Doc skrev:
Seems like you don't really understand 'monitor outgoing traffic'.
I replied to that assumption in another post, you may want to read that.
The post I replied to in this case, however, clearly said "stopping
unexpected and unapproved outgoing traffic".
Take email as an example. A lot of 'experts' say that one should ONLY
read email in plain text mode because an HTML coded email needs to
access the web to download page content (ie OUTBOUND connection), and
that could lead to nefarious code being executed on your computer.
Not quite. The reason to be careful with HTML mails are these:
1) They can _contain_ malicious code. They may or may not also try to
download additional code to your computer, but the point is that to do
this they must already contain code designed to do this. Most e-mail
clients are designed not to execute such code, but holes do sometimes
get uncovered and exploited, causing worms to spread by mail. However,
apart from the e-mail message itself, this has nothing to do with
downloading stuff to your computer.
2) Spammers send out HTML mail linking to external images (not code).
These images (or more correctly, the way they are linked) can uniquely
identify individual recipients. The purpose of this is to verify active
e-mail-addresses. Meaning that if an HTML mail contains <img
src="
http://www.spam-my-ass-please.cum/special-offer.gif?ID=Doc"> and
you (or your e-mail client) allows this image to download, then their
webserver will log this, and they will know that you read your mail.
This makes you a target for more spam. Technically this is a privacy
issue rather than a security issue, but you're right: Requests for such
images should not be let out of your computer. Plain text is one way to
do this. Another is to view mails as HTML, but not download the images
from untrusted sites/senders.
Then of course there is the fact that a lot of HTML mails tend to be
butt ugly, but maybe I'm just too picky
So
what if you subscribe to some newsletters that are in HTML format, and
you WANT to read them in HTML ? Do you change your email settings to
allow HTML, read that newsletter, and then remember to change your
settings back again ? Thats a lot of pi$$ing around. Or do you let your
firewall look after you ? Set it and forget it. My email client is left
in HTML mode BUT my firewall blocks all OUTGOING access EXCEPT to the 5
or 6 websites that I have allowed.
Now I'm curious: What e-mail client are you using? Thunderbird handles
these situations just fine. There are two different modes of HTML, and
you can choose which senders to allow referencing to external
pictures/objects in the HTML. SquirrelMail is more strict, and shows no
external pictures whatsoever, but apart from that HTML renders just fine.
I totally agree with you Ron. Being in control of MY computer and where
it goes on the web is in my best interests. Anyone without outbound
monitoring would be really surprised to learn of the number of programs
that try to access the web, usually for innocent reasons like checking
for latest versions etc.
Well, I do see your point. I just guess I'm not that peculiar about this
"innocent" traffic as you are. Here's why:
1) It's just that: Innocent, benign, harmless, and maybe even useful. I
want my AV to download the latest virus signatures. I want Windows
Update to grab the latest patches for my OS. I want Firefox to be fit
for fight.
2) Innocent traffic can usually be disabled inside the innocent programs
causing it in the first place.
3) Programs fitting neither of the above 2 (adware, spyware etc) crosses
the innocent-line in my book, and is not wanted on my computer in the
first place.
Again, I'm curious: Which specific applications do you find it necessary
to prevent from making outgoing connections?
