Archived from groups: comp.security.firewalls (
More info?)
Charles Newman <charlesnewman1@comcast.spamshield.net> wrote:
> Well, I know that Tiny, which is no longer free,
> is featuring, in its latest version, the ability to have
> filtering rules by user. Tiny Personal Firewall
> Professional, at $99, is the first firewall ever made,
> hardware or software, that can create filteirng rules,
> by user name. This is where Tiny will gain an edge
> over hardware firewalls. No other firewall in the
> world can filter by user name.
What is untrue of course. With the packet filters of every BSD or Linux
you can easily script that. Even with the ICF and Windows and three or
four lines of script you can do that.
Beside the fact, that this is not sensible, because filtering should not
be influenced by user usually. This is a concept flaw in most cases.
Tiny "Personal Firewall" does not filter all network servers in the
standard configuration. This makes Tiny unusable for Joe Average.
Tiny cannot prevent spyware from sending your personal information
across the Internet; it failed in our tests together with the rest of the
"Personal Firewalls".
Tiny does not make a PC "invisible" or "stealth" in the Internet, as
this is not possible at all.
And:
Tiny "Personal Firewall" installs SYSTEM-Services, which open
windows.
This is a gross error, because this breaches security. Tiny show here,
that they never read Microsoft's design guidlines for system services:
http://msdn.microsoft.com/library/en-us/dllproc/base/interactive_services.asp#security_considerations_for_interactive_services
For a software, which should enhance security, this design flow means the
declaration of bankruptcy.
Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"