Security Cop-outs

Laura showed me how to get Facebook to import my RSS feeds, and with it I think I've now got a way to justify maintaining a Blogger account if I can drop it on everyone's news feeds. So hopefully this will be the first of many future little blurbs from yours truly.

I was interested in do a little writing again when I saw this video out of F-Secure the other day. (Skip to 1:53, and watch the spaceship scene.)

I LOLed when I saw the "ROFL.exe is updating, allow?" and the choices are "whatever" and "whatever". Unfortunately, it's all too accurate. How many of you installed some comprehensive security suite that's blasting warnings at you every time you try and do something? "Allow program X to run?" "Application A is trying to connect to some address on some port via whereever."

How is anyone supposed to keep up with all of this? I do this for a living and I'm still wondering what the hell I'm getting all of these prompts for.

It's a cop-out really. Another security blog (who's post I can't find for the life of me) says something similar: Security software all too often pushes it's decision-making process onto the user, who is (no offense to my technically-minded friends) the least qualified to make the decision. You're trying to load Word or something, and suddenly you have to answer a ton of questions about whether this app should update or connect or what have you. All you want is for the damn thing to work.

If it sounds like I'm simply advertising for F-Secure at this point, I apologize. But it does make me think about some of the software that's out there.

My biggest gripe currently is any of the "Internet Security" suites offered by Norton, Kaspersky, and the like. Beyond just an Anti-Virus, they provide firewall services as well.

Firewalls are often misunderstood, so I'll provide a little run-down here:

You have two computers, and many applications run on both. If App A wants to talk to App B on Computer B, Computer B needs to know what application App A wants to talk to. That piece of information is the Port Number, and when App A says "I want to connect to port 123", Computer B knows that App B is running on port 123, and forwards the message accordingly.

Computers can send messages to other ones unsolicited, and this is something you don't often want. Your PC can share files with other PCs, and between computers in your home, this can be nice. But you don't want the whole internet dropping files on your PC. So you erect a firewall. The Firewall intercepts all messages coming to your computer and if they're unsolicited, blocks the connection. Like a wall surrounding a town, people in the town can talk, but everyone outside can't get in.


Firewalls can intercept messages going outbound as well, and this can be good to ensure that messages don't inadvertently get sent out that you don't intend. If your computer becomes infected with a virus, there's a chance the firewall could stop the traffic before it sends your information out.


Here's where we get into trouble. your computer sends out tons of legitimate requests all of the time. Most firewalls are configured to allow all outbound connections, making this easy enough. No worries, all goes out.


Internet Security apps try to lock this down. Some try to take pictures of outgoing traffic, or use a common list of ports, but all eventually rely on the user to identify what traffic is legitimate or not. This is not realistic. How many people are going to be able to identify HTTP traffic (port 80) from Telnet (port 23) or DNS (port 53), let alone the 4-5 digit port numbers applications such as games, flash video, and others use. If you're trying to get your stuff to work, you're going to click "Yes", "Allow", or whatever you need to get the prompts to stop, if you don't turn it off entirely after 10 or so of those.

It all seems redundant to me given that there should be an anti-virus application protecting the computer all of this time. Assuming it's working, and all of the remaining programs on the PC are ones we trusted, shouldn't all of the traffic be trusted as well? Why should a user be forced to perform a second check? "Look, I know you trust this guy, but do you really want it talking to the world?" "Yes, that's World of Warcraft, let me fuckin' log on already."

As some have noted, prompting the user for every app that wants to use the net very quickly leads to a complacent behavior. And why shouldn't it? If you deny a legit app, your program doesn't work. If you allow it, it does. If an illegitimate application requests access, and you allow, flames do not shoot out of your PC. Your stuff still works. The lesson here is that usability trumps security. People want their PC to work, and work the first time.

To me, Internet Security applications are redundant and only serve to confuse the issue. If you have a router, and you didn't punch a gazillion holes in it (and knowing most of you, you haven't) then you have the only firewall you'll ever need. Keep your anti-virus up to date, and ditch the additional security package. Your sanity will thank you.

The Wedding Photographers

The past few days have been a bit miserable due to some sort of cold I've contracted, but there's a high note as Laura has finished putting the gallery together of our final pick of shots we took at our good friends' Joe and Cassie's wedding.

This was really new and different from both of us, as I've never taken pictures in any sort of professional setting before. 'Professional" is used loosely here, as I was approached to do this out of my friends' desire to keep the wedding costs down. Nevertheless, Laura and I were determined to do the best job we could with these, despite our lack of experience.

I think it turned out rather well in the end. Laura and I both took hundreds of pictures each, though we ended up going with many of mine by virtue of my bounce flash. (Laura has taken just short of worshiping it.) Being able to split up and cover different angles worked as well, and her pictures of the bride getting ready are the best of the set.

She also did most of the post-processing work. I've never been good with Photoshop, and having someone who knows their way around it is a huge help. I got to introduce her to Lightroom in return, and while I think she prefers Bridge for organizing photos, she says the ability to quickly tweak photos without having to individually open every one in Photoshop is a huge help.

So here's the gallery. Enjoy.