lynchknot
April 20th, 2005, 21:56 PM
Another user and I have been questioning connections made in the new Outpost Firewall version 2.6. I have noticed and posted in a few forums regarding "N/A"
Here are his posts:
I worked for a FW manufacturer, I know what is going on. My article is correct, and I am sad that Outpost 2,6 has features that have broken the trust I held in it.
Examining my Outpost logs I discovered that many of the n/a connections were outbound transmissions to 224.0.0.2 - Internet Assigned Numbers Authority!!! This is BAD!!!
OP2,5 didn't do this, and now I have returned to 2,5 the problem has stopped. Zone Alarm made the same connections from version 5 onwards, when it decided to sell its soul to Uncle Sam.
NONE of my programs need outbound access to this US Authority!!!!
Unless somebody at Outpost can assure me otherwise, I have to assume that Outpost has now been pressured by the US Patriot Law.
Zone Alarm, up until 4,5 was free of this tactic, but all versions 5 complied. Norton, and all the others have also complied. Outpost, until the last version, seemed to be the only FW manufacturer to raise a finger to the Patriot Law requirements, which is why I liked it.
I have now gone back to version 2,5 and will not update again until I have a full explanation of n/a, and confirmable assurance that Outpost hasn't gone the way of other security software.
SADLY, OUTPOST 2,6 HAS GIVEN ME REASON TO NO LONGER TRUST IT!!!!!
Ahem... 224.0.0.2 is a broadcasting adress...
not routed in the internet.
could be a clientservice like Retrospect backup-client os something.
Repeat: 224.0.0.2 is broadcast. And very unlikely a security risk.I don't agree. In fact, a member of staff of a well known FW producer proved otherwise. This traffic was DEFINITELY routed through the internet.
I proved this point also with ZA in versions after 4,5. Sadly, "unlikely to be a security risk" is no longer applicable to this, and other addresses.
I have NO PROGRAMS that need to send outbound transmissions to this address. n/a applies to a function of Outpost 2,6 and some of its broadcasts to this, and OTHER US government addresses, were up to 9 MEGABYTES of information!!!!!!!!!!!!!!!!!!!
Please explain what I was "broadcasting".... (besides the contents of my hard disk).
Ok, if you think it is broadcast, then I must have broadcast a whole episode of "Friends" every 20 minutes that I was using 2,6.
Why does 2,6 need to "broadcast" so much information, when 2,5 doesn't "broadcast" anything???The US Government Law Enforcement agencies now insist that all firewalls, software and hardware, allow access to bypass them inbound. The firewall manufacturers are obliged to supply a "key" to this effect. Britain, among other countries, has given in to this request.
The Patriot Act gives the US Government the right to plant "Spyware" in anybody's computer. This can be easily checked by reading the new Spyware Act, which specifically exempts the Law Enforcement Agencies from this Law, and specifically for this purpose.
Also, I am led to believe, and have no reason to doubt, that the US Government has a type of Spyware that sits on another site, and by means of the "key" can leach information from any computer without actually being resident, and therefore remains undetectable.
If you ask any of the main FW manufacturers if any of this is true, which I have done, they absolutely refuse to reply.
Oh hell, here's the thread - it's an interesting read. I have gone back to version 2.5 - http://outpostfirewall.com/forum/showthread.php?t=13635
Here are his posts:
I worked for a FW manufacturer, I know what is going on. My article is correct, and I am sad that Outpost 2,6 has features that have broken the trust I held in it.
Examining my Outpost logs I discovered that many of the n/a connections were outbound transmissions to 224.0.0.2 - Internet Assigned Numbers Authority!!! This is BAD!!!
OP2,5 didn't do this, and now I have returned to 2,5 the problem has stopped. Zone Alarm made the same connections from version 5 onwards, when it decided to sell its soul to Uncle Sam.
NONE of my programs need outbound access to this US Authority!!!!
Unless somebody at Outpost can assure me otherwise, I have to assume that Outpost has now been pressured by the US Patriot Law.
Zone Alarm, up until 4,5 was free of this tactic, but all versions 5 complied. Norton, and all the others have also complied. Outpost, until the last version, seemed to be the only FW manufacturer to raise a finger to the Patriot Law requirements, which is why I liked it.
I have now gone back to version 2,5 and will not update again until I have a full explanation of n/a, and confirmable assurance that Outpost hasn't gone the way of other security software.
SADLY, OUTPOST 2,6 HAS GIVEN ME REASON TO NO LONGER TRUST IT!!!!!
Ahem... 224.0.0.2 is a broadcasting adress...
not routed in the internet.
could be a clientservice like Retrospect backup-client os something.
Repeat: 224.0.0.2 is broadcast. And very unlikely a security risk.I don't agree. In fact, a member of staff of a well known FW producer proved otherwise. This traffic was DEFINITELY routed through the internet.
I proved this point also with ZA in versions after 4,5. Sadly, "unlikely to be a security risk" is no longer applicable to this, and other addresses.
I have NO PROGRAMS that need to send outbound transmissions to this address. n/a applies to a function of Outpost 2,6 and some of its broadcasts to this, and OTHER US government addresses, were up to 9 MEGABYTES of information!!!!!!!!!!!!!!!!!!!
Please explain what I was "broadcasting".... (besides the contents of my hard disk).
Ok, if you think it is broadcast, then I must have broadcast a whole episode of "Friends" every 20 minutes that I was using 2,6.
Why does 2,6 need to "broadcast" so much information, when 2,5 doesn't "broadcast" anything???The US Government Law Enforcement agencies now insist that all firewalls, software and hardware, allow access to bypass them inbound. The firewall manufacturers are obliged to supply a "key" to this effect. Britain, among other countries, has given in to this request.
The Patriot Act gives the US Government the right to plant "Spyware" in anybody's computer. This can be easily checked by reading the new Spyware Act, which specifically exempts the Law Enforcement Agencies from this Law, and specifically for this purpose.
Also, I am led to believe, and have no reason to doubt, that the US Government has a type of Spyware that sits on another site, and by means of the "key" can leach information from any computer without actually being resident, and therefore remains undetectable.
If you ask any of the main FW manufacturers if any of this is true, which I have done, they absolutely refuse to reply.
Oh hell, here's the thread - it's an interesting read. I have gone back to version 2.5 - http://outpostfirewall.com/forum/showthread.php?t=13635