Switched has a new home! Huffpost Tech.

Click here to visit the new home of Switched!

Hot on HuffPost Tech:

See More Stories
Free Switched iPhone app - try it now!
AOL Tech

Microsoft OneCare not much of a firewall

by Jordan Running on February 1, 2006 at 11:10 AM

Windows OneCareMicrosoft has made much of Windows OneCare, its new security bundle that includes, among other things, a firewall. It turns out, however, that in its default configuration OneCare's firewall is full of holes. According to InfoWorld's Roger Grimes, OneCare automatically permits all traffic from two types of programs: Any program using the Java Virtual Machine, and any program digitally signed. Microsoft has responded to the criticisms by saying that the JVM exception can be turned off (something that novice users will never, ever do), and that spyware is rarely signed. Concerning the latter, Grimes correctly points out that signed spyware is not unheard of and that when OneCare becomes the default security solution for many users, signed spyware will become the norm. While OneCare is still in beta and Microsoft could change the default settings for its final release, their responses (posted on Grimes' blog) don't really inspire optimism.

Tags: firewall, hole, java, jvm, microsoft, onecare, security, vulnerability, windows

Add your comments

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.

DLS Archives

May 2012

SunMonTueWedThuFriSat
 12345
6789101112
13141516171819
20212223242526
2728293031