Are firewalls really needed?

Sorry guys, I am stopping your "thumbs up" party and disagreeing with you.

Maxxwire said:

And how do you somehow rationalize away the fact that the compromising the privacy of the information on a computer is not a severe breach in computer security? How is allowing a program on my computer to upload private information to the internet not a gross violation of computer security whether it is a 3rd party spyware program looking for personal data like passwords, credit card information or identity theft or any of the many programs mandated and scheduled by Microsoft to report to Redmond every day?

You would be hard pressed to convince any of the computer users here on the Forum that the definition of computer security does not include everything going both in and out of their computer and that any compromise in control over what comes into or is sent out of the computer is a serious breach in computer security.

~Maxx
.

How do I rationalize it?
It's really really easy. in fact backing up my statement is a lot easier than yours.

Short answer:
EULA and Privacy Policy.

Has any of you even bother to read them before using your software (including Windows 7 itself)

So, how do I rationalise it?
It's easy. There is NO breach on your privacy.
Nobody is breaking your privacy.
You agreed to it all yourself.
So it's actually YOU who is breaking laws by not doing something you already agreed on EULA.
Let me show you, if you don't believe me:


can you read it?
You already agreed and signed it.
(It was taken from Window 7 Home Premium English EULA)
Available at: License Terms

Or If we want we can go into even more details:
Windows 7 Privacy Statement - Microsoft Windows (Windows 7 Privacy Highlights)
Windows 7 Privacy Statement - Microsoft Windows (Windows 7 Privacy Statement)
Windows 7 Privacy Statement - Microsoft Windows (Windows 7 Privacy Supplement)

Direct quote from them:

Some features that contact the Internet are turned on by default to make Windows 7 work better. You can choose to disable these features. To learn more about these features, see the Windows 7 Privacy Supplement.

So as you can see you have all agreed to it.
And you have no rights to say that they are your Privacy breaches.
If you think so, go ahead and sue them. You will see that any person with a bit of clue on Law can see that you have agreed to it yourself.

So, do you think I did rationalise my statement?
People should start reading all EULA they are agreeing to....
And they should at least read Privacy Policy before claiming their privacy has been breached.
Please don't be offended, I am not referring to just you.
I am sure, I am sounding too aggressive, but it's just a frustration, not anger or offence.

Maxxwire, sorry again. I know I was aggressive.
I am not trying to be Microsoft's advocate or anything.

All I am trying to say is that "Things you have described are not security breach"
So from security point of view you aren't accomplishing anything.

Neither me nor you have been FORCED to sign contract. You have a choice if you don't like it don't use it.
I am not saying that I like their Privacy Policy. I am not saying that I myself not breaking those regulations. I DO break them.

But the point is, I DO have a choice aswel. If I want there is big Linux world is still waiting for me.
And most importantly I do have a choice to (which is my best weapon against any EULA or Privacy Policy) just not to include any of my sensitive data.
As you can see it is simple, I don't have sensitive data, so nobody can compromise them...

But again, I do understand what you are doing, I support you in a way.
But all those examples were brought forward not to tell you that you are breaking laws or anything like that.
It was just brought forward to show that from security point of view they are NOT malicious, so they are not potential threads which are blocked by firewall.

And By the way, point of my first post...

I am in noway trying to discourage anyone from using firewall.
No, I don't mean it!
If you were going to use it, please go on and use it!

I can say you, I am using firewall. I do like the idea of two way firewalls. I used them in the past and will start using it again in the near future.
Both of them are really valuable assets into your security, please go on and use it!

One of my main points on my first post was try to examine the other side of debate. As everyone was against the OP (in the skype forum) I was just trying to analyse and find out justifications to his words.

Even though I don't fully agree with him. In my opinion most of the people need inbound firewall which just does atleast basic packet filtering.

Now my second point: two-way firewall.
Yes they are really great, As I have mentioned already I did and I will use them again in near future.
All I am saying is that they are not needed for most people. I think average use doesn't really benefit from outbound protection. Because he will be unable to configure it properly and possibly will not even bother to.
So, as you can see they will be better going with just simple inbound filter.
They are not getting any benefits or become more secure with more advanced firewall suites.

All they need is just simple firewall.

Simple, That was all I meant.
Bringing up privacy complicated everything. Yes, I do take part of the guilty for this myself

I think the more accurate term the two of you are trying to find is that in using a particular product, you have the option of agreeing or disagreeing with the policy it wishes you to abide by when using the product.

Right now the two of you are arguing literally over semantics, and quite honestly, it is making both of you look like crazed fanatics.

While yes, Microsoft's EULA is basically lawyering the right to gain access to information, it isn't 100% to violate your privacy short of what you are willing to allow. At the same time, you are not required to USE said product, but allowed to use a third party product and not agree to a EULA you are not happy with.

The point of the EULA is to cover the provider's ass from litigation from the user installing the product. As many people love to sue things, the EULA is there to pretty much state, "Hey, we are providing AB and C to you... Here are the stipulations, you have to agree not to sue us cause we gave you fair warning about this." It's about business practice and others do the same thing. The user is the one who has to agree or disagree, but it does not mean it prevents you from using a third party replacement, otherwise it would violate the Anti-trust requirement that Microsoft has to abide by with this OS and the rest of their products.

I will have to say that you guys need to at least agree that having the OS using a software firewall is recommended, regardless if it is MS or some other party for some specific reasons, all of which are with regards to security, be it from within the OS or adding another layer within your own network.