You certainly have a right to that opinion, but I wanted to point
out that most of us here disagree with you completely.
Sure. I don't deny it. Usually when I give this speech, I throw in the
caveat that many people, including people like you whose opinions I greatly
respect, disagree with me. This time I simply forgot to do it.
Not only that, but Microsoft also disagrees with you. Read
http://www.microsoft.com/athome/security/protect/firewall.mspx
which includes the following:
"Q. Should I use a non-Microsoft personal firewall instead
of the built-in Internet Connection Firewall?
A. If you already have a non-Microsoft firewall on your
computer, you should continue to use it. If you do not have a
firewall, then you have a choice. If you want a simple firewall
that is very easy to configure, then you should use the Windows
XP Internet Connection Firewall. If you want more advanced
control over the traffic that passes through your computer and
you also want to block outgoing traffic (that is the traffic from
your computer out to the Internet) then choose a personal
firewall from another company."
I could respond, in hypertechnical fashion, that this blurb refers to ICF,
not the (much improved) Windows firewall. But despite the first sentence, it
is unclear to me what it is really saying because the user always has the
choice to uninstall the third party firewall -- which then puts him in the
same position as the person who must choose between one or the other (which
is what the rest of the blurb addresses).
Why would Microsoft do this? My guess is that there are separate problems
that are likely to come up if the user uninstalls a third party firewall that
don't exist if the firewall was never installed in the first place. I have
experienced some of these problems myself, especially with Zone Alarm
(admittedly a very popular choice, but one that, for some reason, always
seems to constipate my system), and we can read about the problems others
have experienced right here in these newsgroups. So of course it would make
sense for Microsoft to advise a person who is already using a third party
firewall to keep using it and thereby avoid these types of problems.
But leaving all this aside, I completely agree with the rest of what
Microsoft wrote, even if you substitute the (improved) Windows Firewall for
ICF. However, I have no desire or need to monitor outgoing communications or
otherwise take "more advanced control" (or what I would call using additional
bells and whistles). I use other software and related security measures to
keep crudware off my system in the first place, and otherwise I don't want
anything obstructing legitimate outbound communications even long enough to
bother me to make decisions on which legitimate communications I should block
when the answer will almost always be "none." I would rather have the
simpler firewall that is much easier to configure -- and which has never
caused me a single problem or security breach going all the way back to the
day Microsoft introduced XP in 2001. I agree that others may prefer the
"more advanced" features. I'm simply not one of them.
I can never know with 100 percent certainty. I also don't know with 100
percent certainty that I won't be killed in an automobile accident the next
time I drive to work, but this uncertainty will not stop me from ever again
driving to work. I do know with pretty much 100 percent certainty when
something is wrong with my computer or with someone else's computer,
including the signs of crudware. I don't need a third party firewall to tell
me that something is wrong.
I have a lock on my front door, and no burglar
has ever broken in. Does that mean I am "secure enough"? How do I
know that tomorrow a more skilled burglar won't come along and
pick my lock?
Well, I can also increase the number of locks on the door, install an
electric fence, get some guard dogs, booby-trap my front yard, etc. But at
some point the law of diminishing returns kicks in. The locks and electric
fence costs money, the guard dogs need to be feed and then they mess up your
yard, booby traps can also injure young children, etc., etc.
So I were given the opportunity to easily install a better lock,
and one that cost me nothing, I would take it. I may protect me
against that better burglar, or he may never come along and it
may not. But I don't care. There's no downside to enhancing my
security for free, whether or not it turns out that it's
necessary.
Even with the best of third party firewalls, there is some downside. There
may be compatibility issues (especially as Microsoft continues to update
Windows), they may sometimes make mistakes in deciding which outbound
communications to block, there is a small hit on resources and memory, these
programs have to be maintained and updated from time to time, etc.
Ken