Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
ZoneAlarm by Check Point Info, Guides, Tests
Message
<blockquote data-quote="Decopi" data-source="post: 1049208" data-attributes="member: 67091"><p>I can imagine a scenario, where ZA says: "Let's build the most minimalist software, where almost everything behaves automatically".</p><p>In this scenario, App Control and Firewall Control really are not needed as part of the UI. As you perfectly explained here:</p><p></p><p></p><p></p><p>And ZA and you are right!, this can be one scenario, it's totally valid and depends on ZA approach.</p><p></p><p>So, why I don't like it?</p><p>Because this approach will work only for a "safe - list"... made by ZA. And "safe - lists" are useful, and they help!, but in a zero-day-attack scenario, software never should trust "safe - lists".</p><p>Important to remind that I like the minimalist approach! I just never liked the "too minimalist ZA" approach. I don't feel comfortable with the:</p><p>a. Check a safe-list</p><p>b. "Allow all" (that it's on the safe-list)</p><p>In short: If ZA approach is based on "safe-list => Allow All"... then, the current App Control/Firewall Control is almost useless, because users can block only stuff under ZA "safe-list". This ZA approach is not adding security, it adds only a small degree of administrative control for safe-listed stuff.</p><p></p><p>Again, I grant you that ZA approach will work for Average Joe's, they're going to be happy with an automatic software, silent, no decisions need to be taken from Average Joe.</p><p>But personally, I don't like it, I don't feel comfortable (with the "a." above). And I believe that small improvements can make the current App Control + Firewall Control much more powerful. If ZA already took the effort to create a small UI for App Control + Firewall Control, then now another small step will make it very powerful.</p><p></p><p></p><p></p><p>Now you're talking! Hell, yeah! <img class="smilie smilie--emoji" loading="lazy" alt="🤣" title="Rolling on the floor laughing :rofl:" src="https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/1f923.png" data-shortname=":rofl:" /></p><p></p><p>ZA can keep current approach! I'm not talking about structural changes. I'm talking about "complements", small further steps, for example:</p><p></p><p>1. App and Firewall with separated UI controls. An unified alternative might be a Firewall Control, with the option of terminating processes.</p><p></p><p>2. As [USER=99014]@Trident[/USER] said, ZA can keep current approach, but can offer a kind of "Advanced Options":</p><p>2.1 General options ("Block All", "Allow All", "Automatic", "Manual") for both, App Controls and the Firewall Controls.</p><p>2.2. The "Manual" option should allow users to block any connection + any process, not just known or safe Apps.</p><p>2.3 The "Manual" option is not quiet/silent, needs the [USER=99014]@Trident[/USER] suggestion "user prompt => user can decide"</p><p></p><p>In short, if Average Joe wants a silent ZAESNG, he can choose the "automatic" option (based on ZA safe-list + few logical rules). This Joe will need to trust ZA, but he'll gain a silent peaceful software.</p><p>And if another user wants "Advanced Options", then he'll gain small control over any process (execution AND connection), but he'll need to deal with ZA pop-ups.</p></blockquote><p></p>
[QUOTE="Decopi, post: 1049208, member: 67091"] I can imagine a scenario, where ZA says: "Let's build the most minimalist software, where almost everything behaves automatically". In this scenario, App Control and Firewall Control really are not needed as part of the UI. As you perfectly explained here: And ZA and you are right!, this can be one scenario, it's totally valid and depends on ZA approach. So, why I don't like it? Because this approach will work only for a "safe - list"... made by ZA. And "safe - lists" are useful, and they help!, but in a zero-day-attack scenario, software never should trust "safe - lists". Important to remind that I like the minimalist approach! I just never liked the "too minimalist ZA" approach. I don't feel comfortable with the: a. Check a safe-list b. "Allow all" (that it's on the safe-list) In short: If ZA approach is based on "safe-list => Allow All"... then, the current App Control/Firewall Control is almost useless, because users can block only stuff under ZA "safe-list". This ZA approach is not adding security, it adds only a small degree of administrative control for safe-listed stuff. Again, I grant you that ZA approach will work for Average Joe's, they're going to be happy with an automatic software, silent, no decisions need to be taken from Average Joe. But personally, I don't like it, I don't feel comfortable (with the "a." above). And I believe that small improvements can make the current App Control + Firewall Control much more powerful. If ZA already took the effort to create a small UI for App Control + Firewall Control, then now another small step will make it very powerful. Now you're talking! Hell, yeah! 🤣 ZA can keep current approach! I'm not talking about structural changes. I'm talking about "complements", small further steps, for example: 1. App and Firewall with separated UI controls. An unified alternative might be a Firewall Control, with the option of terminating processes. 2. As [USER=99014]@Trident[/USER] said, ZA can keep current approach, but can offer a kind of "Advanced Options": 2.1 General options ("Block All", "Allow All", "Automatic", "Manual") for both, App Controls and the Firewall Controls. 2.2. The "Manual" option should allow users to block any connection + any process, not just known or safe Apps. 2.3 The "Manual" option is not quiet/silent, needs the [USER=99014]@Trident[/USER] suggestion "user prompt => user can decide" In short, if Average Joe wants a silent ZAESNG, he can choose the "automatic" option (based on ZA safe-list + few logical rules). This Joe will need to trust ZA, but he'll gain a silent peaceful software. And if another user wants "Advanced Options", then he'll gain small control over any process (execution AND connection), but he'll need to deal with ZA pop-ups. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
