Evil Marge said:I don't think there is a best one as we all have different opinions :laugh:
The US Government Law Enforcement agencies now insist that all firewalls, software and hardware, allow access to bypass them inbound. The firewall manufacturers are obliged to supply a "key" to this effect. Britain, among other countries, has given in to this request.
The Patriot Act gives the US Government the right to plant "spyware" in anybody's computer. This can be easily checked by reading the new Spyware Act, which specifically exempts the Law Enforcement Agencies from this Law, and specifically for this purpose.
Also, I am led to believe, and have no reason to doubt, that the US Government has a type of spyware that sits on another site, and by means of the "key" can leach information from any computer without actually being resident, and therefore remains undetectable.
If you ask any of the main FW manufacturers if any of this is true, which I have done, they absolutely refuse to reply. No specific denials, just no reply.
I was involved, for a short time, with a well known hardware firewall manufacturer, and I was able to get unofficial confirmation of my suspicions.
A thorough reading of the new US Spyware Law, however, shows quite clearly that this ability exists, as it is given total and specific exemption from the law.
Windows, and particularly SP2, is created to facilitate investigations by US Law Enforcement Agencies and the main "tool" it provides is Generic Host Process 32 for Windows.
Many Firewalls, and Windows itself, phone home via GHP to the extent that examination of a log reveals they chat continually throughout the duration of any connection. I am told the information they send is filtered by computers looking for key words that will automatically flag the user for further investigation.
I accept that there is a need to police the internet. However, I also believe in privacy. The new breed of firewall and Windows SP2 do an excellent job of protecting us in the internet, but who is protecting us from them?
I would like to see some honesty from the firewall manufacturers, and also from Microsoft. My specific questions to Microsoft on GHP have produced pathetic answers. I have addressed the same specific questions to certain FW manufacturers, and they either do not respond or they give very nebulous replies. If I produced a product and somebody questioned its integrity, I would happy make a public statement denying the allegations.
The British police have happily gone along with the US requirements, but as yet the British law doesn't allow the police to "tap" somebody's computer without a Court Order.... so they ask the US agencies to do it for them where they feel they have need. However, they are currently applying to change the law to allow this, and other activities. The application they have submitted clearly states that they want similar abilities to those given in the US Patriot Act. All this can be verified, as laws are in the public domain.
What happens if a law enforcement officer reveals to a friend the methods used?
There are many discussion groups in the internet who discuss this type of issue. Many of them just love conspiracy theories. However, careful reading of security laws brought out in the last couple of years make it quite clear what the police can do, and what more they want to do.
The key is in Generic Host Process for Windows and to a smaller extent in other similar applications that make connection difficult if not granted the permissions they seek.
GHP and similar applications are not able to be controlled by any other firewall apart from allow or disallow. Outpost gives the ability to control every aspect of how GHP communicates. I like it. I just wish my computer would operate without GHP. I am considering moving to a Linux based OS..
I have thoroughly tried out all the firewalls mentioned in the article. I used to use ZAPro, but ceased to do so after careful examination of version 5, which like nearly all commercial firewalls currently available, conforms to the US Patriot Law (you can work the rest out). I was a guru in the ZA Forum, and my knowledge of the product is extensive. Having tried all the other firewalls available, I have migrated to Outpost Pro 2,5. Outpost doesn't seem to conform to the requirements of the Patriot Law.
There were comments about SP2 and all the windows updates. I use them. Be aware that they, too, conform to the Patriot Law requirements. Yes they protect you from internet threats... but who protects you from them?
Outpost offers the most comprehensive rules based control compared to all the major software firewalls. With knowledge of what you should be protecting yourself against, there is no limit within Outpost to what you can control. It is a truly excellent piece of software. I played with it for some months, and waited for 2,5 before migrating. As long as Outpost retains its total independence in the face of US pressure on firewall manufacturers I will continue to use it.
The US Government Law Enforcement agencies now insist that all firewalls, software and hardware, allow access to bypass them inbound. The firewall manufacturers are obliged to supply a "key" to this effect. Britain, among other countries, has given in to this request.
I was involved, for a short time, with a well known hardware firewall manufacturer, and I was able to get unofficial confirmation of my suspicions.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci914858,00.html Below you will find SearchSecurity.com expert Kevin Beaver's response to questions about how the PATRIOT Act affects individual security and civil liberties. This article is one of a group of SearchSecurity.com expert answers to questions on this legislation.
Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism -- a.k.a. the USA PATRIOT Act -- is a huge program with a catchy little title that does more to increase the size of government than it does to fight terrorism. It was easy to pass -- everyone was emotional over the unfortunate September 11 terrorist attacks. It was developed behind closed doors between Congress and the Bush Administration, and there was initially no debate or amendments allowed. It just passed -- unfortunately, using terrorism as an excuse to attack our individuality and personal freedoms. It's anything but patriotic.
From tracking large bank transactions, to tracking what books we check out from the library, to listening in on our e-mail conversations, the PATRIOT Act and the subsequent Cyber Security Enhancement Act (CSEA) have done little (and probably never will do a lot) to actually fight terrorists. Here are a few reasons why I think it's bad:
# This legislation defines terrorists to include non-violent computer hackers and more. What happens when someone else sends a message threatening national security in your name!? That's going to be a tough one to prove.
# E-mail can now be snooped on without a court order.
# ISPs and other providers no longer have an incentive to protect our personal information (not that they had much before).
# Aren't we supposed to be the home of the free?
# The Internet, and even our own ability to hold private conversations, as we know them are gone.
lynchnot, that application is a sandbox.lynchknot said:I dunno, it was a post at Outpost firewall board. No one disputed it - not even admin of board. He did say
Anyway, not a firewall but to suppliment - a must have for me.