Sunbelt Personal Firewall Currently User-Unfriendly
Date: Tuesday, May 22 @ 14:53:14 PDT
Topic: News


Normally an excellent product, the latest revision is flawed

Nowadays a decent software firewall - properly, a packet filter - is a must. Not just to warn and/or protect against inbound traffic, but also for outbound traffic. Don't you want to know when a piece of software is, like E.T., trying to phone home? I certainly do.

One of the better products in this game is Sunbelt Personal Firewall. It has had a long history and has come through several incarnations, initially as Tiny Personal Firewall, then Kerio Personal Firewall, before reaching its current home. Inexpensive, very functional (firewall, application monitor, web filter, and more) and reliable, Sunbelt Personal Firewall is a very good product indeed. Or, that is, it has been up until now.

One of the hallmarks of this product is its ease of use. The pop-up dialogs which appear upon any activity which merits user attention are clear, concise, and offer the user the option of remembering the choice made so that future instances of that behaviour are handled automatically.

It is this behaviour - the pop-up dialogs - which is cause for concern in the latest version of Sunbelt Personal Firewall. Previously, if the user selected the "remember this choice" option then it would take effect immediately. If a program was attempting multiple network connections (inbound or outbound) then any which were in the queue would be processed according to the rule just configured, without further prompts. In the latest version, this behaviour has changed. Now, even if the user clicks the "remember this choice" box, if the program in question has kicked off multiple connections then each individual connection spawns a pop-up warning from the firewall. Only once each connection is handled will the pop-ups stop, and future activity be handled according to the newly-configured rule.

As one might expect, this is a most annoying, and unwelcome, change. After all, if I've just ticked a box marked "remember this choice and don't hassle me again" and haven't set any of the granular options for that choice then I don't expect to see another prompt for the same activity (but for a different port number) appear immediately afterwards.

Sunbelt's response, upon my submitting a support request earlier today, was that this behaviour was to be expected. There followed an e-mail exchange in which I explained that burdening an average computer user (or even a more technical one) with excessive pop-ups in contrast to the product's previous behaviour is hardly likely to reinforce the user's decision to use the product. The average non-technical user isn't going to care what a SYN/ACK sequence is or why each individual one must be addressed before the firewall will settle down and stop complaining. Heck, I'm not an average non-technical user and I don't care either. I just want the product to respond immediately to my choices. Expecting me to handle multiple pop-ups because, well, that's how it behaves now is, frankly, a bit off. What if I was trying to use BitTorrent, an application designed to open dozens of connections? The other suggestion from Sunbelt, of manually configuring a rule beforehand, is pointless as well. Were I to do that, I may as well just set the option to block everything unless a rule is set, and try to remember to check the rules if I find that a program isn't talking to the 'Net as expected. The "Tier I Consumer Technical Support" wonk with whom I had that exchange apologised for the inconvenience and promised to raise the matter with the developers.

As far as I can tell, the security offered by the product hasn't worsened, and it's just the pop-up behaviour which has changed. That said, it's jolly tempting to switch the thing to Simple Mode (allow all outbound, block all inbound) just to stop the bloody prompts from appearing each time I run something new.

Sunbelt Software's website says that the current version of the firewall is compatible with Windows 2000 and XP only, but that they "plan on releasing a Vista compatible version in the near future." Maybe displaying ludicrous amounts of warning dialogs is how Windows Vista compatibility is achieved...

In the meantime, if anyone wants to use an older revision, which handles the "remember this, and now bugger off" option properly, version 4.3.635 can be downloaded from the Sunbelt Software website.







This article comes from LWD
http://www.littlewhitedog.com

The URL for this story is:
http://www.littlewhitedog.com/modules.php?name=News&file=article&sid=5025