A firewall prevents things from coming into your computer without being invited, it lets you reach the Internet without the Internet reaching you. But what happens when you reach the Internet? You've gone out through your firewall, and can pull something bad back with you.
Now this used to be really hard. In Ancient Days (back around 2003 or so), code was code and data was data. Code was suspect, but data was fine, so everything was cool if whatever you pulled back wasn't a program. Nowadays, data often contains executable code. Flash, Quicktime, PDFs, even pictures (Jpegs have been a vector for malware).
This is why you need to keep your applications up to date. You may think that you're reaching out through your firewall to pull down a harmless Youtube video (the current Saturday Redneck, perhaps), when you're in fact inviting a bunch of spyware to the party. Your properly configured firewall, in other words, is basically a Maginot Line:
Fortunately, it's becoming pretty easy to keep your apps patched. You'll typically get a popup message from the app, along the lines of "A new version of FooApp is available. Do you want to get it?" Firefox is even better, telling you that there's an important security update.Say yes.
As an example, there's a new Adobe PDF Reader security patch available. PDF is just data, right? Not any more.
Check your firewall every month or two, let your apps patch themselves when they ask you, and remember the two simple rules for safer browsing, and you've gone a decent way towards much better security.
This applies to Mac and Linux fanboys, too.
3 comments:
I'm running ZoneAlarm but its most recent update (v8.0.059.000) has weirdness that is fu-baring my access to eBay and stymies Photoshop.
I have to turn it off to get Photoshop (v7.0.1) to even run, unless there's a way to get Photoshop to stop communicating back to Adobe.
I never use InternteExploder and always use Firefox - including PayPal transactions that are limited to a "holding-tank" bank account with very limited resources in it.
I heard about Opera but haven't used it, I'm downloading it now...
ZoneAlarm should be fine if you have dial-up, but if you have Cable, DSL, or Fiber ("always on"), then I really like having the firewall software turned on in your Internet Gateway.
Also, security should be turned on in WiFi. I probably need to post on this, too.
Opera isn't perfect, but you're a lot smaller target using it for financial transactions.
ZoneAlarm is used with DSl - the router hub is connected to a Linksys wi-fi redistributor with security too...I set it up to defeat incursions. I hope. I preferred the hardware firewall on my earlier 2-Wire system but the wife gets free DSL for work so we had to change-up.
Post a Comment