Outbound firewalls, or firewalls that only throw up alarms when a program on your machine tries to call out to the internet, are largely useless, according to our friends at How-To Geek. They don’t offer real protection, ignore inbound threats and give you a false sense of security. Here’s why.
The assertion is a bit controversial, especially for those of us who like knowing when something on our computers is connecting to the internet. However, Chris Hoffman over at How-To Geek explains that outbound firewalls give their users a false sense of security, and security companies eager to get you to spend money on their products prey on your fear that you need someone watching all the time, alerting you whenever a program checks for a software update:
Outbound firewalls aren’t an effective defence against malware. You should focus on using an effective antivirus program, keeping your software up-to-date, and making sure you don’t have Java installed. That will keep your PC much more secure than using an antivirus program that won’t help much after the fact. If your computer is compromised, it’s compromised.
Many geeks say that they like using an outbound firewall to block apps that aren’t malware but aren’t too trustworthy from “phoning home.” You’d only know if such an app was phoning home if you were running an outbound firewall, after all.
Ultimately, you shouldn’t be running an application you don’t trust on your computer. If you’re using an application but you don’t trust it enough to let it access the Internet, you’re likely making a mistake — you’ve already trusted the application quite a bit by giving it full access to your system. In this day and age, almost every program will be connecting to the Internet for some reason, whether it’s to sync your personal data with an online service or just check for updates online.
He notes that for an outbound firewall to sound the alarm, the offending software must already be installed and well rooted on your machine. If it is malware, you’ve already lost, and the app has full access to your system and data. Additionally, your firewall is probably late to the game: The app has likely opened its own holes in your firewall software or bypassed your security tools by piggybacking on existing apps or using ports that no firewall would ever block (port 80, for example, which is standard http traffic) to communicate.
Chris goes on to note that if you want an outbound firewall to alert you to outgoing connections, or you just like customising how each individual app on your system calls out to the internet, by all means install one. Just be aware that it’s really more of an informative novelty than any real protection. Your real security focus should be on keeping threats from getting onto your system in the first place, something I think most people can agree on.
Why You Don’t Need an Outbound Firewall On Your Laptop or Desktop PC [How-To Geek]
Comments
2 responses to “Why You Don’t Need An Outbound Firewall On Your PC”
Hmmm, smells like troll bait..
You do if you don’t want certain software calling home
Some companies, like Adobe and Microsoft, make their software connect to their servers all the time. Outbound firewalls stop that.
I wouldn’t use How-To Geek as a source of security information. Outbound firewalls are useful for detecting malware which tries to pull commands from a server and NOT ALL malware can disable ALL firewall software – the good ones can, the amateurist ones can’t. Also @lonix is correct, you don’t always want legal software on your machine calling home (privacy concerns).
Security is like an onion, layered – the more layers you have (in general) the better protected you are – security 101.
+1.
I once had an alert from ZoneAlarm saying that Adobe PDF reader was trying to access the Internet.
Only problem was, I didn’t have PDF installed. Score one for outbound firewalls. Though these days I use Kaspersky: ZoneAlarm is not what it used to be.