Microsoft has made much of Windows OneCare, its new security bundle that includes, among
other things, a firewall. It turns out, however, that in its default configuration
OneCare's firewall is full of
holes. According to InfoWorld's Roger Grimes, OneCare automatically permits all traffic from two types of programs:
Any program using the Java Virtual Machine, and any program digitally signed. Microsoft has responded to the criticisms
by saying that the JVM exception can be turned off (something that novice users will never, ever do), and that spyware
is rarely signed. Concerning the latter, Grimes correctly points out that signed spyware is not unheard of and that
when OneCare becomes the default security solution for many users, signed spyware will become the norm. While OneCare
is still in beta and Microsoft could change the default settings for its final release, their responses (posted on
Grimes' blog) don't really inspire optimism.
Tags: firewall, hole, java, jvm, microsoft, onecare, security, vulnerability, windows
