Firewalls always make me cry - or is it Microsoft again?

[Griffin NoName]

Latest gripe.

Actually it's not really about firewalls - it's about not really having control of anything !

When I had Norton, I blocked everything and then allowed every single thing I wanted to allow, adding firewall rules as necessary. It worked but made using the computer tedious sometimes and Norton was crap as I have often complained.

Kaspersky seemed so much better I've let it do most of the hard work but it has the usual firewall "feature" of asking silly questions without providing enough information for an informed decision.

One of their "features" is "called" "scanning encrypted web pages" - I've left it enabled and it hasn't bothered me - but what it actually means is they check the certificate.

I say it hasn't bothered me having it enabled. Well it didn't - until a few days ago, when New Behaviour errupted !!

Microsoft seem to have introduced a brand new snoop such that when I log into the Monastery they retrieve encrypted data via port 443. Whaaaaaaa?   This same retrieval happens for some other websites as well.

Of course MS haven't bothered to get their certificates recognised by anyone so Kaspersky says it's a dud. Which is how I found out they were retreiving data - because it started asking me if I wanted it all scanned - it doesn't show up in logs, not sure why not. 

I would never have known it was happening if I hadn't always kept scan 443 enabled and this new message started popping up.

The IP (range) picking data off me is MS Internet Data Centre. I've blocked it.

I assume this is snoopy big brother MS and the Monastery has not suddenly entered into a contract with MS.

I have a suspicion, untested/unproved as yet, that it may be changes to MS code for when a password is entered - whatever code it is that recgnises the first time one ever enters a username and password for a new site one hasn't visited extended now to grab data whenever one enters any password at all.....

I am outraged that MS appear to be grabbing info and possibly username and password for user logins. In fact, I almost wonder whether Microsoft Internet Data Centre has been infiltrated  because it seems so absurd.

Yes, I know private information can be firewalled.... but not many ordinary users bother with that. And no way do most ordinary users know how to block specific IP ranges. And most users switch off the certificate scanning.

I hate BIG BROTHER; I just wish someone would tell me who he is. I am sure there is the Great ONE Big Brother who is infesting all companies and governments.........

[Bob in a quantum-state-of-faith]

This IS disturbing, G.

I had dropped the venerable Zone Alarm, in favor of the built-in MicroSuck program (defender or something), reasoning (correctly) that it takes fewer resources, because it uses built-in functionality.

I hate having to run extra burdens on an over-inflated OS.

Now this.

I DO use NoScript, and it lets me choose which scripts to utilize and so forth-- and I use FireFox, exclusively, so I seriously doubt that it "phone's home" at all.  _{(in fact, the ONLY time I use Internet Exploiter is when I want something from MicroSuck)}

I also have a hardware firewall, which is pretty robust, in and of itself.

Based on what you just reported, I guess I'll dump Windoze Defender and re-install good o'le Zone Alarm.

*sigh*

It would alert me whenever ANY attempt to "dial out" is made-- I have to train it from scratch, as it were (I used it in the past, and it's free as far as I know).

I can set the alerts to "ask me", "never" and "always" for ANY port/program.  Including Internet Exploiter. 

I may have to Google your findings for more info.  This has GOT to be an old issue, I'd think....

What version of Internet Exploiter are you using, G?

[Griffin NoName]

IE 7

It's not an old issue. It's a brand new one. No change on my set up. Then suddenly this starts up. I possibly wouldn't have noticed as I tend to just click skip the check. But when it's something one does several times a day - like log on to the Monastery - and it has never happened before - and this irritating firerwall message starts popping up - one tends to notice it and think... hey why is MS trying to send data all of a sudden when I log onto the Monastery?

[beagle]

Probably the anti-phishing stuff checking we're not impersonating a monastery. Oops...

[Griffin NoName]

Do we have an inner bailey?

[Bob in a quantum-state-of-faith]

IE 7

It's not an old issue. It's a brand new one. No change on my set up. Then suddenly this starts up. I possibly wouldn't have noticed as I tend to just click skip the check. But when it's something one does several times a day - like log on to the Monastery - and it has never happened before - and this irritating firerwall message starts popping up - one tends to notice it and think... hey why is MS trying to send data all of a sudden when I log onto the Monastery?

Hate to sound like a broken record or a salesman, but have you tried FireFox? 

I've been using it (or it's parent, Mozilla) since it came out-- I forget how long, now.

I keep IE around JUST for the getting of updates at Microsuck's* site.

____________

* and I just had a thought:  it ought not to be named microsuck-- but MEGAsuck instead....

[Griffin NoName]

No, No, NO, and Yes. No, yes, no, Yes. Possibly. Or possibly not. I can't be bothered with anything else.... one day I'll jjust get rid of MS altogether. Possibly. It's not IE that's the problem really. It's firewalls and data grabbers.... MS is just one of many that I block. I'm used to getting IE to do what I want for the time being.

It would all be fine if I didn't notice what the firewall was and wasn't doing.... and the fact that all firewall software has severe limitations in the way they interface and the details of the information they do/dont report on. I'm used to megga systems I guess so I tend to want more from than they allow.   It' sort of like being forced to do operations with a blunt knife and an embroidery needle 

[beagle]

I can tell you're really crying out for MVS/TSO, a cluster controller and a 3279 terminal, preferably with an APL keyboard. Have you tried Ebay? With computer depreciation the way it is an Amdahl 360 clone from the 80s should be down from £20,000,000 to £20 by now.

If you don't want phishing stuff done dynamically then I think Firefox does it by downloading a list against which it compares URLs. Don't know how the two methods compare in terms of effectiveness. 

I still like IE better, but I'm careful not to fill it with add-ins. After my stint writing something similar which had to co-exist with them I know how dodgy some of them can be. IE hasn't crashed once on my Vista machine since I've had it, but you do have to watch out for Java/RealPlayer/Adobe/Apple etc etc installs trying to sneak Google or other toolbars/add-ins on as part of a giveaway product. There's usually a checkbox to stop it hidden away on page 28 of the custom install dialog part of the wizard.

[Griffin NoName]

Thanks Beagle. It's nice to be understood. I thought no one appreciated my anorak.

I eschew those toolbars.... I think they should have the download unticked - so you have to opt in not out...... another legal battle perhaps for when I am at a loose end.

Meanwhile I do have google toolbar as it is useful, but I block it from transmitting anything and all the ads of course. Best of both worlds.

I like subverting software