|
Posted by Straight Talk on July 30, 2007, 12:46 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>Straight Talk wrote:
>> wrote:
>>
>>
>>>If you know how to internally stop the Sysinternal Help utilities from
>>>calling home please post your findings here.
>>
>>
>> It's not the app itself "phoning home".
>
>Yes it is.
No. It's windows. And I provided you with a way to stop it.
>If you use the help utility it calls an Akamai server. I
>know why it's doing it
So, why is it doing it?
>and I am not saying that it is necessarily good
>or bad.
Hmm. If you don't consider it bad, what's the whole fuss?
>The example was used to demonstrate that there *are* things
>making outbound connections without users being aware.
Of course. The net is a resource like anything else. Soon you will see
app's taking advantage of online services just like if they were a
part of the app itself.
>If the applications that we think of as "tame" are doing it you can be sure
>that other not so tame applications may also be doing it.
Your point being?
>> Clearing the
>> CodeBaseSearchPath key in the registry (Internet Settings) probably
>> does the job. But maybe it's not such a good idea after all.
>>
>> Anyway, if you had taken the time to packet sniff the "phoning home"
>> instead of letting your PFW drive you paranoid, you would probably
>> have realized that it's no big deal and that this big scary MS thingy
>> isn't really spying on you.
>
>Once again, I know what it is doing
That wasn't my impression.
>and I am not saying that anyone is spying, that is not the point.
Then what was your point of going "are you aware that sysinternals
utilities phone home"?
>The point is that Microsoft and many
>others are consistently saying that monitoring outbound connection is a
>useless firewall feature for *any* reason.
That's actually not what they are saying. Do some more research.
> I disagree with that. All good firewalls have outbound connection
>monitoring available, the Microsoft XP firewall doesn't.
*sigh*
>When users made mention of this, or if
>they asked why it wasn't available, the response from Microsoft and its
>fans was to embark on a campaign of discrediting all firewalls that do
>outbound monitoring and to claim the feature as absolutely useless.
>When that tactic failed they then decided that anyone who even suggests
>that the firewall should do outbound monitoring should be immediately
>clobbered, it may keep some people quiet but it won't keep me quiet.
>Microsoft customers spoke and asked a valid question. Instead of
>Microsoft saying something as simple as: "We have received requests for
>this feature and are investigating the possibility of including it in a
>future update", they decided that it was best to kill the messengers
>and to proclaim their firewall as superior to all others.
More *sigh*
>>>I would also like to hear your advice and solutions as to port monitoring
>>>and outbound traffic in general on Windows operating systems.
>>
>>
>> App's like CurrPorts and WireShark come to mind.
>
>Brilliant. Give that to novice users.
BS argument. A novice user with no basic networking knowledge isn't
able to properly configure any packet filter whatsoever.
>Instead of having the firewall do what firewalls usually do
What exactly do *real* firewalls usually do? They definitely *don't*
run on an insecure platform together with all kinds of other stuff
under the control of a clueless user with unrestricted rights!!
Calling PFW's firewalls in the first place is an insult to real
firewalls. They are host based packet filters.
>have the users dig about and find utilities
>on their own to do the job!
One can't "get the job done" until one understands it. That's why
novice users should stick to the windows firewall. It's on by default,
it works, and it requires no further action - which is about the
maximum you can expect from a novice user.
>And for your information you don't have to
>go out of the Microsoft stable to find port monitoring tools.
I know that perfectly well. I just mentioned some of my favorites.
>>>Should users follow your advice and ignore all outbound traffic?
>>
>>
>> Users should think twice before installing all kinds of stuff. And
>> they should not let PFW's drive them paranoid. Problem is, neither the
>> PFW nor the user understands what's happening. I've seen users freak
>> out about app's "phoning home" to IP address 127.0.0.1
>
>More BS. There are all kinds of computer users and computer users do
>all kinds of things. Good firewalls know what is going on
Now, THAT is BS, right there. These firewalls have, for obvious
reasons, NO idea what's going on, which is why they have to ask the
user.
>and most seasoned users know what the loopback address is.
But novice users don't. The fact that PFW's even provide pop-up
messages about the loopback interface shows the developers lack of
competence.
>The simple fact that the extra ability to detect outbound connections can be a
useful
>firewall feature is something that guys like you are insisting on
>denying.
Wrong. You simply fail to get the big picture.
>You are on a campaign to discredit this as a useful feature,
>but you offer no simple, easy way or alternative for users to even have
>basic outbound connection monitoring.
If so, you and your PFW followers are on a campaign of making clueless
users believe in hype and astrology-like pseudo security.
>> However, there won't be much inter netting without allowing outbound
>> traffic.
>
>No there won't be. But that doesn't mean that everything installed on a
>computer should be calling out and it doesn't mean that firewalls that
>help identifying those "call home" utilities are bad, useless firewalls!
Depends. If it provides a false sense of security, it's very bad. If
it's misconfigured by clueless users, it's very bad. If it interferes
with what the user is trying to achieve, and the user doesn't
understand why, it's very bad. Since it mostly doesn't mean more to
users than that they will temporarily switch it off if something
doesn't work, it's very bad. If it adds further vulnerabilities to a
system, it's very very bad.
> If that is the case then why would Microsoft include such a useless
>feature in its newest flagship operating system?
They have already explained why. You need to catch up.
>And then insist that it is useless for XP users?
Could it be that Vista provides a slightly better foundation for doing
so?
| 
XML site map