"Half a firewall"?
What's wrong with Microsoft's firewall having a default-allow outbound policy (because customers asked for it!) that causes ZDNet and Slashdot to call the firewall "shackled", "crippled", "half its protection turned off", and other like sneering?
My Linux firewall has default allow inbound and outbound. It can enforce other policies that I set, if I tell it to. Does that mean my firewall is "shackled" or "crippled"?
If Microsoft set default deny outbound rules that blocked FTP, Skype, SIP, and BitTorrent, would ZDNet and Slashdot be happy? Or would the article be "Microsoft firewall blocks Skype and BitTorrent by default!"?
It's a tricky point because, as Meng Wong reminded me, empirically, most people accept the defaults they're presented with in many situations. If that's so, however, wouldn't we be happier if Microsoft's market power is used to permit Internet applications to communicate, instead of making a pervasive decision about which applications are OK and which are not? Again, imagine if Microsoft said that Microsoft services were permitted but non-Microsoft services required a firewall configuration change. Youch!
