Outbound firewalls, or firewalls that only throw up alarms when a program on your machine tries to call out to the internet, are largely useless, according to our friends at How-To Geek. They don’t offer real protection, ignore inbound threats and give you a false sense of security. Here’s why.
The assertion is a bit controversial, especially for those of us who like knowing when something on our computers is connecting to the internet. However, Chris Hoffman over at How-To Geek explains that outbound firewalls give their users a false sense of security, and security companies eager to get you to spend money on their products prey on your fear that you need someone watching all the time, alerting you whenever a program checks for a software update:
Outbound firewalls aren’t an effective defence against malware. You should focus on using an effective antivirus program, keeping your software up-to-date, and making sure you don’t have Java installed. That will keep your PC much more secure than using an antivirus program that won’t help much after the fact. If your computer is compromised, it’s compromised.
Many geeks say that they like using an outbound firewall to block apps that aren’t malware but aren’t too trustworthy from “phoning home.” You’d only know if such an app was phoning home if you were running an outbound firewall, after all.
Ultimately, you shouldn’t be running an application you don’t trust on your computer. If you’re using an application but you don’t trust it enough to let it access the Internet, you’re likely making a mistake — you’ve already trusted the application quite a bit by giving it full access to your system. In this day and age, almost every program will be connecting to the Internet for some reason, whether it’s to sync your personal data with an online service or just check for updates online.
He notes that for an outbound firewall to sound the alarm, the offending software must already be installed and well rooted on your machine. If it is malware, you’ve already lost, and the app has full access to your system and data. Additionally, your firewall is probably late to the game: The app has likely opened its own holes in your firewall software or bypassed your security tools by piggybacking on existing apps or using ports that no firewall would ever block (port 80, for example, which is standard http traffic) to communicate.
Chris goes on to note that if you want an outbound firewall to alert you to outgoing connections, or you just like customising how each individual app on your system calls out to the internet, by all means install one. Just be aware that it’s really more of an informative novelty than any real protection. Your real security focus should be on keeping threats from getting onto your system in the first place, something I think most people can agree on.