Oh dear -- the sky is falling!
the contents of Aardvark's "million-dollar ideas" notebook
are revealed for all to see!
Well that's what you'd think if you were to read the newswires every day.
The net is chocked full of viruses, worms, trojans and hackers right?
In fact, it's gotten so bad that the government (by way of the CAB) is going
to make it illegal to even be in possession of software that "could" be used
to carry out hacking activities.
So now we're all told that we ought to equip our machines with "personal firewalls"
and Microsoft is even including a Clayton's firewall with XP (you know the one,
the firewall you use if you want to feel safe even though you're not).
While personal firewalls are a great thing and provide vastly more protection
than no firewall at all (if you don't have one -- get one NOW!) they do have
Because these firewalls run on the machine they're supposed to protect they
are still vulnerable to some forms of attack -- mainly trojan or virus-based.
A good example is an experience related recently by an Aardvark reader.
He visited a website and found afterwards that the dialer settings
on his PC had been altered to ring a different number. Closer investigation
done the dirty deed.
A personal firewall wouldn't have stopped this and a less attentive PC user
might not have even noticed the change of number -- potentially exposing
them to massive toll charges as their modem called the international
equivalent of an 0900 number.
Likewise, there is little to stop an email-borne virus/trojan from disabling
your personal firewall in a covert manner -- leaving you under the impression
that you're safe when you're not.
So is there a better solution than the Zone-Alarm/BlackIce-type personal firewall?
Yes there is -- but you'll need some extra hardware.
Perhaps the cheapest way to do the job is to drag out that old 486 you retired
a year or two ago when you bought a new Pentium-based machine, and convert
it into a dedicated firewall.
If you've got the time and know (or are willing to learn) a bit of unix/Linux,
you can install any one of a number of operating systems on that old box
and set it up as a dedicated firewall. The most popular options are Linux
and FreeBSD -- both of which can be set up to become bullet-proof protection
against unwanted external intrusions.
In effect, this machine will act like an isolating transformer between you
and the Internet. Unlike a personal firewall, a separate box like this can
provide a virtually undefeatable block to hackers who might want to find their
way into your PC.
However, setting up a box like this can be complex for the unix neophyte and
many Ma and Pa home-users simply have no interest in getting to grips with
awk grep and vi.
So... do I spot a potentially lucrative void in the market here?
Which hardware vendor will be first to launch a widely distributed and reasonably
priced dial-up modem with inbuilt firewall?
Most DSL modems make a half-hearted attempt to provide firewall services -- so
why not dial-up modems?
It would not be difficult or expensive to produce a modem that connects to your
PC via a network cable and provides an easily configured and controlled
firewall for home PC users and, in light of all this media hype about hackers
and Net-dangers, I'm sure they'd sell like hotcakes.
Would you pay an extra $100 to buy the modem with a firewall in it?
Maybe there already is such a device -- in which case my question would be
why on earth isn't someone marketing it properly and making a fortune
by capitalising on the media hype that provokes such (understandable) paranoia
amongst Net users?
Save The Aardvark Fund
Yes, I have had several donations to the Aardvark fund and I thank those
who put their money where their mouse is :-)
If guilt is gnawing away inside you then there's still time to donate.
Just drop by and
hand over your loot.
Aardvark also makes a summary of this daily column available via XML using
the RSS format. More details can be found