Should you trust a free firewall?

This might be a wacky idea or over paranoia, but should you trust a free firewall. I think some like Sygate or Kerio would be ok but how easy would it be for a new free f/w to be developed to the extent that people trusted it, then in an update slip in some code to put a backdoor in or whatever for nefarious purposes. I am sure that I would never be aware of such a process going on.

Am I in cloud cuckoo land or is it a possibility?

 

Let's take Jetico, for example, which is free.

If a new free firewall were tested to the extent Jetico has been subjected at:
http://www.firewallleaktester.com, then I would say that it should be trusted to the extent that you can configure it for your use and be happy with it.

If not, then it needs validation and verification before it should be trusted to that extent.

You are only in cloud cuckoo land if you fail to test the software or first insure that it has been thoroughly subjected to severe testing to determine the truth of its capabilities.

The other part of this story is that you should not put all of your marbles into one basket - i.e. you should employ other means than just a firewall including HIPS, AV, AT, AS, hardware firewall router and possibly a sandbox or virtual approach like VMWare to protect your physical computer, and, in general, employ a multi-layered security strategy with backup capabilities to restore your image should something drastic happen when your good common sense fails you like surfing (or lack of power surge protection for your computer and you get hit by a lightening strike) at unsafe websites.

-- Tom

 

Of course yes...!!!

You have to remember that it's not only the firewall that really can help protect your machine from crackers but you have also to installs some other programs to make the protections more "effective". Multi-layered protections are a must and should be used or else...

Some even content of only using Windows XP firewall, GhostWall, and some other free firewall that has no outbound controls...but because of the protective layer functions of some other programs installed including HIPS, ProcessGuard, AppDefend, WinPatrol, also anti-virus and anti-spyware monitors the pc can become more safer.

 

I don't beleave in that kind of things...

Of course that you should trust on every program that you use, so...

 

As long as they have reliable and well known sources, then Yes! I first started out with Sygate freeware then purchased it a week later. I would recommend them, but under new ownership. I would recommend Tiny Firewall, if any.

 

While this isn't impossible, it's not likely either. A more likely but equally risky scenario would be an auto-update to a newer version that contains sloppy, exploitable code. If you're concerned about what an auto-updater may bring you, then the ability to disable auto-updating should be something you look for in software. If you can't disable it, or block it with a process control application, get something else.
Why would this scenario be limited to a firewall, or freeware for that matter. A other things being equal, I would be more inclined to trust something from a small group or individual than I would from a large company or corporation, Like Symantec or Microsoft. How do you know that an NSA mandated backdoor or another flaw-filled patch (more likely scenario) has not been installed on your OS via windows update and isn't already known to someone else? How would you even know if one had?
The best you'll do is to choose reputable software and test it severely on your own system, or better yet, on a test unit reserved for this purpose. By "reputable", I mean software that's been thoroughly examined by knowlegable users at sites like this and others. Ignore the vendors claims and those "5 star rating" from fly-by-night incorporated reviews. Even those little firewall test programs don't tell the whole story. I'm many cases, the FW setiings and rules change the results. You have to trust the software you use and know its limitations. With firewalls for example, I've run the ones I've wanted to use thru a series of tests, and stayed with the one I like, Kerio 2.1.5, with the updater shut off.
Rick

 

Hello,
Firewall can protect you and you don't need to install some other programs. Multi-layered protection is not a must. And if anything becomes safer, then it's the user's sense of safety.
Mrk