TheMindwareGroup: > Programs can automatically add themselves to the windows firewall > found some code that does it here:- > > http://msdn.microsoft.com/en-us/library/windows/desktop/aa366421%28v=vs.85%29.aspx > > Making useless against attacks from the inside.
It has already been said, that firewalls by concept won't work against attacks from the inside since there are too many ways to circumvent firewalls. In my opinion, Windows personal firewalls attempting to filter outgoing traffic are only cash cows. Good marketing. No sensible security concept. Let's imagine for a moment someone wrote an Open Source Personal Firewall (application level firewall) for Windows. Now someone writes proof of concept code on how to circumvent that firewall. A new bug against that firewall gets opened. But... The bug can not be fixed due to limitations in Windows API and architecture. And since Windows isn't Open Source and Microsoft doesn't care about strong security, the underlying problem can not be solved. The bug persists, no chance of ever getting fixed. See also: https://en.wikipedia.org/wiki/Application_firewall Thinking about it some more... An application level firewall is similar to an attempt to create a generic AppArmor. An application similar to AppArmor, that doesn't need profiles, because it somehow understands all applications it's designed to confine. We don't even have this in the Linux world were source codes are available. Forget about even thinking about implementing this for Windows. If you are interested in innovative security technologies, look into Linux, AppArmor, grsecurty, Qubes OS, etc. You could have a lot fun writing profiles, which restrict everything but white listed things. Windows is in this regard too limited. That's also why what you are asking for doesn't exist and why no one is working on it. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
