| About InfoWorld : Advertise : Subscribe : Contact Us : Awards : Events : Store |
 |
||||
|
||||
 |
||||
 |
|
|||
 |
||||
|
|
|
||
|
|||||||||||||||||||||||||||||||||||||||||
 COLUMN
Putting XP in the zone I GET A LOT fewer messages from readers saying how happy they are with Windows XP and a lot more messages saying how they're grappling with one or another new behavior they hadn't expected.
So far, so good. But readers are, well, alarmed that the firewall's default configuration allows components of Windows XP to silently connect with Microsoft's servers without displaying an alert. One reader installed ZoneAlarm to augment XP's weaker, built-in firewall, removed all named programs and components from ZoneAlarm's OK list, and then rebooted. But XP could still contact the mother ship. This is a concern because Microsoft added numerous features to XP that report information about you or your activities to centralized databases. I wrote four months ago that XP contains a dozen or so components that automatically connect to the Internet (See "Sneaky service packs"). Microsoft describes 11 of these programs in a white paper that's available at www.microsoft.com/WindowsXP/pro/techinfo/administration/manageautoupdate. Windows Media Player in XP, for example, reports to a Microsoft server every DVD movie you play, including its title and a string that uniquely identifies your player (http://online.securityfocus.com/archive/1/257283). ZoneAlarm product manager Jordy Berson explains that the firewall's standard behavior is by design and isn't necessarily a problem. If you install ZoneAlarm using its quick-start wizard, the XP file named SvcHost.exe is recognized as a standard component of Microsoft's operating system. Because XP is considered legitimate, and not a Trojan horse, XP features that use SvcHost to connect to the Internet do not trigger warning alerts if ZoneAlarm is set up this way. "By us preconfiguring those hosts, we're making sure that people can connect to the Internet properly," Berson said in an interview. "If people want to configure it manually, they can do that also." Stripping down ZoneAlarm's list of permitted programs, however, isn't the best way to defeat XP applications you don't like. I recommend instead that you use Administrative Tools to disable each unwanted XP service. A step-by-step tutorial for this is at www.blkviper.com/WinXP/supertweaks.htm (the address is case-sensitive). I discussed this method at length a couple of months ago(see "Services with a smile,"). There may be a lot of things we can find about XP to criticize, but we can't expect ZoneAlarm to fix them all. Brian Livingston is co-author of 10 Windows Secrets books. Send tips to brian@secretspro.com. Subscribe to Window Manager and E-Business Secrets at www.iwsubscribe.com/newsletters.  RELATED ARTICLES  Sneaky service packsRELATED SUBJECTS SecurityOperating SystemsClick here for all of Brian Livingston's past columns. SPONSORED WHITE PAPERS 
SPONSORED LINKS
|
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||
|
||||||||||
