CYBERSPACE – Home firewalls are easily bypassed by attackers, says a German professor from the Polytechnic University of Lippe and Hoexter, adding that such firewalls are not comparable to the robust systems used by companies and government organizations and are not sufficient to serve as the sole source of protection for PC users.“It’s dangerous to view a firewall as some sort of PC airbag,” Professor Stefan Wolf told South Africa-based Mail and Guardian Online (mg.co.nz).

Wolf, who teaches applied computer sciences at Hoexter, noted that browsers, being inherently designed to connect to the Internet, are particularly vulnerable.

“If the attacker takes advantage of errors in the browser, then the best firewall won’t help at all,” Wolf said.

Wolf argues that users are better served to take more practical steps towards protecting themselves, like keeping current with updates to their operating system, browser, virus protection software, and other web-related applications.

Companies that produce protective software makers, like hackers, are generally moved to act only in reaction to publication of newly discovered security flaws, Wolf told the Mail and Guardian, making up to date anti-virus software is an important last line of defense.

According to the Mail and Guardian, a test conducted by the German magazine PC Professionell showed that none of the six home firewall programs in the test prevented “all attempts from the test programs at establishing outgoing connections between the PC and the Internet.” The Professionell test included both commercial and freeware home firewalls (the Mail and Guardian article does not identify the software tested by name).

Wolf’s assertion concerning home desktops and the Professionell testing both square with the stance of Bonn’s federal agency for IT, the BSI. According to the Mail and Guardian, the BSI states that “(D)esktop firewalls, as they are also called, are practically extraneous, presuming that you adhere to the basic rules of safe surfing.”

Wolf advocates particular caution with regards to JavaScript.

“The primary gateway into the browser is JavaScript,” Wolf told the Mail and Guardian, saying that users should deactivate JavaScript in their browser or use browser extensions to define which web sites can be trusted to execute the program language.

“It’s not convenient,” Wolf concedes, “but it is much safer.”

Wolf also recommends that users have all email attachments scanned by a virus program prior to being opened, perform data backups to external drives or other storage devices regularly, and that users “think twice” before clicking on links to and from unfamiliar sites.

Users should also refrain from using a PCs default administrator account for their daily use, Wolf said, noting that “John Q. Public doesn’t need administrator rights and should log in as such only when installing software.”