More on personal firewalls

I wrote recently about some of the challenges faced by personal firewalls and the state of desktop security in general.  Perhaps following my lead (okay, more likely, perhaps not), Slashdot just picked up on a Mail & Guardian article that tries to address the issue of why personal firewalls are leaky.  I can't say I agree with the article's theme, which seems to roughly be "browsers are vulnerable, so personal firewalls are worthless," but the author does raise an interesting point about malware hijacking trusted applications such as web browsers to send out your supposedly private data.

While browsers are indeed a "soft" point when it comes to the security of your PC, this does not mean that other aspect of good PC security hygene should be ignored.  I would go as far as to say that I believe the author of this article does his readers a disservice by essentially recommending against the widely accepted defense in depth strategy of employing multiple means of information security security on a single PC in order to mitigate the possibility that one or more may be compromised.

A properly configured PC firewall can even help you browser be safer.  For example, one of the technologies I worked on in the past was a system to use the child-parent process chain to ensure an application attempting network access was itself launched by a trusted appliation and that that application was also launched by a trusted application, etc., etc. all the way down to the kernel.  This type of protection derails a whole category of malware that uses trusted applications, such as a browser or email application, to do it's network bidding.