Leaky Firewall Software

[tags]Matousec, security, firewall, Comodo, Jetico[/tags]

A site I visit about once every other month or so has updated its leak-test results for the current crop of personal firewalls’.

Matousec’s Leak Tests have become a source of reassurance to end users on the one hand, but a source of contention for some firewall makers. Naturally any vendor that did badly (follow the link and scroll down for the results in multi-colour glory) is going to contest that their methodology is wrong, that use of ‘user mode hooks‘ is necessary in a windows firewall and so on.


Reality is that people feel happy knowing the software they are using is stopping stuff.

Now I also know the argument that goes “if it’s already reached your system, then trying to lock the door after the event is pointless” but I don’t 100% agree with that approach. This basically says – don’t ever do anything silly to cause your system to have to protect itself by blocking an outgoing packet. Sounds reasonable I know, but come on lighten up and lets get real. End users all over the world are constantly making mistakes and going to the ‘wrong sites’ or getting suckered in by a glitzy web advert that in reality is a drive bu trojan or similar.

In fact the argument for not putting in a personal firewall is equivalent to the car air bag. Why fit an air bag if we never intend to have an accident? Sounds good, but as a driver aren’t you happier that it is there just in case some numpty drives up your backside because they are chatting on their mobile?

It’s the same with computing – we forget to bolt the door sometimes and the personal firewall is a good way of giving us a wake up call.

Secondly, I use a personal firewall and fortunately I haven’t slipped up yet in 25yrs with some 20 of those online in one form or another but there is always time. My use of it is much more mundane – I like to know what is happening on my system. I want to know when I fire off the search facility that it is trying to make an outbound connection … the why still confuses me. I want to know that even though I may have configured Acrobat to never update then why does it still insist on trying to talk outbound?

Maybe it’s just me but I like to have control of my system and not the other way around – to the point where I will deliberately point the “my documents” folder to another location.

Anyway, back to Matousec’s results. I’m happy to see that my favourite free firewall, Comodo, is ranked up at number 1 by them but am disappointed that my number 2 favourite firewall, Jetico, is no longer free in its latest incarnation. However, it still came in at #2 on Matousec’s tests.