SeriousHoax

Level 30
Verified
Malware Tester
OpenSource doesn't mean that the tool is safe ;)
It just mean that you can read the code - if you understand it. And also this doesn't mean that this code is realy used in the end. For that, a reproducable build is needed.

A lot of people nowadays are blended by "it's OpenSource it must be secure then" which is very dangerous. But well, this end in too much offtopic and i get your point as i use SimpleWall by myself yor a long time (sinve v1) and i love OpenSource generally.
I agree of course. Anyway, this is nice and healthy discussions (y)
 

SeriousHoax

Level 30
Verified
Malware Tester
SimpleWall asks you to disable WF. Is it enough on its own? I do not think this is good for security. Am I missing anything here?
It's normal. The way SimpleWall's dev thinks is, any app can create its own rule in Windows Firewall which is not safe. So, he recommends to disable Windows Firewall. Don't worry it's perfectly safe (y)
 

DDE_Server

Level 21
Verified
OpenSource doesn't mean that the tool is safe ;)
It just mean that you can read the code - if you understand it. And also this doesn't mean that this code is realy used in the end. For that, a reproducable build is needed.

A lot of people nowadays are blended by "it's OpenSource it must be secure then" which is very dangerous. But well, this end in too much offtopic and i get your point as i use SimpleWall by myself yor a long time (sinve v1) and i love OpenSource generally.
But I think opensourcing is more secure it is not logic to embed malicious code in source code which will be diffintely discovered and the developer may be accused as a malware development also most opensource developer bring their binaries such that you could build the software by yourself however the user shall be cautious and trust popular software which has large and popular communities
 

show-Zi

Level 28
Verified
As for the digital signature of the binary, I think it's closer to the Breed registry for pet animals.And open source software is a pet that is nurtured by the enthusiasts around it.

In terms of protection comparisons, I don't think there's a fundamental difference, since both of them do FW work.
In the process of using it in practice, I remember that the simple wall was not as simple as the impression I got from the name, with two modes and the requirement to enable or disable software to communicate in the background. However, if you want to manage all of your communications, I think this fine-grained choice of whether or not to communicate is appealing.
 

show-Zi

Level 28
Verified
Can you be a bit more specific because SimpleWall is the easiest to use Firewall program I've used. So I'm confused why you had difficulties with it! 🤔
It probably comes from a difference in knowledge.It means that what was commonplace to your knowledge seemed esoteric to me.;)
Let me explain briefly.For example, the name msmpeng.exe pops up to tell you what to do with the communication.But I've never heard the name of this software before.My thoughts freeze.Search and be convinced, then allow.I described this sequence of events as esoteric.
TW continues to reticently refuse.In order for it to work, you have to find it in the connection monitoring and give it permission to do so.
 

SeriousHoax

Level 30
Verified
Malware Tester
the name msmpeng.exe pops up to tell you what to do with the communication.But I've never heard the name of this software before.My thoughts freeze.Search and be convinced, then allow.I described this sequence of events as esoteric.
I see. This is normal for any interactive Firewall. The point of such Firewall is that the user have full control of what gets connection and what not. WFC does the same too. Average user shouldn't even use anything else except Window Firewall or the Firewall that comes with their 3rd party AV. Besides, for the msmpeng.exe notification it also shows the location of the exe so it's clear that it's part of Windows Defender and should be allowed. But I get it, it's not always easy like that. For example usocoreworker.exe is a file that requires internet connection for Windows update checking. I didn't know that and I had to search like you to know what it is. So, I would say SimpleWall or similar interactive firewall for example ESET's interactive Firewall mode is my favorite, they made me more knowledgeable about my system. Now I have a very good idea what processes are required internet connection for Windows to run properly which I didn't have before trying out an interactive Firewall. So one should be prepared to learn about the system otherwise the default firewall is enough.
 

ultim

Level 2
So, I would say SimpleWall or similar interactive firewall for example ESET's interactive Firewall mode is my favorite, they made me more knowledgeable about my system. Now I have a very good idea what processes are required internet connection for Windows to run properly
Yes you'll learn, but this is not specific to firewalls with popups. Even without popups, you'd be forced to research the associated processes you need for a particular application. The difference is, with popups you'll do this research more or less for every app that tries to access the network, while without popups you'll only do it for applications that you're actually wanting to use.
 

SeriousHoax

Level 30
Verified
Malware Tester
Yes you'll learn, but this is not specific to firewalls with popups. Even without popups, you'd be forced to research the associated processes you need for a particular application. The difference is, with popups you'll do this research more or less for every app that tries to access the network, while without popups you'll only do it for applications that you're actually wanting to use.
I understand what you're saying but it doesn't apply universally. Different people have different way of dealing with things. I prefer the exact opposite of what you said. Besides, with popups I would actually have to spend less time researching except the very first time after installing the Firewall which is obvious. After that I wouldn't require to check the logs because I already know nothing else except what I allowed tried to connect without my knowledge. With popups I would immediately know if something unexpected tries to connect to internet and take required actions while without popups I wouldn't know that at the time of happening, something may break in the background without me knowing because I wouldn't be checking the log all the time. Few days ago I noticed after installing a security program "Wisevector", at first run for some unknown reason "lsass.exe" tries to connect online. I immediately reported it to them and asked what's going on.
So anyway, there's no right or wrong here. It's just matter of preference and I prefer to be notified without any delay (y)
 

show-Zi

Level 28
Verified
there's no right or wrong here. It's just matter of preference and I prefer to be notified without any delay
I agree. I find SimpleWall esoteric, but I'm not denying the software itself. Rather, I believe that monofunctional software should show a variety of possibilities, including the author's personal ideas.

@ultim comments helped me sort out the opinions I was trying to convey.I basically wanted to create a rule for minimum communication permissions, and in the case of TW, the minimum permissions required for Windows to work are provided.All that's left to do is allow browser and other software, and my goal is accomplished.In other words, you just have to allow it.In the case of a simple wall, you have two choices: allow or deny.
I wanted to express this difference!😉
 

CivilLizard

New Member
I understand what you're saying but it doesn't apply universally. Different people have different way of dealing with things. I prefer the exact opposite of what you said. Besides, with popups I would actually have to spend less time researching except the very first time after installing the Firewall which is obvious. After that I wouldn't require to check the logs because I already know nothing else except what I allowed tried to connect without my knowledge. With popups I would immediately know if something unexpected tries to connect to internet and take required actions while without popups I wouldn't know that at the time of happening, something may break in the background without me knowing because I wouldn't be checking the log all the time. Few days ago I noticed after installing a security program "Wisevector", at first run for some unknown reason "lsass.exe" tries to connect online. I immediately reported it to them and asked what's going on.
So anyway, there's no right or wrong here. It's just matter of preference and I prefer to be notified without any delay (y)

I agree with this and much prefer pop-ups. The initial setup is may be annoying (it would be nice if firewalls included a "well known" applications list that would have the rules created for it automatically, like Outpost Firewall did. Of course, it should be up to the user if they want to do it automatically.), after that you have complete control of what is going on and if something new tries to connect you'll know immediately.

With the non-pop up method, as SerioiusHoax, you will eventually have to do research, a lot of it! Because if something breaks, then you don't know why it's being broken and not working and then you have to go through the list of applications and try to figure out what service or application is being blocked and what you need to unblock.

I like SimpleWall personally. I've compared it to Windows 10 Firewall Control and prefer SimpleWall, the UI looks like standard Windows (W10FC looks like old Windows), you get better separation of applications, services, Windows 10 Modern applications. One thing I liked about W10FC is the "allow once" button on pop-ups, but SimpleWall has "allow for x amount of time" which I thing substitutes "allow once" just fine.

SimpleWall requires disabling of Windows Firewall, which I personally like. I don't want an application that managed another running application. Just have one. If it registered as an "official" firewall so the warnings would go away, it'd be great.

Finally, SimpleWall is available as a portable application, which I really like!

The only pet peeve I have with SimpleWall is, why is "simplewall" name, not capitalized and properly cased. 😄
 
Last edited:

SeriousHoax

Level 30
Verified
Malware Tester
Finally, SimpleWall is available as a portable application, which I really like!
Me too 👌
The only pet peeve I have with SimpleWall is, why is "simplewall" name, not capitalized and properly cased. 😄
You're right. I case the folder properly on my PC. SimpleWall it should be. Maybe you can create a GitHub issue for this 😂

Btw, in case any SimpleWall user is annoyed because the Windows Security turns red after enabling it as it disables Windows Firewall, here's a trick to fix that annoyance. Open "Edit group policy" and follow this.
sim.gif
 

DDE_Server

Level 21
Verified
I think both software have the same purpose with different methods to do it.
both give the user the control of over the program communication through windows firewall . for Tiny wall it follow the principle of default deny solution (block all connection except some trusted predefined rules) and then if the user want certain program to communicate he should whitelist it.also simple wall ( i don't use it before) is the same procedure but with real time notification system which notify the user if any program try to connect (on the other side Tiny wall is silent solution)
i am using Tiny wall however i find simple wall is may be better for someone want to see all programs behavior behind the scene and gain more control
 

SeriousHoax

Level 30
Verified
Malware Tester
I think both software have the same purpose with different methods to do it.
both give the user the control of over the program communication through windows firewall . for Tiny wall it follow the principle of default deny solution (block all connection except some trusted predefined rules) and then if the user want certain program to communicate he should whitelist it.also simple wall ( i don't use it before) is the same procedure but with real time notification system which notify the user if any program try to connect (on the other side Tiny wall is silent solution)
i am using Tiny wall however i find simple wall is may be better for someone want to see all programs behavior behind the scene and gain more control
One of the thing TinyWall has is learning mode which SimpleWall doesn't which can be important for some users. But one thing about SimpleWall is, you can turn off the notification feature if you want so it can be turned into a silent default deny firewall as well.
 

DDE_Server

Level 21
Verified
One of the thing TinyWall has is learning mode which SimpleWall doesn't which can be important for some users. But one thing about SimpleWall is, you can turn off the notification feature if you want so it can be turned into a silent default deny firewall as well.
yes Learning mode is great method to take off a lot of hassle to whitelist some programs if you couldn't get to the exact service or exe which need internet access to make your program work as intended file to make your program work
 

DDE_Server

Level 21
Verified
@show-Zi @SeriousHoax I haven't used Simplewall but I'm pretty familiar with the Wilders thread and I have to agree that @show-Zi's view and experience is the same as mine. I was just waiting for the TinyWall kinks to be ironed out after using an eralier beta build. But in the end, different software suit different users.
That is the point
different methods to accomplish the task whatever you are comfortable with go with it.
 

SeriousHoax

Level 30
Verified
Malware Tester
yes Learning mode is great method to take off a lot of hassle to whitelist some programs if you couldn't get to the exact service or exe file to make your program work
This is where having notification feature helps for me. I immediately know which exe is asking for internet connection. Anyway, like we said, different people like different approaches.
 
Top