what.com.es/next

According to Wikipedia, a firewall is an information technology security device whose basic task is to control traffic between computer networks with different zones of trust.

By definition, network traffic is bidirectional which means that your personal firewall should protect your private home network from both, inbound traffic and outbound traffic. Whereas the former type of traffic has been generally thought to be a potential danger since the Internet was born, the latter one had not been considered a real danger until the proliferation of malware during the last few years. Right now outbound traffic have become a real danger.

Nevertheless while this seems obvious for everybody it looks like Microsoft disagrees. Windows XP’s built-in firewall, the current most-extended personal firewall, has no protection at all for outbound traffic giving users a false sense of security.

It was expected to be solved in brand-new Windows Vista as Microsoft states that new Vista’s firewall is now two-way. And it is true, but a closer look at the way it works reveals a particular way to understand security. By default, most firewalls, the good ones, allow no outbound connection unless explicitly authorized by the user, usually presenting a convenient wizard to program a particular rule the first time an application tries to connect to the Internet.

On the other hand, Windows Vista’s firewall by default allows all outbound connection until a rule is explicitly created to deny it by the user. Even worse, configuring these rules is no piece of cake at all. What does Microsoft say about this decision? Well, according to Matt Parreta, a spokesperson for Microsoft’s PR agency, they think that having to walk through the many wizard-driven pop-ups that would occur shortly after the first time Vista gets installed would be a poor out-of-the-box experience.

A false sense of security again, this time in the name of a “better user experience”. What comes next? Only time will tell.