Slashdot Mirror

I don't think however, that it can compete with Outpost Security Suite.

MSE may have more knowledge from all the Windows-phonning-home-and-reporting-infection-statistics, but Outpost has a vastly superior (to pretty much anything non-professional) firewall. And it's still free.

I'm always surprised how anyone can call MSE good. And think "It's the most quiet" or "I didn't have a single virus since then" is somehow a good thing. (Not having installed one is even more quiet and you will see even less virus warnings, but that doesn't make it good.)

Hello,

Below is a list of free application software firewalls I put together a while ago. Not sure if they are all current, and I am probably missing quite a few, but it is a starting point.

Firewalls
Active Network - Active Wall Free Edition
Agnitum - Outpost Firewall Free
AS3 Soft4U - AS3 Personal Firewall
Ashampoo - Ashampoo Firewall Free
Comodo Group - Comodo Firewall (now a part of Comodo Internet Security)
FilSecLab - Filseclab Personal Firewall Professional Edition
Group 4 Business Intelligence - IDNWebShield (main web site down when last checked)
NetVeda - NetVeda SafetyNet
PC Tools - PC Tools Firewall Plus Free Edition
PrivacyWare - Privatefirewall
SecurePoint - Securepoint Personal Firewall & VPN Client - (discontinued?)
SoftPerfect - SoftPerfect Personal Firewall
Tall Emu - Online Armor Free - (acquired by EmsiSoft?)
WIPFW Project - WIPFW - (port of BSD IPFW)

Firewall Managers
GT Delphi Components - Windows Firewall Ports & Applications Manager (WFWPAM)
Sheesley, Eric - XPFiremon

Hopefully, this is of help.

Regards,

Aryeh Goretsky

Hello,

Below is a list of free application software firewalls I put together a while ago. Not sure if they are all current, and I am probably missing quite a few, but it is a starting point.

Firewalls
Active Network - Active Wall Free Edition
Agnitum - Outpost Firewall Free
AS3 Soft4U - AS3 Personal Firewall
Ashampoo - Ashampoo Firewall Free
Comodo Group - Comodo Firewall (now a part of Comodo Internet Security)
FilSecLab - Filseclab Personal Firewall Professional Edition
Group 4 Business Intelligence - IDNWebShield (main web site down when last checked)
NetVeda - NetVeda SafetyNet
PC Tools - PC Tools Firewall Plus Free Edition
PrivacyWare - Privatefirewall
SecurePoint - Securepoint Personal Firewall & VPN Client - (discontinued?)
SoftPerfect - SoftPerfect Personal Firewall
Tall Emu - Online Armor Free - (acquired by EmsiSoft?)
WIPFW Project - WIPFW - (port of BSD IPFW)

Firewall Managers
GT Delphi Components - Windows Firewall Ports & Applications Manager (WFWPAM)
Sheesley, Eric - XPFiremon

Hopefully, this is of help.

Regards,

Aryeh Goretsky

Or install one of the Agnitum Outpost family of security products. They allow you to monitor, log and lock-down all connections made, *per-process*. They monitor and block processes injecting components into other processes in an attempt to work around the communication lockdown and much more. You'll then have complete control over every aspect of the computer's operation - no longer will you be left wondering which process on the machine made the connection. Try it today!

• Antivirus (use with firewall)
  • NOD32 ESET (fast, reasonably secure)
  • GData (slower, best possible protection)
  • Avira (fast, highly secure, & free version)
• Firewall (use with antivirus & antispyware)
  • Comodo (free, hard to configure)
  • PC Tools (free, easier to configure)
  • Zone Alarm (pay & free versions)
  • Agnitum Outpost (pay)
  • Jetico Firewall (pay & free versions, hard to configure)
• Internet Security Suites
  • Kaspersky
  • GData
  • BitDefender (cheapest)

That and lock down your browser, by installing Firefox, with NoScript, Better privacy, adblock plus, and deny cookies by default, then enable the cookies you want using the cookingSafe extension. Do that no matter what security software you have installed. Or of course you could save yourself a great deal of trouble by using Linux.

Outpost Firewall Pro has a component which removes ads before they even reach the browser. I haven't seen one for ages..

But,just like that stupid baseball hearing,this is just another way for the government to be worthless and waste time and money while pandering for votes.What they SHOULD be doing is working up a plan to increase broadband capacity state by state so we can be competitive this century.What we get is crap like this and baseball hearings while our economy and infrastructure fall apart.But of course when the biggest story in the news for weeks is "Oh Noes,Is teh Britteny Crazy?" what can we expect? Just another case of rearranging the deck chairs while the boat sinks.But as always my 02c,YMMV.

You are on DSL or Cable and do NOT have a firewall? Spend a few bucks and get one!

Spend money on one?! Dear oh dear..

Zonealarm (requires annoying popups asking you to buy),
Agnitum (requires reg),
Kerio (reverts to free features after 30 days),
Comodo (totally free as it's an advert for Comodo other products)

Agnitum's technical brief about Microsoft's approach to Kernel Patch Protection has sparked intense discussion at Digg/Slashdot.

May we participate in the debate?

Agnitum believes Microsoft's motivation for introducing Kernel Patch Protection is clear. It is attempting to better protect the typical user of Windows XP x64 and Server 2003 x64 from rootkit vulnerabilities.

Unfortunately, the approach taken by Microsoft limits the ability of third-party software developers to protect Vista users from other vulnerabilities inherent to Windows. This affects not just Agnitum. It affects Zone Labs, McAfee, Symantec and other developers of security software.

Third-party security software uses a variety of approaches to protect Windows users. As we noted in the technical brief, http://www.agnitum.com/news/kernel_patch_protectio n.php:

"One of the most commonly used approaches to implementing proactive protection involves changing and monitoring the Service Dispatch Table (SDT), which is used by the OS to transfer control from user-mode to kernel (low-level system mode)."

Developers who need deep kernel integration often patch the kernel by changing the service number in the SDT, and when a call is made to invoke a system service, the third-party code is invoked instead of the kernel code -- and the third-party code then returns control to the operating system.

Kernel patch protection in the x64 versions of XP removes the ability of developers to legitimately change the service number in the SDT by hiding it - but imposes no such restriction on hackers.

Which is the point we are trying to make. On the one hand, kernel patch protection makes it more difficult for security software to defend Windows from attack. On the other hand, "surprise kernel patches" open Windows to new, broad attack. And please also note that there is no such thing as a secure firewall if that firewall lacks deep OS integration.

This is not progress. Microsoft's approach forces users to rely on Microsoft and only Microsoft for operating-system security. If past experience is anything to go by, we know that third-party security tools are more robust and provide better protection than what Microsoft offers.

Clearly, kernel patch protection in its current form is not perfect. Yes, Microsoft is correct in wanting to protect users from rootkits. However, from my point of view, it is more necessary to introduce security measures that do not make users more vulnerable.

Igor Pankov,
Product Marketing Manager at Agnitum

I've been using a free version Agnitum's Outpost firewall for several years now on my w2k machine and its a clever little program, far simpler and thinner than the offererings from the major players. However like any good firewall program it does require the user to make very technical decisions on network traffic permissions whenever a process tries to contact the internet. Now before I praise it for not letting a process (virus/spyware/legitware) do a thing I don't want for the last couple of years, I do have to mention a disclaimer that in addition I've got the latest security updates for w2k, a NATted hardware firewall on the router and generally secured my system according to NSA's manuals.

Unlike in a Unix environment, in Windows the basic security concepts aren't required of the user. Windows computers despite the networking or even server capabilities are still built upon the philisophy of Personal Computer where the user has total control but also total responsiblity for what the software does. Microsoft's attempts to somehow augment security on top of this flawed concept is not going to succeed and in fact seems to be going the opposite way. Certainly my w2k box is easier to make secure than XP with its 'security improvements' and it seems Vista will make it impossible for the user to secure the computer that he's supposed to own and control.

Sadly I will try to stick with poor old w2k as long as possible but eventually I might have to resort to going the OSX way...

Interesting - I was not aware of the issues with Zone Alarm. I do see they had issues with v6 calling home to a number of servers. Do you have any specific links? I will take a look a Sunbelt as you mentioned. I also see Outpost has free Firewall that is recommended.

http://www.agnitum.com/products/outpostfree/

Cheers.

When I used to use Windows, I never used to use antivirus. Or even anti-spyware software.

I believe with a good firewall, a good HOSTS file and some common sense, you should be fine. And the vast majority of Slashdot readers have plenty of common sense. I use ubuntu these days.

free
http://www.7-zip.org/
http://www.cdburnerxp.se/
http://www.mozilla.com/firefox
http://djlizard.net/software/dial-a-fix
http://www.yamipod.com/main/modules/home
http://www.safer-networking.org/en/index.html

shareware
http://www.steganos.com/?product=safe8&language=en
http://www.agnitum.com/products/tauscan/index.php
http://www.kaspersky.com/antihacker

I'm assuming you are using the 'free' versions of this software, otherwise igore the rest of this message!

Bearing in mind you are a non-commercial organization - and a worthy one - I would double check the licenses for these as far as educational and non-commercial organizational use is concerned. And perhaps a complimentary email to vendors for clarification where necessary?

SpywareBlaster looks OK for teachers.

Spybot I would confirm with author. They seem 'edu' friendly, from their tone.

AVG License is perhaps slightly ambiguous in this case. Schools are non-commercial but they are 'Organizations'.

Ad-Aware not free for educational use.

You may have omitted your firewall of choice but most of them have similar organizational clauses. I think Outpost Free may be OK.

Probably the best software firewall for Windows: Agnitum Outpost Firewall Pro: http://agnitum.com/products/outpost/.

More configurable than its competitors, does well on security tests, too.

Check the Web for some independent tests.

You'd have to check whether it runs on 2003.

An alternate to zone alarm for windows is Outpost (http://www.agnitum.com/products/outpost). Just another suggestion because as I'm sure we all know, when it comes to security other options help, for example running Firefox instead of Internet Explorer.

I've never used zone alarm, but I've heard that its real-time bandwidth meter slows down bandwidth.

Zone Alarm doesnt run as a service.

Therefor you shouldn't run it on a server, as Zone Alarm wont run when noone is logged in. This isn't that much of an issue on a home computer where the user will log in immediatly. However, a server will run most of the time with noone logged in. And I want my firewall to be up then.
If you use a software firewall, make sure that it runs as a service.

I once choose Agnitum Outpost as a firewall (the PRO version, because the free one doesn't run as a service) and was pleased with it.
However, this was before there was an integrated firewall in Windows, now, I'd just use that.

And, as others already suggested, a dedicated, separated firewall, be it a BSD-Box or specialized hardware.

If, for some reason, you can't use a separate firewall, try the Outpost firewall from Agnitum. Comes with some additional modules such as ad blocking, active content filter (can remove scripts, Java and ActiveX), email attachment filter (remove executables), and supports additional modules. All of those can be disabled if not needed.

• Firefox
• Thunderbird
• Outpost Firewall
• Cygwin
• The GIMP
• Spybot
• adAware
• Trillian
• Google Desktop Search
• SETI@home
• iTunes

Use a hardware router that filters out *ALL* unsolicited incoming internet connections. This should 'hide' your computer from others while on the internet. In addition, use a software firewall program such as Outpost.

Install an antivirus program such as AVG and keep it constantly up-to-date.

'Harden IE' by disabling ActiveX, Java, and Javascript. No more IE 0wnage!

Delete/rename the Windows Scripting Host. No more 0wnage via VBScript!

By doing all of the above, it should now be safe to use Outlook (Express) to check your email and not get 0wned by some email-based exploit. Be on the lookout for spam (FREE V14gr4!!!), phish (id theft attempts), fraud (Nigerian advanced fee fraud), and malware (the latest Wintel/OE mass-mailing-virus). To avoid running emailed malware by accident, consider using my approach which renders known and unknown emailed malware 'inert' and safe to handle provided the system hasn't been compromised first.

PeopleSoft , vmware, HP, Trustix , MySQL , SAFLINK , FTI , Constant Data , SurfControl , Software AG , Agnitum , Volante , JBoss , FalconStor , Intershop, Tarantella, Software AG and Bull ,
etc..., etc..., etc...

Google is your friend: 703,000 for novell software partner. (0.58 seconds)

Then disable both WMI and WSC Services and get yourself another personal firewall here or here.

MS opened the WMI to third-party sources and that is why we may mistakenly call it a hole, while in the reality it's an option.

Another great firewall is Outpost. Easy to configure as well and doesn't drag on your system.

Secure IE against ActiveX/JavaScript/VBScript/IFRAME exploits

Stop the 'unblockable' Messenger service

To further minimize the possibility of malware invading your system, use antivirus and firewall products. I use:

AVG antivirus by Grisoft.
Sysclean by Trend Micro
Outpost Firewall by Agnitum.

Filter spam/malware out of your email. I use CF13-POP3(TM). It is a freeware program I wrote to crush the email spam/malware menace. It is very effective.

A companion shareware program I wrote at the above URL is an all-in-one software mail server that makes it pratically impossible to accept and deliver email spam/malware.

Secure IE against ActiveX/JavaScript/VBScript/IFRAME exploits

Stop the 'unblockable' Messenger service

To further minimize the possibility of malware invading your system, use antivirus and firewall products. I use:

AVG antivirus by Grisoft.
Sysclean by Trend Micro
Outpost Firewall by Agnitum.

Filter spam/malware out of your email. I use CF13-POP3(TM). It is a freeware program I wrote to crush the email spam/malware menace. It is very effective.

A companion shareware program I wrote at the above URL is an all-in-one software mail server that makes it pratically impossible to accept and deliver email spam/malware.

What you're forgetting is: it's not advertisers who put ads on the websites you view, it's content providers. They have to sell the advertisers on the idea that some number of people are viewing their ads; without controls such as these, the prices the content providers are paid will decline, and their profit/ability to pay the bandwidth bills will decline similarly. Your best option is to STOP VISITING SITES that have obtrusive/annoying ads-- I fear the internet, or what's left of it after you pass it through this filter, will be dreadfully boring. Of course, once SP2 becomes mainstream and some critical x% of the market has these popup-blocking capabilities on by default, the advertisers will stop paying for popup space anyway, and banners will start occupying more of the body of the content, or "follow-through" pages subjecting you to full-screen ads. Unless you use any of the many decent adblockers (Agnitum Outpost firewall comes with a well-configured one, plus AdBlock is available for the mozilla browsers.), in which case you can sometimes bypass all the annoying ads without realizing they even existed. You'll be safe as long as microsoft doesn't implement one in their own browser, which they're unlikely to do, since it'll still be a fraction of a fraction of people who use these tools (this is true for anything that requires active knowledge and action on the part of the user).

...to resort to this.

With my program CF13 rendering malware harmless for my inbox, I use Agnitum's Outpost Firewall to keep malware out of my system at the protocol level.

The next step down for the scammers/spammers is to compromise popular software firewall programs by any means necessary!

I urge you all now to create a 'system rescue CD-R' with the installation file of a known good copy of your favorite software firewall program and store it in a safe place in case you need it.

Those that can afford it will simply use a hardware-based firewall device.

I have CF13 handle all my incoming email. I'm getting unwanted file attachments that are likely brand-spanking-new malware but haven't been detected yet by the antivirus programs as malware (just released into the wild). So these suspect file attachments sit as 'text files' on my hard disk drive waiting to be scanned and identified as malware--a likely possiblility.

I use Outpost Firewall to keep malware out at the Internet data transport level. Using both give me peace of mind after my run-in with Klez a year or so ago....

About two years ago I download a shareware program from a particular website.

After that, my PC acted sluggishly after I installed the program and whenever I when online.

I finally found out my PC had picked up the Klez virus and that a bunch of .exe files were infected with it.

After this incident, after disinfecting my PC, I took PC security very seriously!

I found the URLs below very helpful to keep my PC free of all malware:

The 'Home User Self Defense Guides' at http://www.uksecurityonline.com
(Thanks to spammers/crackers/blackhats, you have get a free account with a valid email address in order to access the Guides.)

AVG antivirus by Grisoft.
Sysclean by Trend Micro
Outpost Firewall by Agnitum.

My program CF13 keeps malware out of my PC by treating all email file attachments as 'text files'. This renders any malware in them inert and also makes it safe to scan said files for malware or otherwise handle them--even delete them.

The only way the botnets will continue to survive is through user inertia/apathy or, worse yet, trusted firewall/antivirus programs become silently compromised and used widely.

About two years ago I download a shareware program from a particular website.

After that, my PC acted sluggishly after I installed the program and whenever I when online.

I finally found out my PC had picked up the Klez virus and that a bunch of .exe files were infected with it.

After this incident, after disinfecting my PC, I took PC security very seriously!

I found the URLs below very helpful to keep my PC free of all malware:

The 'Home User Self Defense Guides' at http://www.uksecurityonline.com
(Thanks to spammers/crackers/blackhats, you have get a free account with a valid email address in order to access the Guides.)

AVG antivirus by Grisoft.
Sysclean by Trend Micro
Outpost Firewall by Agnitum.

My program CF13 keeps malware out of my PC by treating all email file attachments as 'text files'. This renders any malware in them inert and also makes it safe to scan said files for malware or otherwise handle them--even delete them.

The only way the botnets will continue to survive is through user inertia/apathy or, worse yet, trusted firewall/antivirus programs become silently compromised and used widely.

As such, most crapware is not opt-in - only experienced and security-aware users know how to configure their systems to avoid it. Binning Internet Explorer is a good start, but using web-filtering software to block ActiveX, Java and Javascript (like Proxomitron, WebWasher or a firewall like Outpost), an application firewall (like System Safety Monitor) and a crapware scanner like AdAware or Spybot Search and Destroy are also necessary steps.

Linux users should not be complacent here either - almost all crapware currently targets Windows but can be written to run on Linux once it gains signifcant usage amongst mainstream users. Check Adware and Under-Ware - The Definitive Guide for a history of crapware.

ANY unauthorized intrusion into someone's computer is against the law

What does one do when the intruding IP addresses are, at face value, part of the United States Federal Government?

It happened to me not too long ago when my PC's copy of Agnitum's Outpost Firewall trapped four separate intrusion attemps from, at face value,
a particular United States Federal Government agency.

It could have been nothing more than IP spoofery by anonymous Internet pranksters....But what if the intrusions were for real and came from
(un)compromised computers from within said United States Federal Government agency?...

Better (download, install and) use a trustworthy hardware/software firewall before they get compromised to allow such activities to go undetected....

>Where do you buy those by the way

Right here

• Outgoing connection filtering
• Application checksumming (with MD5)
• Protocol level mail attachment scanning
• *Really* detailed logging
• Pop-up ad blocking (OK, this is going to be in IE but is off by default)
• Banner ad blocking (not in SP2 IE at all as far as I can see)
• Cookie control
• Policies for pop-ups, scripting, ActiveX and so on handled on a per-site basis

If you want to block outbound traffic you need something like ZoneAlarm or Agnitum Outpost, both of which have free-for-personal-use versions available.

Can we say... Outpost Firewall?? :-)

it can be found here

As for the antivirus i don't really know what to say.

This is also a problem for the firewall I use, Outpost since it has a default System rule of "Allow Loopback" - however this can be removed, fixing the problem. You then need (and will be prompted) to create separate rules for each application that needs access via the proxy software.

That's about as secure as you can make an average home users computer without uberexpensive corporate solutions

I'm going to disagree with you again here...running anti-virus software is still a necessity and if you download a lot from "questionable" sources (IRC, P2P, Usenet), then Anti-Trojan software is strongly recommended. The best here appear to be TDS-3 and TrojanHunter. Also, running an application firewall (one that intercepts calls between Windows applications) like System Safety Monitor can do a lot to prevent malware from getting started on your system.

This is also a problem for the firewall I use, Outpost since it has a default System rule of "Allow Loopback" - however this can be removed, fixing the problem. You then need (and will be prompted) to create separate rules for each application that needs access via the proxy software.

If you liked AtGuard, then check out Outpost Firewall. Version 1.0 is free while version 2.0 (better against leaktests, new logging system) has a 30-day trial. This allows you to craft specific rules (direction, protocol, port, IP address) for each application and has a number of plugins for other tasks (ad-filtering, activex/java/script/cookie control, DNS cache). There's an online guide and a user-run support forum.

For anti-virus software, have a look at Grisoft AVG. It's free for personal use, though you need to supply a valid email to get a registration code.

Agnitum Firewall. I can't beleive it hasn't been mentioned yet. It absolutely provides the most control. I've tried ZA, Norton, Sygate... none of them seem to let me have complete control over what every application is allowed to do. Plus, its got plug-in capabilites, with things like DNS caching and ad-blocking bundled with the main software. It also logs every connection, and gives you summaries (i.e. how much traffic from this app, on this day, etc...). I highly recommend it.

I've found that Agnitum Outpost Firewall is good also: the free version is free for all, as in beer. It does the job nicely: the link is outpost, there are two: 1.0 is the freebie.
There are two free as in beer antiviruses too: the german antivir and grisoft avg.

I have a routed block at home, and my basic setup is to use the embedded firewall (it's BSD running IPF as far as I can tell) to perform basic ingress/egress firewalling, DoS and portscan detection etc. and provide an Internet synched NTP server. All the firewall rule violations get sent back to a Linux box via SysLog and I also monitor network devices via SNMP. *All* my internal kit is restricted access by a local firewall; IPTables on the Linux boxes and Agnitum's excellent Outpost Pro on the Windows boxes. On top of all that, I have a slew of other stuff; TCPWrappers, a NAT'd wireless network locked down by MAC address, my switch is also locked to MACs and there is a small battery of IDS stuff running.

• That's the setup. How does it work? Very well it turns out; here are the stats for Friday:
• IP sessions blocked by gateway firewall: 4072
• IP sessions blocked by local firewalls: 0 (that's zero!)
• Probes of FTP server: 1
• Probes of HTTP server: 16 (looks like Nimda's nearly dead)
• Probes of SMTP server: 0 (that's suprising!)
• Probes of SSH server: 0 (ditto)

They already do, and have been for a few months now, I've seen just about every combination of file extension obfuscation for both the archive and the payload in my mail scanner's logs. While I'm smart enough to know not to click on an attachment, mistakes do happen, so I've got a whole bunch of hostile file extensions that automatically get ".safe" tacked onto the end of them by my firewall as well.

Both types of firewall are needed - and with new ways for malicious apps to piggyback onto legitimate ones like Firehole, an up-to-date personal firewall that can handle DLL injection (I believe the latest ZoneAlarm does as does version 2 of Outpost - currently in beta) should be thought of as a necessary companion to the corporate firewall. An application firewall like System Safety Monitor should also be considered - properly configured this can stop any spyware in its tracks.

Finally, restricting Active Content (ActiveX, Javascript and Java) to only a few "trusted" sites will do a great deal to prevent users from being affected by drive-by downloads, home page hijacking and various other forms of malware. A good reference on these can be found at Eric Howes' Privacy and Security Site.

Users of the Agnitum Outpost firewall can download the Blockpost plugin which blocks access to sites at the IP level (i.e. you would not even be able to ping such restricted sites). A Blockpost filter list based on the P2P Enemies list can be found in this thread.

'Free' Costello CD seeds DRM, MS Media Player 9 By John Lettice Posted: 09/22/2002 at 10:55 EST
Hardware supporting Microsoft's Secure Audio Path DRM technology seems to have arrived, albeit somewhat bashfully, and as if that wasn't enough, today the UK Sunday Times newspaper unleashed a neat little trojan that'll upgrade you to Windows Media Player 9, complete with all those lovely facilities to protect 'your' music. If you're not careful, that is.

To remind you, Secure Audio Path is a Digital Rights Management technology designed to interpose its body between encrypted digital music and the output device, thus stopping DMCA-breaching criminals diverting the stream to an unauthorised application. In order to work it needs compliant, authenticated output devices, and by a miraculous coincidence we've just been tipped off about one of the first cuckoos to go public - Creative Labs.

Microsoft itself publishes a helpful list of players, marking those including Windows Media DRM, but bear in mind the list is dated May, so there should be quite a few more around by now. In addition, it's not particularly easy to track which PC sound cards and audio systems are compliant, so let's hear it for Creative, which has quietly announced a couple of them in the readme files of its Soundblaster Live update software.

These state:

"Microsoft's Digital Rights Management (DRM) is a technology which enables the copyright owner of an intellectual property (for example, a digital audio file), to control how the listener uses the file.

"To protect against unauthorised duplication, Sound Blaster Audigy [or Sound Blaster Live!, in the other readme] shuts down its digital output when encrypted files are played back through a Microsoft DRM supported audio player (for example, Creative PlayCenter)."

Creative will of course by no means be the only company whose products do this, and we wouldn't be at all surprised if many of them didn't feel the need to inform you of the feature on the packaging, in the manual, in the licensing agreement or even in a readme several folders deep in the software. But one can pick up the odd clue. Here, for example, is one of Microsoft's lists of audio chip manufacturers supporting WMA format. Note the reference to Corona (WMP 9) and, way down at the bottom: "Windows Media offers the industry's only integrated digital rights management solution."

The hardware could get kind of tricky to avoid, but the file format itself is currently less so. Which makes today's Sunday Times exercise rather interesting. As far as we know this is the second such exercise performed via a ST freebie. We didn't pick up on the first (Oasis, sorry people), but we've had a good look at this one.

It consists of preview tracks from Elvis Costello's When I was Cruel - Collector's Edition, due out on Monday. There are some audio tracks, which are unprotected, a couple of unprotected WMAs and a couple of protected ones, which you're only supposed to be allowed to play four times. Wearing our best face-mask and lab coat, we investigated.

Linux finds the file system on the CD alien, and declines to mount it. You can cancel the autoplay and browse the CD under XP, then copy a protected track to the hard disk and try to open it with Ashampoo, which is a nice little player which also supports .ogg files, and which we just recently discovered. It starts out thinking it's a WMA file, but then reports an unsupported file format.

OK, so what happens if you let the CD autoplay? You get the Sunday Times opening screen, then clicking continue takes you to a screen listing the tracks, what you can do with them, together with entries for "how it works" and "test your PC." The salient points of the first are that you need:

"-Windows Media Player 7.1 or later, configured to automatically acquire licenses.
-A internet connection is necessary to acquire a license for the protected tracks."

The test routine merely checks if you qualify and points you in the right direction if you don't. Opening the files with WMP, by the way, takes you in pretty much the same direction. You get the following message:

"The content you are accessing requires an additional level of security. In order to play it, you will need to update your Digital Rights Management Installation.

"When you click OK, Windows Media Player sends a unique identifier for your computer to a Microsoft service on the Internet. Click learn more to find out how the Microsoft service protects your licenses, files, and your privacy."

Unhappily, as Agnitum firewall was in the way we never did learn how Microsoft was protecting us. The page of recommended media players is however here. Note that the XP installation is running WMP 8, but that it still needs to have its DRM switched back on (which we presume would happen if we persisted) and to have the unique identifier issued. OK, try Windows 2000 with WMP 6 on it. On trying to play a file with this, you're advised that Media Player 7.1 or above is needed, and if you go ahead and click on upgrade, it takes you through to the Media Player 9 beta. At the bottom there's a link for all available versions, but even there you've got the beta listed first.

So, you've got a free preview of a couple of tracks, and you can listen to them each four times so long as you just follow the instructions. If you do, then you'll (most likely) end up with the beta of Microsoft's latest DRM player (which youn can't easily get off XP), and you'll also have your settings changed so that your installation facilitates DRM, WMA format and pay per play. But don't worry, it didn't cost you anything.*

* We were contacted by a reader a couple of weeks ago with a cautionary tale about players that protect your music. The reader was maybe a little careless, true, but it's easily done for people who never look in their settings, and who might not notice things getting switched on. Say you've recorded bought CDs using WMP, and you decide before upgrading to XP you'll do a clean install, so you back up your music files, vape the disk and then do the install. You did back up your licences as well, didn't you? Oh dear...

I tried the test and I think the problem is basically caused by the HTTP referrer field (as another post mentioned below). This isn't exactly a new exploit (from my understanding) but a function of the the HTT-Protocol that not many people seem to know about.

If you've got a windows machine machine you can get the Agnitum Outpost firewall. Not only is it a good firewall (Zonealarm screwed up my machine) but it can block ads , content (based on what sites you tell it to block) and can block referrers. You can also write plugins for the firewall to do other functions. (PS I don't work for these people - i just use and like the firewall)

I tried the test and I think the problem is basically caused by the HTTP referrer field (as another post mentioned below). This isn't exactly a new exploit (from my understanding) but a function of the the HTT-Protocol that not many people seem to know about.

If you've got a windows machine machine you can get the Agnitum Outpost firewall. Not only is it a good firewall (Zonealarm screwed up my machine) but it can block ads , content (based on what sites you tell it to block) and can block referrers. You can also write plugins for the firewall to do other functions. (PS I don't work for these people - i just use and like the firewall)

And if that gives you BSODs when you permit something to access to your comp. You can Deny it first and then make a new rule manually, try the beta version available from the UK site only, or any of the other free firewalls that feature custom rules.