Throw Your Firewall Under The Train?

A report from the Mail & Guardian Online claims that a home firewall is virtually useless, and "is not much more than a leaky dike." But there's less to this report than meets the eye, and its conclusions may be highly misleading.
The publication cites an article in PC Professionell that claims that of a half-a-dozen firewalls tested, none could stop every attempt by test programs to make an outbound connection from a PC to the Internet.

It also noted that the article warned that browser vulnerabilities may make matters worse, because malware can piggyback onto browser connections to bypass firewalls.

All that's well and good, as far as it goes. But it ignores a number of facts. It talks only about outbound connections, not inbound ones. One primary purpose of a firewall is to prevent infections in the first place --- and firewalls can stop unsafe inbound connections. The article assumed that a firewall would be installed only after a PC was infected, which is rarely the case.

In addition, the firewalls did stop some unsafe outbound connections. Just because it couldn't stop all is no reason to throw your firewall under the train.

The upshot? Home users shouldn't compute without a personal firewall. A free one is built into XP, and an even better free one is being built into Vista. There are plenty of other good free ones out there as well. They cost nothing, and they provide security. Why complain about that?