internet (Firefox).
> At home I am still on dial-up, do they make any routers that can handle
> that?

AFAIK no. At least I don=B4t know any that support analogue dial-up.
Here in Europe we do have several that support ISDN (mostly as a backup
in case the dsl line dies).

>I would still use a pf, but that is just my paranoia over what was
> pre-installed.
>
> > > They are making these programs as intuitive as they can, I don't think
> > > you can say that about OS's. :)
> >
> > Addressing security issues with intuition is not necessarily a good
> > idea ;-)
> >
>
> True, but I hope you know I was referring to the 'gui aspect' there and
> not the inner workings as such.

Got it :-)

Regards
Thomas

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

"ArtDent" wrote in message
news:PwXJg.4414$bM.2977@newsread4.news.pas.earthlink.net...
>
> On 1-Sep-2006, "Jason Edwards" wrote:
>
> > I have two computers at home running XP pro
> > SP2 in constant use by three teenagers and their friends. The only
> > firewall on
> > them is the built in one. They do not have any other "protection"
> > software and
> > they do not even have anti-virus software. Both are free of malware.
>
> If you have no anti-virus software, how can you be so sure it is so clean?
> Not that I am saying it necessarily isn't, just wondering how you would
> know then.

How could a virus scanner be sure it was clean?
How do I know that the scanner knows about the virus?
What stops a virus modifying the scanner so that the virus is no longer
detected?
What stops a virus modifying the operating system so the scanner no longer sees
the virus?

There are many ways to be confident that it's clean and most of them can be done
by non-technical home users. Home users can easily recognise many kinds of
unusual activity such as unexpected popups or some other sudden change in
behaviour. Unexpected network traffic can also be detected by being familiar
with what the lights on a network switch mean. A sudden unexpected increase in
light flashing, particularly when the computer is not in use, will need to be
investigated. It's also not too difficult to use a site like
http://www.hijackthis.de/ and to call for assistance from someone else if
anything suspicious is found.
I sometimes boot from CD to run a real check but you can't expect home users to
do this unless a CD can be made which automatically downloads updates and runs
checks after booting.
I generally advise other home users to install a virus scanner.

> These teenagers and their friends, would you say they are 'average'
> computer users, like what we have been discussing? Or are they perhaps a
> bit more knowledgeable than most?

They have no technical interest in computers and would not be able to correctly
explain what's inside the box. They could also not be expected to understand
popups like "Do you want najort.exe to connect?" or "Should this network be in
the trusted zone?" This is one reason why I consider personal firewalls to be
nonsense. They are however way ahead of me when it comes to arty looking Word or
Power Point documents.

If they are more knowledgeable than most then it's only because they are aware
of why it's a very bad idea to allow everyone to use an administrator account
and to download and install anything they like whenever they like.

>
> > Both use
> > Internet Explorer. I know it will not be possible for you to believe
> > this.
>
> I can believe it, just wondering why, when there are other 'better'
> browsers available (some for free too).
> You were the one complaining about it earlier.

I do try to get people to use an alternative browser when possible.
I use Firefox myself.
Unfortunately I have found that Firefox is sometimes incompatible with teenage
home users for one reason or another so I decided that because their computers
are easy to restore from an image and because I think it's very unlikely that
the users will be affected by unpatched holes and because they have user not
administrator accounts I decided to allow use of Internet Explorer on these
particular PCs. I'm still waiting for Microsoft to finish fixing Internet
Explorer though. It's only taken them what? 11 years? so far.

>
> > I believe that the best way to control malware is to configure your
> > network/computers/procedures so that you never get it.
>
> Tried to sneak that one in, eh? Procedures. So, the user _does_ matter.

The user shouldn't matter, but in the case of a home Windows PC at present it is
advisable to have some knowledge of why it's a good idea to delete unexpected
email from people you don't know and why it's a bad idea to accept or click on
anything you're offered without thinking about what the motive of the site
offering it might be. These things are Microsoft's problem not the user's
problem. You can't expect users to have any technical knowledge at all. Most
people won't do it if the computer explains the possible consequences of
installing untrusted unknown software.

>
> >The best way to
> > deal with
> > it if you do get it at home is to spend a few minutes restoring a drive
> > image.
>
> Re-active instead of pro-active?

Well there's only been one incident so far which required it.
About six months ago one of the users was convinced the computer had a virus,
and not unreasonably because it was behaving very strangely. This turned out to
be because the drive had failed and Windows was in serious trouble trying to
find parts of itself.
You can decide for yourself whether that's re-active or pro-active. How many
times has your personal firewall bothered you with popups in the last 6 months?

> In the meantime, how much spam has the zombie spewed?

None at all, although I'm sure it would have tried.
I would rather the computer doesn't get any zombies, spam or otherwise, but even
if it did, and if it was able to send spam outside, would it really matter very
much if it only existed for a few hours before the drive was restored from an
image?

>
> > Anyone who can correctly use a personal firewall can also do this but I
> > don't
> > see many people telling home users to make a backup image of their
> > computer. The
> > article I found on your favorite web site does contain advice on backing
> > up to
> > an external drive.
>
> Not my 'favorite', just an example of one 'respectable' source that
> advises using pf's.

Ok :) Obviously they must have technically aware users who know how to answer
the personal firewall's popups. Either that or they forgot to consider use of
the personal firewall in the real world.

Jason

> --
> Religion is the most malevolent of all mind viruses.
> Arthur C. Clarke

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 1-Sep-2006, "Thomas" wrote:

> > At home I am still on dial-up, do they make any routers that can
> > handle that?
>
> AFAIK no. At least I don´t know any that support analogue dial-up.
> Here in Europe we do have several that support ISDN (mostly as a backup
> in case the dsl line dies).

I didn't think so either, I haven't heard or read about such a thing, and
I read quite a bit.

In this scenario at least - on dial-up, single machine - would you
recommend a pf?
I KNOW I would and do.

--
Nothing to see here, move along.

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

Jason, don't you hear your own contradictions?

> There are many ways to be confident that it's clean and most of them can
> be done
> by non-technical home users. Home users can easily recognise many kinds
> of
> unusual activity such as unexpected popups or some other sudden change
> in
> behaviour. Unexpected network traffic can also be detected by being
> familiar
> with what the lights on a network switch mean. A sudden unexpected
> increase in
> light flashing, particularly when the computer is not in use, will need
> to be
> investigated.

Non-technical indeed. Anybody would obviously know something was 'wrong'
if there were multiple pop-ups, but lights on a network switch? Come on!
If people did notice them, they would probably say "Oh, how pretty".

> It's also not too difficult to use a site like
> http://www.hijackthis.de/ and to call for assistance from someone else
> if
> anything suspicious is found.

This you say you want from people that you say can't google? More
contradiction.
Call for assistance? Not everone has you for a relative / friend, but
even if they do have their very own IT expert, you just want to get
something (help) for nothing then.

> If they are more knowledgeable than most then it's only because they are
> aware
> of why it's a very bad idea to allow everyone to use an administrator
> account
> and to download and install anything they like whenever they like.

Which is a little different from the people I thought we were talking
about, you snipped my Joe six pack and Freddy the lawyer out so nice.

> The user shouldn't matter, but in the case of a home Windows PC at
> present it is
> advisable to have some knowledge of why it's a good idea to delete
> unexpected
> email from people you don't know and why it's a bad idea to accept or
> click on
> anything you're offered without thinking about what the motive of the
> site
> offering it might be.

Total Contradiction.
BUT? Yes. No. What is it?

> These things are Microsoft's problem not the
> user's problem.

Excuse me? I thought we were talking about the user.
This is the bias I was talking about earlier, you don't seem to like
Windows.
That is totally understandable.
However, we are trying to go beyond that now, ok? We are supposed to be
discussing the user here and what they should or should not do, not whine
about things we don't like.

> You can't expect users to have any technical knowledge at all.

A line I can agree with (even if I do wish for that 'test' I was talking
about, way back when), if only you hadn't said earlier that they _should_
know at least some rudimentary 'rules' (don't open unknown email, don't
download everything, etc.)

> Most people won't do it if the computer explains the possible
> consequences of
> installing untrusted unknown software.

That is what a personal firewall does! You just want it built into the
operating system.
Well, IT AIN'T, so we add it ourselves.

--
I really like children, but don't think I could eat a whole one.

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

"ArtDent" wrote in message
news:ta5Kg.1614$v%4.845@newsread1.news.pas.earthlink.net...
> Jason, don't you hear your own contradictions?
>
> > There are many ways to be confident that it's clean and most of them can
> > be done
> > by non-technical home users. Home users can easily recognise many kinds
> > of
> > unusual activity such as unexpected popups or some other sudden change
> > in
> > behaviour. Unexpected network traffic can also be detected by being
> > familiar
> > with what the lights on a network switch mean. A sudden unexpected
> > increase in
> > light flashing, particularly when the computer is not in use, will need
> > to be
> > investigated.
>
> Non-technical indeed. Anybody would obviously know something was 'wrong'
> if there were multiple pop-ups, but lights on a network switch? Come on!
> If people did notice them, they would probably say "Oh, how pretty".

It's true that most people will fail to take note of this as a problem.
Many will have a look when they suspect something unusual may be happening.
They shouldn't have to do this, it's just that Windows PCs in their present form
make it a good idea.

>
> > It's also not too difficult to use a site like
> > http://www.hijackthis.de/ and to call for assistance from someone else
> > if
> > anything suspicious is found.
>
> This you say you want from people that you say can't google? More
> contradiction.

No because this is a procedure which can be learned and written down.
It does not require new research or technical knowledge of how it works.
And with a little effort Microsoft could have done something similar.
Why didn't they do that?
It is true that many people will have difficulty with such a procedure even if
written down clearly.

> Call for assistance? Not everone has you for a relative / friend, but
> even if they do have their very own IT expert, you just want to get
> something (help) for nothing then.

You don't need your own IT expert, you just need to be able to call one when
required.
You don't need a doctor in your home all the time, you just call one when
required.
Home Windows PCs in their present form are very ill by default and cannot be
cured by adding personal firewall software. This should not be the case and it
is not the user's fault.

>
> > If they are more knowledgeable than most then it's only because they are
> > aware
> > of why it's a very bad idea to allow everyone to use an administrator
> > account
> > and to download and install anything they like whenever they like.
>
> Which is a little different from the people I thought we were talking
> about, you snipped my Joe six pack and Freddy the lawyer out so nice.

So why aren't Microsoft and PC vendors explaining these things to new users?
Why do most users have no clue that user accounts even exist?
Why do most users have no clue about the consequences of downloading untrusted
unknown software and running it in an administrator account?
This does not require technical knowledge.
You don't have to know how a car works to know that driving it over a cliff
might have serious consequences.
You don't have to know how snake venom works to know that you might want to
steer clear of poisonous snakes. If you do want to work with poisonous snakes
then you're going to have to contain them in such a way that they cannot hurt
anyone but can still live as poisonous snakes.

>
> > The user shouldn't matter, but in the case of a home Windows PC at
> > present it is
> > advisable to have some knowledge of why it's a good idea to delete
> > unexpected
> > email from people you don't know and why it's a bad idea to accept or
> > click on
> > anything you're offered without thinking about what the motive of the
> > site
> > offering it might be.
>
> Total Contradiction.
> BUT? Yes. No. What is it?

I don't see a contradiction. No technical knowledge is required for the above.
You simply need to know that some things may lead to problems.
What I see is an explanation of why the average home Windows user is going to
quickly get into difficulty. This should not be the case but it will continue to
be the case until Microsoft do something about it.

>
> > These things are Microsoft's problem not the
> > user's problem.
>
> Excuse me? I thought we were talking about the user.
> This is the bias I was talking about earlier, you don't seem to like
> Windows.

Why should I like a product which expects a non-technical user to be able to set
it up and use it safely on an untrusted network with no help or education
whatsoever? and I don't mean technical education.
Why should I like a product which was never designed for use on an untrusted
network but is sold as though even the cat can set it up and use it safely at
home.
Why should I like a product that my home users have to have because all their
friends have it because all their friends have it but which is so badly designed
it's not fit for use by non-technical home users without help from someone with
technical knowledge. It's not like they get help or advice out of the box. All
they get for instructions is how to connect the parts together and turn it on.
If you want to supply something like this then it has to be secure without
requiring the user to know how to keep it secure. This is Microsoft's problem
not the user's problem. Expecting this problem to be solved by adding personal
firewall software which asks incomprehensible technical questions is just plain
ridiculous.

> That is totally understandable.

Ah so I am getting somewhere then.
I was beginning to think this was a waste of time.

> However, we are trying to go beyond that now, ok?

Ok.

> We are supposed to be
> discussing the user here and what they should or should not do, not whine
> about things we don't like.

Users can be educated in what they should or should not do without needing to
have a clue how the computer works or how networking works. At present they need
more education in this than they should need.
It's a bit like selling people a car which requires detailed knowledge of how
the steering system works or how the engine works in order to be able to keep it
safely on the road.
Your theory appears to be that this problem can be solved by installing personal
firewall software which asks the driver questions like "The left wheel is
requesting a 30 degree move to the left, do you want to allow this?" or imagine
night driving on the highway. "Incoming lights from another car have been
detected. Do you want to let us be seen or use the cloaking device so that no
photons are returned? Oh and I've helpfully looked up the license plate and have
a name and address for you, I'm sure you'll find this list of 2000 people very
useful, after all it makes it look like I'm doing something useful, don't forget
to renew your subscription to me."

>
> > You can't expect users to have any technical knowledge at all.
>
> A line I can agree with (even if I do wish for that 'test' I was talking
> about, way back when), if only you hadn't said earlier that they _should_
> know at least some rudimentary 'rules' (don't open unknown email, don't
> download everything, etc.)

Tests are not as necessary as education, and I don't mean technical education.
Rules about opening unknown email should not be necessary and they were not
necesary until Microsoft decided that it would be an excellent idea to allow
users to send executable files to each other by email and have the code execute
as soon as the user (with an administrator account) reads the message.
How many users do you know who need this?
I never send executable code by email at all.

Your theory seems to be that a personal firewall should be installed so that
when a user with an administrator account who doesn't know about the dangers of
accepting any download from anywhere executes untrusted code, the personal
firewall will make the user aware that this code is attempting network
communication. I say LOL LOL LOL LOL.

>
> > Most people won't do it if the computer explains the possible
> > consequences of
> > installing untrusted unknown software.
>
> That is what a personal firewall does!

Sorry no. In any case the explanation should really be given before the user
starts to use the computer. I've yet to see a personal firewall attempt to
explain anything in a way that a new user with no technical knowledge can
understand. Show me a personal firewall which can be understood with no
knowledge of TCP/IP.
Personal firewall vendors don't, in my opinion, want their users to have too
much real knowledge. A user with real knowledge will fix windows without needing
personal firewall software. A user without real knowledge will get into a mess
when they install personal firewall software which they can't possibly
understand.

> You just want it built into the
> operating system.

Anything built into the operating system should not bother the user with stupid
popup technical questions. You seem to have conveniently ignored the point that
asking the user technical questions like "do you want kfrhsy32.exe to use
internet explorer to send data to the internet" is ridiculous.
Would you be impressed if your brain were constantly asking you questions like
"The gall bladder is attempting to send bile to the intestine. Do you want to
allow this?"
You expect your body to deal with this without bothering you and without
requiring you to know how the gall bladder works or even why you have one, no?

> Well, IT AIN'T, so we add it ourselves.

I was right when I said you would not be able to believe that the two PCs I
described have never had any malware problem without personal firewall software
and also without anti-virus software. And they have none-technical users. I
don't spend my time constantly removing viruses or spyware, I simply set things
up so that when combined with a little non-technical user knowledge the
computers run for years with no malware trouble.
Adding personal firewall software to these PCs would be ridiculous but I do see
many people crippling their home PCs by doing this.

If you wish to install personal firewall software then go ahead, I'm not going
to tell you what you should do with your own computer. I will however give
advice if requested and that advice won't include software which expects users
to answer technical questions.

Jason

>
> --
> I really like children, but don't think I could eat a whole one.

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 2-Sep-2006, "Jason Edwards" wrote:

> No technical knowledge is required for the above.
> You simply need to know that...

And you say you are not contradicting yourself?
No knowledge is required BUT you simply need to know...?
If that is not a contradiction then the moon is made of green cheese.
This is _exactly_ what I am trying to say, you seem to want it both ways
at once, and that is just not possible.
And don't give me your complaint 'It should be', it is _not possible_.
If one, then can not be the other.
Logic.

> the explanation should really be given before the user
> starts to use the computer

Sigh.
Yes.
But, in the cases I am _trying_ to talk about this is not happening, for
_whatever_ reason(s).
Quit bashing MS and come down to the real world.
Wait, I got it, I will do it for you!
Yes, MS sucks when it comes to security.
You want people to know this. I want people to know this.
We both _want_ people to know more about the proper 'procedures' when
online.
However, I am trying to deal with / help the people that don't or won't.
Can _you_ understand _that_?

Yes, yes, pf pop-up questions can be esoteric to say the least.
But, it is better than if it was not there at all.
Yes, I seem to perhaps be contradicting myself here, talking about
unknowledgeable people trying to deal with such things.
But, I must repeat myself here, it is better than if it was not there at
all.
--
Don't Panic!

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

"ArtDent" wrote in message
news:B4jKg.1993$v%4.1083@newsread1.news.pas.earthlink.net...
>
> On 2-Sep-2006, "Jason Edwards" wrote:
>
> > No technical knowledge is required for the above.
> > You simply need to know that...
>
> And you say you are not contradicting yourself?
> No knowledge is required BUT you simply need to know...?

You seem to have missed the word "technical".
No knowledge of the engine is required to drive a car and you do not need to
supervise engine operation as you go. You do however need to understand what may
happen if you go the wrong way down a one-way street.
Personal firewalls require the user to have knowledge of engine operation. This
is one (but not the only) reason why they are useless.

> If that is not a contradiction then the moon is made of green cheese.
> This is _exactly_ what I am trying to say, you seem to want it both ways
> at once, and that is just not possible.
> And don't give me your complaint 'It should be', it is _not possible_.
> If one, then can not be the other.
> Logic.
>
> > the explanation should really be given before the user
> > starts to use the computer
>
> Sigh.
> Yes.
> But, in the cases I am _trying_ to talk about this is not happening, for
> _whatever_ reason(s).

Personal firewalls will do nothing here because they require technical knowledge
which the user doesn't have.

> Quit bashing MS and come down to the real world.
> Wait, I got it, I will do it for you!
> Yes, MS sucks when it comes to security.
> You want people to know this. I want people to know this.
> We both _want_ people to know more about the proper 'procedures' when
> online.
> However, I am trying to deal with / help the people that don't or won't.
> Can _you_ understand _that_?

I don't see anything wrong with that but personal firewalls aren't going to help
them.
If I thought that personal firewalls would help users I'd have them on my own
computers.
If you want to help users then set them up in such a way that they won't be
bothered with technical questions they can't respond to.

>
> Yes, yes, pf pop-up questions can be esoteric to say the least.
> But, it is better than if it was not there at all.

You're back to the technical knowledge problem again.
Because they have no technical knowledge (and we seem to agree that they can't
be expected to have any) users get into a mess with personal firewalls. This is
what started this thread.
Why is it better that the OP should be denied network access because he doesn't
have the technical skill to figure out how to get ZA to allow it? Why is that
better??

> Yes, I seem to perhaps be contradicting myself here, talking about
> unknowledgeable people trying to deal with such things.

Well then just accept that you'll never get unknowledgeable people to cope with
personal firewall software and quit insisting that they use it.

> But, I must repeat myself here, it is better than if it was not there at
> all.

In that case you are repeating that the OP is better off with no network access
because he didn't have the technical skill required to configure ZA to allow it.

Jason

> --
> Don't Panic!

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

On 2-Sep-2006, "Jason Edwards" wrote:

> You do however need to understand what may
> happen if you go the wrong way down a one-way street.

They don't.
They click here click there, that is what I am saying.


> Personal firewalls will do nothing here because they require technical
> knowledge which the user doesn't have.

No, they don't.
To _truly_ understand some of their messages it may, but that is when they
come here or go to google or the pf's forums for answers. Or call you.
But to install and run in default mode does not require any more
'technical' knowledge than installing most other programs.

> Why is it better that the OP should be denied network access because he
> doesn't
> have the technical skill to figure out how to get ZA to allow it? Why is
> that better??

Which is why the OP came here, to get 'help'. That is a 'good' thing.
And people that just go off and talk about 'other' things, like how he
shouldn't be needing / using it in the first place are certainly not
'helping' him with his current problem. Now, suggestions how to learn
enough to _eventually_ know that he/she does not need one are fine, but
that should be in addition to at least trying to help with the problem
they have _now_.
I don't think we shall ever agree on this, this seems to be an issue that
people's opinions are set in cement and can / will never change.
All I can say in my defense is that I have been using computers for over
30 years, (yes, since the early 1970's) and have watched them and their
software evolve over all this time. Along with the maliciousness of the
criminal element.
And my belief is that an extra layer of protection is 'good'.

--
We apologize for the inconvenience.

Re: Zone Alarm (free addition) and Netscape dialup accelerater.

"ArtDent" wrote in message
news:PWkKg.2032$v%4.955@newsread1.news.pas.earthlink.net...
>
> On 2-Sep-2006, "Jason Edwards" wrote:
>
> > You do however need to understand what may
> > happen if you go the wrong way down a one-way street.
>
> They don't.
> They click here click there, that is what I am saying.
>
>
> > Personal firewalls will do nothing here because they require technical
> > knowledge which the user doesn't have.
>
> No, they don't.
> To _truly_ understand some of their messages it may, but that is when they
> come here or go to google or the pf's forums for answers. Or call you.
> But to install and run in default mode does not require any more
> 'technical' knowledge than installing most other programs.

It does give a false sense of security though.
Malware which is evil enough will simply walk over the personal firewall without
the user knowing anything about it.

>
> > Why is it better that the OP should be denied network access because he
> > doesn't
> > have the technical skill to figure out how to get ZA to allow it? Why is
> > that better??
>
> Which is why the OP came here, to get 'help'. That is a 'good' thing.
> And people that just go off and talk about 'other' things, like how he
> shouldn't be needing / using it in the first place are certainly not
> 'helping' him with his current problem.

Sure they are because if he hadn't installed it then he wouldn't have his
current problem.
He has come here to get help for a problem he inflicted on himself by installing
software he doesn't understand.

> Now, suggestions how to learn
> enough to _eventually_ know that he/she does not need one are fine, but
> that should be in addition to at least trying to help with the problem
> they have _now_.
> I don't think we shall ever agree on this, this seems to be an issue that
> people's opinions are set in cement and can / will never change.

Yes that does happen. Also if you've spent years advising people to use personal
firewall software it's not going to be easy to suddenly start telling them why
they don't need it.

> All I can say in my defense is that I have been using computers for over
> 30 years, (yes, since the early 1970's) and have watched them and their
> software evolve over all this time. Along with the maliciousness of the
> criminal element.
> And my belief is that an extra layer of protection is 'good'.

It may be good for you because you have 30 years experience to draw on and so if
a personal firewall said something like dfgoshsd.exe is trying to access the
internet you would instantly take the computer off the network and deal with it.
Put yourself in the position of the new Windows user with 0 years experience.

It is my belief that this extra layer of protection would be good if it worked
but I believe it is imaginary and leads non-technical users into a false sense
of security.
I don't like to see computers taken over by criminals either but that isn't
going to stop until an operating system is in widespread use at home which
doesn't lend itself to easy take-over by criminals.
I have never seen a personal firewall help an unknowledgeable user. I have seen
many cases where it caused problems which were not there before it was
installed.
I _have_ seen virus scanners help an unknowledgeable user by preventing download
of malware but this is not a completely reliable solution because the scanner
may not know about the malware.

I believe that the problem of malware on home Windows PCs is Microsoft's problem
and cannot be solved by adding personal firewall software.

Until Microsoft fix these problems home users would be well advised to install a
virus scanner.
http://www.eset.com/ seems to work well without bothering the user too much.

Jason

>
> --
> We apologize for the inconvenience.