As a home user, one sometimes finds oneself having to choose between software that works, and software that is usable. Firewalls are a case in point.
The other day, I noticed an article in PC World which proclaimed, "Free firewalls outclass paid-for ones, test reveals". Intrigued, I decided to investigate.
According to this article (written in the middle of last year, and hence possibly out of date), the very best firewall in the world is a free program called Comodo. OK, so I get and install it. Yep, it sure works well ... provided that you know how to use it!
The trouble is that Comodo, like many other security programs, demands the user make decisions - decisions which often requires advanced IT knowledge. In effect, the firewall makers expect their home customers to be IT professionals, which I assume is some kind of programmer's wet fantasy.
The people at Matousec all but admit this. In their article on "the design of an ideal personal firewall", they write:
"The following article describes the design of the ideal Windows personal firewall from programmers point of view. First of all the ideal personal firewall is secure. [My italics]"
Who cares if the program is usable? Just so long as it is secure!
The average personal user has no idea about programming, and, if possible, even less knowledge about what goes on inside the computer. So asking such a user whether 'qftw.exe' should be allowed to run or connect to the Internet is not merely to invite disaster; it is to demand it! Given such incomprehensible requests, most users will do one of two things:
- Either they will follow the Golden Rule for firewalls (which is, "if you don't know, say no") - in which case they will soon disconnect their computer from the Internet, and then remove the firewall that is the cause of all their problems; or
- They will answer yes or no randomly - which begs the question as to why the original programmer didn't just write the program to answer its own questions randomly, and save everybody grief?
By putting the emotional needs of programmers ahead of the practical needs of end users, firewall makers are putting the Internet's security at risk.
No comments:
Post a Comment