8/29/08

Flock 2.0 beta 2

Flock, the social Web browser built using Mozilla's implementation of XUL, is based on one principle: More of what you want the Web for, connecting with people and services, should be built into and aggregated by the browser. I used Flock 2.0 beta 2 for several days and found a lot to like and a few shortcomings. Overall, however, Flock achieves its goal. The changes in Flock 2 from the previous version don't seem to me sufficiently major to merit a full version-number bump, though perhaps moving to the underlying Firefox 3 foundation justifies it, bringing all the goodness from that new release, including its lauded Awesome Bar.


As with Firefox, Flock has installers for Linux, Mac OS, and Windows. Installation is routine, but paranoid users should beware: The "Allow gathering of anonymous usage statistics" check box is selected by default. The option that makes the app your default browser is also checked. On the other hand, the installer does ask before importing bookmarks and settings from your existing Firefox or Internet Explorer setup.

Flock's interface is a bit more fun than Firefox's or Internet Explorer's, and tabs are somewhat clearer than those in Firefox. A My World button loads a Web page combining all your Feed, Friend, and Media activity. Flock's side panel lets you view and interact with Friends from your social networks, and there's a Media bar for viewing image and video feeds. A built-in Blog Editor, Web clipboard, and Photo Uploader also set Flock apart from other browsers.

Several small buttons right next to the address bar let you interact with the page you're visiting. The most unique and useful are just to the left of the address bar, signaling pages with media streams, feeds, and search. The buttons make it easy to incorporate the page's content and services right into the browser. To the right of the address, two options—the first for Digg and the second for e-mail—make it easy to share the current page with others

Read More...

FireFox 3

Three years in development, over 15,000 bug fixes and feature improvements, a new page rendering engine, remarkable performance gains, multiple OS integration—you could say the several hundred engineers working on Firefox have been busy. And their work has paid off. Speedy performance, thrifty memory usage, and, in particular, the address bar that now predicts where you want to go when you start typing (what Mozilla insiders refer to as the Awesome Bar) firmly plant Firefox at the top of the Web browser hill, flying the flag of our Editors' Choice for browsers.


When you install Firefox 3, you don't have to worry about losing anything from Firefox 2—history, bookmarks, start page, search engine preference, and even downloads performed in the earlier browser version—all will be there to greet you like old friends. The installer for Firefox 3 is available in 46 languages, from Afrikaans to Ukrainian. The US English version weighs in at a 7.1MB for Windows, 17 for Mac OS X, and 8.6 for Linux. Installation is as painless as it gets—it took me about 20 seconds on a far-from-new XP system.

Firefox 3 looks barely different than its predecessor, but it's undergone a minor face-lift—in particular, the Forward and Back buttons, in combination, look like a sideways keyhole. The browser buttons and window frames have also been redesigned to conform with the look of whichever OS you're running—Windows XP, Vista, Macintosh, or Linux.

Read More...

8/9/08

Comodo Firewall Pro 3.0

The Comodo Firewall Pro 3.0 (CFP) it’s not a free software for noncommercial use—it's free to all, period. According to Comodo CEO Melih Abdulhayoglu, it will remain free indefinitely. A well-thought-out set of protection levels lets it conform to the needs of any user, from novice to über-geek.


This new version has a refined-looking user interface without the separate Comodo Launch Pad used by version 2.0: Future add-ins will plug directly into CFP. Its main screen shows overall system status, much as many security suites do. It also includes Comodo news, a tip of the day, and links to configure program features. Most suites display a red warning if you turn off a significant security element, but CFP figures that if you turned it off you must have meant it. CFP shows a red X only if there's something actively wrong with the configuration, in which case it offers a link to a built-in diagnostic that could fix the problem.

Comodo's press materials mention a significant reduction in memory footprint despite the new features. I happened to have an installation of version 2.0 handy, so I took a quick look using Task Manager. Indeed, version 2.0 tied up over 22MB of memory, while version 3.0 used less than 7MB it’s Reduced by two thirds

NEXT --- Flexible Features of Comodo Firewall Pro 3.0
Read More...

Flexible Features of Comodo Firewall Pro 3.0

Comodo Firewall Pro 3.0 give the choice of protection levels starts during installation. If you choose Basic, you get a simple personal firewall that protects against attack from outside and controls which programs can access the Internet, much like ZoneAlarm's free firewall. Choosing Advanced turns on the Defense+ feature, which monitors and protects many other critical system resources. Defense+ is similar to the OSFirewall feature found in ZoneAlarm Internet Security Suite 7. Of course, turning on Defense+ means you'll get a lot more queries and notifications from the program.

And Another choice during installation tells the firewall to cut down on pop-up queries by automatically approving any program found in comodo's database of almost a million safe programs. Only a confirmed masochist would turn down that offer. By default, the firewall blocks all unsolicited incoming connections. The installer warns that this will interfere with file-sharing programs, Remote Desktop, and any other applications that require your system to act as a server. If you're a Kazaa fiend, just choose to allow (and monitor) incoming connections.

In another move aimed at reducing unnecessary pop-ups, Defense+ starts off in Clean PC mode, assuming that all programs already on the hard disk are safe. As you use the computer, CFP automatically learns what those programs do and creates rules specifically to allow their actions. That way they'll be allowed to do their jobs even if you later choose a stricter security level. Programs not already present on the hard disk (downloads, programs on removable media, applications launched across the network, and so on) are subject to Defense+'s full scrutiny.

The network firewall module offers a similar set of security levels. In the default Train with Safe Mode, the network firewall allows outbound access for known safe programs and queries the user when an unknown program attempts access. Like Defense+, the firewall has a training mode in which it automatically makes rules to allow all connection activity it observes. If you raise the security level to Custom Policy mode, the network firewall permits only the network activity that's explicitly allowed and won't automatically create any rules. For most users, the default Train with Safe Mode is appropriate.

NEXT --- Safe from Hacker Attack.
PREVIOUS --- Comodo Firewall Pro 3.0
Read More...

Safe from Hacker Attack

Someone subjected the firewall to his usual barrage of Web-based tests, including port scans and a variety of other sneak attacks. As expected (based on Comodo's past performance), CFP passed with flying colors. All ports were stealthed, making the computer invisible to hackers. Every personal firewall needs to pass this test, since the built-in Windows Firewall can stealth ports.

If you also unleashed your inner hacker, attacking the firewall using methods available to malicious software. If the bad guys can turn off your protection, it's no protection at all. Many people couldn't disable it by changing Registry settings or configuration files. Terminating it using Task Manager failed: I killed off the visible user interface, but the firewall protection remained active. Disabling the Comodo Firewall Helper Service got the product's attention: The status indicator on the main page turned red. But the actual firewall protection is provided by a kernel-mode driver that was completely unaffected. My wacky attempt to turn off protection using simulated mouse clicks did succeed, but just barely. Setting the firewall to Disabled using fake clicks required pixel-perfect accuracy—there's no way a malicious program could automate the process. CFP is fully armor-plated against attacks by the bad guys.

When an unknown program attempts Internet access, CFP displays a standard confirmation pop-up asking you what to do. In addition to the usual allow and block options, though, it also lets you choose from one of several predefined policies: Web Browser, Email Client, FTP Client, Trusted Application, Blocked Application, and Outgoing Only. Choosing one of these when appropriate can head off queries about other types of access. The über-geek user can even build new predefined policies. Of course, if you stick with programs well known enough to be on Comodo's safe list, you won't see these pop-ups at all.

NEXT --- Double-Plus Defense with Comodo Firewall Pro 3.0
PREVIOUS --- Flexible Features of Comodo Firewall Pro 3.0
Read More...

Double-Plus Defense with Comodo Firewall Pro 3.0

I still believe that identifying malicious software by comprehensive analysis of all behaviors is a better solution than just watching for isolated actions. When I tested ThreatFire 3 and Norton Anti-Bot, they did a great job of blocking real-world malware using this type of holistic analysis. And because they look at the program as a whole, they don't flag valid programs that happen to use some of the same techniques. But Comodo Firewall Pro's implementation of single-action behavior blocking is among the best I've seen, especially the option to switch into Installation mode.

Malware writers use a variety of techniques to evade simple program control. Most of these involve either pretending to be a trusted application or getting a trusted application to do their dirty work. And virtually every such technique is covered by Defense+'s monitoring. When I tried running a dozen "leak test" programs that demonstrated these techniques, Comodo Firewall Pro blocked them all. Every single leak test triggered an orange alert reporting that iexplore.exe was launching an unknown program and asking whether to proceed. Since this warning would appear for absolutely any program not on the safe list, I always allowed it. And every time a leak test program tried to create a file or folder, it caused a red or orange alert. Here, too, I chose to allow the action. I blocked only those that actually sounded suspicious, like modifying a protected Registry key or trying to access iexplore.exe in memory.

To see how Comodo Firewall Pro handles innocuous but unknown programs, I installed a dozen PC Magazine utilities, selecting ones that hook deeply into Windows to accomplish their work. They generated quite a few Defense+ pop-ups; I recorded these in a list but allowed all of the reported actions. The results were somewhat surprising. Not counting repeats of the same type of warning (for example, multiple file creation alerts), the leak test programs averaged four alerts apiece, the majority of them orange.

While Comodo Firewall Pro's firewall module takes care of all the basic firewall tasks, Defense+ adds proactive prevention of behaviors that might indicate malware. It monitors a wide variety of system activities, such as interprocess memory access, installation of device drivers, and establishment of global Windows hooks. It watches for changes to specific sensitive files, Registry keys, and COM interfaces. And it detects programs that circumvent Windows for direct access physical memory, the screen, the keyboard, or disk drives. That's a lot to track! It doesn't need to monitor programs that are on the safe list, which takes some of the load off.

NEXT --- Advanced Settings of Comodo Firewall Pro 3.0
PREVIOUS ---Safe from Hacker Attack
Read More...

Advanced Settings of Comodo Firewall Pro 3.

Comodo Firewall Pro 3.0 is all things to all people. It can act as a simple personal firewall that handles only the basic functions. It can broaden its protection to many critical system areas (with a concomitant rise in the number of pop-up queries). And a super-techie can tweak just about any part of it. Best of all, it's free!


Settings for Defense+ include access to the lists of safe and quarantined files as well as to files pending review. You can add to the list of files, Registry keys, and COM interfaces that Defense+ protects (though you'd better know what you're doing). And you can get an informative list of running processes with the option to terminate any one of them—kind of like a super-powered Task Manager. The novice user can simply use the CFP firewall with or without Defense+ and never touch any settings other than the overall security level. For the confirmed tweaker, though, there are tons of configuration options.

In firewall configuration you can manually add a new trusted or blocked application, adjust the way it stealths ports, and define trusted or blocked networks, among other things. comodo's CEO waxed philosophical about the company's intentions. "We have to protect the Internet," he said, noting that unless every PC is protected, we'll all suffer. He calls the product simply "version 3" because it's more than just a firewall, and notes that prevention should be the first line of defense. In his estimation, comodo is like an insurance company that wants to see you stay healthy, while some security vendors are perhaps more like drug companies in that they profit when you're not healthy.

PREVIOUS --- Double-Plus Defense with Comodo Firewall Pro 3.0

Read More...