In the previous chapter, I argued that the Windows firewall helps keep people pretty safe from Internet threats, especially when the user doesn’t do anything risky. In this chapter, I’m going to complain about firewalls—but not just any kind of firewall. I’m going to complain about personal firewalls, which are subtly different from the firewall that comes with Windows and the firewall you might run on a network.
What is a personal firewall? Well, a firewall is supposed to monitor traffic entering or leaving either a network (if the firewall lives on a network) or a machine (if it lives on your machine). It allows or blocks traffic based on a policy.
Typically, operating systems have a built-in firewall that is pretty effective. They stop all traffic coming onto the machine, unless it is in response to something the user did (though you can allow exceptions, for instance, if you want to run your own web server on your machine).
But if network traffic is initiated from your machine, the OS firewall generally won’t do anything.
Let’s say you’ve accidentally downloaded a banking trojan, which will monitor all your online banking activity and then secretly send your account information to bad guys on the other side of the world. Since you’re infected, your AV already failed to detect the bad software, which will go ahead and collect your information.
But even if your personal data is collected, what if you could keep that data from being sent off to ...