More on personal firewalls

I wrote recently about some of the challenges faced by personal firewalls and the state of desktop security in general.  Perhaps following my lead (okay, more likely, perhaps not), Slashdot just picked up on a Mail & Guardian article that tries to address the issue of why personal firewalls are leaky.  I can't say I agree with the article's theme, which seems to roughly be "browsers are vulnerable, so personal firewalls are worthless," but the author does raise an interesting point about malware hijacking trusted applications such as web browsers to send out your supposedly private data.

While browsers are indeed a "soft" point when it comes to the security of your PC, this does not mean that other aspect of good PC security hygene should be ignored.  I would go as far as to say that I believe the author of this article does his readers a disservice by essentially recommending against the widely accepted defense in depth strategy of employing multiple means of information security security on a single PC in order to mitigate the possibility that one or more may be compromised.

A properly configured PC firewall can even help you browser be safer.  For example, one of the technologies I worked on in the past was a system to use the child-parent process chain to ensure an application attempting network access was itself launched by a trusted appliation and that that application was also launched by a trusted application, etc., etc. all the way down to the kernel.  This type of protection derails a whole category of malware that uses trusted applications, such as a browser or email application, to do it's network bidding.

Comments

• Anonymous
  August 25, 2006
  I am a bit confused. The author does start off implying that defense in depth is useful.
  
  "That level of safety requires a combination of several protective measures."
  
  But then goes on to say the equivalent of, "Since almost all automobile accidents are caused by collisions, it is obvious that brakes are extraneous. Car owners should instead practice good defensive driving skills."
  
  I have never read anything else by the author. I don't know if they are just confused or ignorant, but the article, IMNSHO, will do more harm than what little good it might randomly provide.
  
  Personal firewalls, and keeping applications up to date serve two different purposes. They are two separate layers of a defense in depth. Their whole is greater than the sum of its parts.
• Anonymous
  September 30, 2006
  Now i want to research,and If possible,to implement a similar project on Mobile.How do you think about?
• Anonymous
  October 01, 2006
  The comment has been removed