On Wednesday 06 May 2009 02:46:54 pm Anders Johansson wrote:
On Wednesday 06 May 2009 21:11:02 Jim Henderson wrote:
Yeah, and which is the more critical part of an OS installation, the actual OS installation, or the data that a user stores under their own username?
Reinstalling the OS takes, what, 45 minutes? Recovering lost data because of a rogue app can take much longer, especially on personal home systems because most users don't do backups of their data on their home machines. Yes, they should, but that's not really the point.
ZoneAlarm's big idea is to protect against outgoing connections. In other words, when it steps in with its "unique" features, it's already too late
Particular program, in last incarnation that I used, is very good supplement to computer security, but not all in one. It prevents incoming connections like firewall, but also outgoing connections which other parts of the system don't control. To detect rogue applications you have to use other programs, and to prevent them to do what they should not, there are access permissions, like in Linux. Although, they are not very often used, as setup equals AppArmor setup.
To prevent applications from opening illicit outgoing connections, run it with apparmor, which is capable of preventing an application from doing just about anything that you haven't previously allowed.
If apparmor would ask questions and provide web pages with relevant help content, like ZA, it will be possible to setup profiles even to non-expert users, but it doesn't. So, situation is that one one side there is comprehensive solution that is not used, and partial that is used. Which one is better for computer security? BTW, I just looked in AppArmor Control Center. What kind of control center is that? Enable, and 2 fields, where only one can be guessed what it does? Abort, to prevent problems. -- Regards, Rajko http://news.opensuse.org/category/people-of-opensuse/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org