imgburn question

According to http://www.dpreview.com/forums/thread/3618404

imgburn, one of the best programs out there, now comes with unwanted
software attached. That was my impression to, 3 months ago, though I
don't remember exactly why. I stopped my install in the middle and
found instead the install program I'd used a year or two earlier.

So, two questions:

1) In a situation like this, A) is it necessary to turn off
updates, so that a new version won't come with these problem programs,
or B) do updates in this situation just update the desired program and
not adware or worse that got installed along with it???

2) I have a friend who was having trouble burning a CD. I have no
webspace of my own, so I emailed him my old copy. It's 5+ megs and I
know that's bad form, but it seems as speed and capacity has
increased, it's not objected to as much as it was. But his server,
gmail, said "Diagnostic code: smtp;552-5.7.0 This message was blocked
because its content presents a potential issue. Please visit to review
our message content and attachment content guidelines.
v8si13399486oex.16 - gsmtp Remote system:
dns;gmail-smtp-in.l.google.com
(TCP|206.46.173.21|33284|64.233.169.26|25) (mx.google.com ESMTP
v8si13399486oex.16 - gsmtp)"

I assume this means it's too long, though I don't know where to read
the guidelines referred to.

How else can I send him a 5 meg file?

Something about Dropbox??

On 03/08/2016 01:11 PM, Micky wrote:
According to http://www.dpreview.com/forums/thread/3618404

imgburn, one of the best programs out there, now comes with unwanted
software attached. That was my impression to, 3 months ago, though I
don't remember exactly why. I stopped my install in the middle and
found instead the install program I'd used a year or two earlier.

So, two questions:

1) In a situation like this, A) is it necessary to turn off
updates, so that a new version won't come with these problem programs,
or B) do updates in this situation just update the desired program and
not adware or worse that got installed along with it???

2) I have a friend who was having trouble burning a CD. I have no
webspace of my own, so I emailed him my old copy. It's 5+ megs and I
know that's bad form, but it seems as speed and capacity has
increased, it's not objected to as much as it was. But his server,
gmail, said "Diagnostic code: smtp;552-5.7.0 This message was blocked
because its content presents a potential issue. Please visit to review
our message content and attachment content guidelines.
v8si13399486oex.16 - gsmtp Remote system:
dns;gmail-smtp-in.l.google.com
(TCP|206.46.173.21|33284|64.233.169.26|25) (mx.google.com ESMTP
v8si13399486oex.16 - gsmtp)"

I assume this means it's too long, though I don't know where to read
the guidelines referred to.

How else can I send him a 5 meg file?

Something about Dropbox??
Some zip programs allow you to break into specific size pieces. Winrar
is one that comes to mind but I'm sure others do.
You simply pick a size like 1 meg and break it into 5 pieces and send 5
emails. It's clunky but works. He then unzips the first and zip just
links from 1 to 2 to 3 etc.

--
Linux Mint 17.3 Cinnamon 64bit

Micky wrote:
According to http://www.dpreview.com/forums/thread/3618404

imgburn, one of the best programs out there, now comes with unwanted
software attached. That was my impression to, 3 months ago, though I
don't remember exactly why. I stopped my install in the middle and
found instead the install program I'd used a year or two earlier.

So, two questions:

1) In a situation like this, A) is it necessary to turn off
updates, so that a new version won't come with these problem programs,
or B) do updates in this situation just update the desired program and
not adware or worse that got installed along with it???

2) I have a friend who was having trouble burning a CD. I have no
webspace of my own, so I emailed him my old copy. It's 5+ megs and I
know that's bad form, but it seems as speed and capacity has
increased, it's not objected to as much as it was. But his server,
gmail, said "Diagnostic code: smtp;552-5.7.0 This message was blocked
because its content presents a potential issue. Please visit to review
our message content and attachment content guidelines.
v8si13399486oex.16 - gsmtp Remote system:
dns;gmail-smtp-in.l.google.com
(TCP|206.46.173.21|33284|64.233.169.26|25) (mx.google.com ESMTP
v8si13399486oex.16 - gsmtp)"

I assume this means it's too long, though I don't know where to read
the guidelines referred to.

How else can I send him a 5 meg file?

Something about Dropbox??

Encryption is your friend :-(

https://support.google.com/mail/answer/6590

"File types that can't be sent or received

.exe ...

.zip ...
"

In other words, they don't want you sending malware.

So we need an encrypted format, which cannot be probed.

https://en.wikipedia.org/wiki/One-time_pad

And in this case, the method only has to be secure
enough, to withstand automation. Say, for example,
I carry the one time pad in the body of the message.
The Google software isn't going to be clever enough
to examine the message body for a OTP, apply it,
realize the attachment is an EXE and fry it.

I used such a technique at work. The IT department
was using automation to scan all employee hard drives.
I invented a short C program, suitable for flipping
the bytes around in a file, in such a way as the
"file.exe" command could not determine the file type.
The only thing I ended up encrypting with the program,
was the source code of the program itself :-) And when
you design programs like that, you're looking for
"reversible transforms". For example

flip note.txt
flip note.txt

would return note.txt to its plain form again. So
two applications of the program, reverses all transforms.

I'm sure that the maximum attachment size is large
enough for the job. That's not the issue.

"Attachment size limit

You can send messages up to 25 megabytes (MB) in size"

But I had my suspicions as to "how these people think" at
Google. That's why I started by checking for extension
types first. And rest assured, if you change imgburn.exe
to imgburn.txt, they're not that stupid... They'll check
the magic of the file, look for characteristic binary
strings and so on. They will use "Unix methods", not
"Windows methods", to catch cheats. If you use an OTP
method, that's a little bit harder to crack (unless
a human reads the messages, and takes note of your
instructions to unpack it). And we know Google
*hates* to use humans for tech support, because
when they offer a free service, they want the
employee overhead for the service to be zero.
They don't wanna hire Wally at $10 an hour,
to answer the phone. They want computers
to do everything. So as long as your
encryption method bypasses their automation,
"away we go".

*******

Now, while this is a fun topic and all ("defeating idiots"),
I think you can find just about any version of Imgburn you want.

http://www.oldversion.com/windows/do...mgburn-2-5-0-0

2.5.0.0_SetupImgBurn_2.5.0.0.exe 2,169,915 bytes Jul 26, 2009
CRC32: 39CD6FC6
MD5: F3791CFACDAC03B9E676E44AA2630243
SHA-1: E07BCC23B495D0A966BAE359EA9E0E3A11888454

That's the version, just before the "fatter" version
with the adware onboard. Yes, *disable* updates. You
know you wanna.

The checksum info was cribbed from the
program author web site (via archive.org), in an
attempt to verify the oldversion one wasn't tampered
with.

That's the version I use (mine has the same checksum).

Paul

Micky wrote:
According to http://www.dpreview.com/forums/thread/3618404

imgburn, one of the best programs out there, now comes with unwanted
software attached. That was my impression to, 3 months ago, though I
don't remember exactly why. I stopped my install in the middle and
found instead the install program I'd used a year or two earlier.

So, two questions:

1) In a situation like this, A) is it necessary to turn off
updates, so that a new version won't come with these problem programs,
or B) do updates in this situation just update the desired program and
not adware or worse that got installed along with it???

No idea, I don't do updates of anything.

2) I have a friend who was having trouble burning a CD. I have no
webspace of my own, so I emailed him my old copy. It's 5+ megs and I
know that's bad form, but it seems as speed and capacity has
increased, it's not objected to as much as it was. But his server,
gmail, said "Diagnostic code: smtp;552-5.7.0 This message was blocked
because its content presents a potential issue. Please visit to review
our message content and attachment content guidelines.
v8si13399486oex.16 - gsmtp Remote system:
dns;gmail-smtp-in.l.google.com
(TCP|206.46.173.21|33284|64.233.169.26|25) (mx.google.com ESMTP
v8si13399486oex.16 - gsmtp)"

I assume this means it's too long, though I don't know where to read
the guidelines referred to.

More likely it thinks it is a security issue; they often don't like
executable files. Try changing the extension to .txt and see if it goes OK.
Be sure to advise your friend of the previous extension so s/he can change
it back.

On 08/03/2016 20:34:23, dadiOH wrote:

More likely it thinks it is a security issue; they often don't like
executable files. Try changing the extension to .txt and see if it goes OK.
Be sure to advise your friend of the previous extension so s/he can change it
back.

+1
I always do that when emailing exe files. In this case I would email it
as imgburn.micky then alert your recipient to change the file name back
to imgburn.exe once downloaded.

--
mick

In article , NONONOmisc07
@bigfoot.com, Micky says...

According to http://www.dpreview.com/forums/thread/3618404

imgburn, one of the best programs out there, now comes with unwanted
software attached. That was my impression to, 3 months ago, though I
don't remember exactly why. I stopped my install in the middle and
found instead the install program I'd used a year or two earlier.

So, two questions:

1) In a situation like this, A) is it necessary to turn off
updates, so that a new version won't come with these problem programs,
or B) do updates in this situation just update the desired program and
not adware or worse that got installed along with it???

2) I have a friend who was having trouble burning a CD. I have no
webspace of my own, so I emailed him my old copy. It's 5+ megs and I
know that's bad form, but it seems as speed and capacity has
increased, it's not objected to as much as it was. But his server,
gmail, said "Diagnostic code: smtp;552-5.7.0 This message was blocked
because its content presents a potential issue. Please visit to review
our message content and attachment content guidelines.
v8si13399486oex.16 - gsmtp Remote system:
dns;gmail-smtp-in.l.google.com
(TCP|206.46.173.21|33284|64.233.169.26|25) (mx.google.com ESMTP
v8si13399486oex.16 - gsmtp)"

I assume this means it's too long, though I don't know where to read
the guidelines referred to.

How else can I send him a 5 meg file?

Something about Dropbox??

Yeah, use Dropbox, it won't care about the exe. Share it with him, job
done.

--
Duncan.

Paul wrote on 2016/03/08:

Encryption is your friend :-(

Not sure if you meant that as a joke, especially since you next describe
how to use encryption (not for privacy but to circumvent automatic
scanning of e-mail content).

https://support.google.com/mail/answer/6590

"File types that can't be sent or received

.exe ...

.zip ...
"

In other words, they don't want you sending malware.

Your response makes it appears that Google will not permit sending or
receiving both .exe and .zip files. They will block executable
filetypes, like .exe, but .zip is allowed; however, it is an archive
format so they can peek inside to check its payload. What they actually
said was:

You can't send or receive the following file types:

.ade, .adp, .bat, .chm, .cmd, .com, .cpl, .exe, .hta, .ins, .isp,
.jar, .jse, .lib, .lnk, .mde, .msc, .msp, .mst, .pif, .scr, .sct,
.shb, .sys, .vb, .vbe, .vbs, .vxd, .wsc, .wsf, .wsh

Messages containing the types of files listed above will be bounced
back and returned to the sender automatically. Gmail won't accept
these file types even if they're sent in a zipped format. Here are
some examples of zipped formats:

.zip, .tar, .tgz, .taz, .z, .gz, .rar

That does not say they do anything more than check what filetype(s) are
stored within a .zip file. They don't even indicate that they inspect
the content of an attached .exe file. Extracting an attachment would
take a lot of processing power. Looking for the text strings that
identify the filetype for a MIME part for the attachment is easy, quick,
and very low-powered. So it seems all you need to do is rename the
attachment from .exe to .exx or to whatever filetype you want and tell
the recipient to rename the attached file (after extracting it) to the
correct extension. That's an old trick to get around e-mail providers
that block MIME parts (attachments) in e-mails in a blocklist.

Rename the executable file from .exe to .exx or .com to .cmm.
Then attach the renamed file to your e-mail.
Tell the recipient to rename the extracted file.

So we need an encrypted format, which cannot be probed.
https://en.wikipedia.org/wiki/One-time_pad

Doesn't that require revealing the password to the recipient? You
normally could send the password by an alternate route, like a telephone
call or chat, but if you send it by e-mail then you nullify the point of
encryption. In your example, the sender is only trying to make the body
of an e-mail undecipherable to the automated parsing of an e-mail
provider probing into the body looking for MIME parts (for attachments).
So, I guess in that scenario, including the password with the e-mail is
okay. It isn't really encryption to protect the message but jumbling
the body so a parser won't find MIME parts. If that is the only point
of using OTP - to evade the parser - then why wouldn't just renaming the
file from .exe to .exx or to .renameBackToEXE be sufficient to evade the
parser looking for MIME parts that specify the "bad" filetype parameter?

If encryption gets involved, wouldn't it be a better solution for the
parties to use free e-mail certificates? PersonA sends a digitally
signed e-mail to PersonB. PersonB saves PersonA as a contact so the
public key in the digitally signed e-mail gets saved. When PersonB
wants to send an encrypted e-mail to PersonA, PersonB uses the contact
with PersonA's public key. No one can read the encrypted e-mail except
PersonA who has the private key. X.509 encryption uses 2 keys: public
and private. The public key is used when digitally signing messages as
an invite to recipients that they could send back an encrypted message.
So PersonA invites PersonB to send encrypted messages. If PersonB also
wants to get back encrypted messages from PersonA, they get a free
e-mail cert and digitally sign their message sent to PersonA.

The hardest part is installing the free e-mail certificate. Since most
e-mail clients use the Windows certificate store to get the cert they
use to digitally sign their e-mails, you need to use a web browser that
will install the cert from the issuer into the Windows cert store. That
would be Internet Explorer. Using Firefox to install the cert results
in the cert getting stored in Firefox's *private* cert store so it is
unavailable to the e-mail client. Rather than use a web browser to
install the cert, another method is to have the cert issuer send you a
..cert file that you can import. After installing the cert, configure
your e-mail client to digitally sign your e-mails. This will provide
further evidence of who sent the e-mail (so recipients know it is you)
but also affords those recipients to send you encrypted e-mails.

Get a cert. Install the cert.
Configure e-mail client to digitally sign your e-mails.

"Attachment size limit

You can send messages up to 25 megabytes (MB) in size"

That is Google's size maximum on send. That doesn't mean the
recipient's e-mail service has the same maximum. However, 5MB is
probably within the restrictions of most e-mail provider other than some
freebie providers. Not everyone is using Gmail or Hotmail. Many of the
freebie providers use those accounts as lures to get their customers to
pay up to their premium services, so they throttle the quotas on those
free accounts. Some will allow higher quotas if you use their webmail
client than if you use a local e-mail client (if they even allow
POP/IMAP/SMTP access via local e-mail clients).

https://en.wikipedia.org/wiki/Compar...mail_providers

Shows that all the listed email providers via their webmail client
permit sending e-mails that far exceed the OP's 5 MB transmission. They
don't list what is their /receive/ maximum size although it's a good bet
that it is the same as their send maximum size.

But I had my suspicions as to "how these people think" at
Google. That's why I started by checking for extension
types first. And rest assured, if you change imgburn.exe
to imgburn.txt, they're not that stupid...

Again, that would require a LOT of processing power and time to extract
the long encoded text string in the MIME part for a .txt attachment to
then extract the file to their own disk storage to then inspect the
80-byte header of the file to see it was really an .exe file. Such
inspection would take a lot of resources in CPU, local data bus
bandwidth, file storage, and the extra time to inspect by various
content filters. Google is big but I don't see them expending that much
into looking into the content of a file extracted from a MIME part.
Their e-mail service would get so damned slow considering how much
volume it gets that users would stop using them.

All e-mail, and I mean ALL e-mail, gets sent as plain text. Your OTP
encryption still sends the body of the e-mail as plain text. Using
certs to encrypt e-mails still sends the body as plain text. Attaching
binary files results in MIME parts with long encoded text strings. So
Google only inspecting the text within the body to checks what filetype
is specified for a MIME part still incurs overhead but that's quick.
Just search for each occurence of ^------=_Part_.+$ (using regex) where
within the next 2 physical lines (excluding continuation lines) there is
^Content-Type:\s?type\b that specified the type of that MIME part.
That would be a fast search. For Google, everyone knows (or should
know) that Google inspects the bodies of their e-mails looking for
keywords they can use to tailor what ads and search results you see. So
adding in a check of the filetype (well, content type) of a MIME part
would be trivial.

*******

Now, while this is a fun topic and all ("defeating idiots"),
I think you can find just about any version of Imgburn you want.

http://www.oldversion.com/windows/do...mgburn-2-5-0-0

2.5.0.0_SetupImgBurn_2.5.0.0.exe 2,169,915 bytes Jul 26, 2009
CRC32: 39CD6FC6
MD5: F3791CFACDAC03B9E676E44AA2630243
SHA-1: E07BCC23B495D0A966BAE359EA9E0E3A11888454

That's the version, just before the "fatter" version
with the adware onboard. Yes, *disable* updates. You
know you wanna.

LOTS of freeware have installers that bundle in extras. Some even use
OpenCandy which only exists during the install to present the ads to the
bundleware rather than bloat the size of the installer file. With
either the bundleware or OpenCandy-offered bundleware, you just say no.

There are some programs that include bundleware and the installer author
either screwed up or was deliberate in not affording an opt-out choice.
Hence the need to do regular backups, especially before installing
software (unless you can afford to lose all changes since your last
backup committed long ago or when it was last scheduled).

The OP did not mention from *where* he obtained the ImgBurn download.
Only get software downloads from the author, to download mirrors to
which the author points at his site, or from trustworthy download sites.

ImgBurn is one of many programs that has a portable version. That means
you never run an installer. You just copy the downloaded file(s) onto
the storage media. No installer means no bundleware (included in the
installer or offered via OpenCandy).

http://www.softpedia.com/get/CD-DVD-.../ImgBurn.shtml
First and foremost, extra attention needs to be paid during
installation as ImgBurn offers to create desktop shortcuts to
third-party apps, as well as install a browser toolbar onto the host
computer, which are not required to ensure the smooth running of the
app.

Yep, bundleware in the installer. So opt out of it. Since you elect to
be the admin of your computer by doing the software installs then you
are supposed to act the admin by monitoring all screens presented by the
installer along with electing a custom installation mode, if offered.
Any software that installs bundleware without prompting the user for
permission would get reported by Softpedia. Offering bundleware is not
the same as forcibly foisting its installation.

In ImgBurn's case, apparently it uses OpenCandy to show bundleware
offers. https://en.wikipedia.org/wiki/OpenCandy, ImgBurn is listed
(this is not a comprehensive list). First the program's own installer
runs and completes that installation. Then the installer calls an
OpenCandy library to connect to a server to offer the bundleware.
Choices a install the software with no network connection (disable
your NIC or pull the cable) so OpenCandy cannot connect to its ad
server, say No (bypass) to the OpenCandy offers, or add the /NOCANDY
command-line argument to the installer. I've installed many programs
that used OpenCandy and not once was any offered bundleware forcibly
pushed onto my computer but then I do actually read the installer
screens (and the following OpenCandy screens).

When the program's installer calls the OpenCandy lib, the user is
presented with offers, not forced installs. Some users complain that
OpenCandy was left on their computer. The only way that I know of for
the .dll to remain on their system (since the OpenCandy lib is supposed
to delete it upon normal exit) is if the installer crashed or the user
killed the process. It's just a .dll file so with nothing to call it
then it remains dormant, plus it's really easy to just delete it. Under
non-catastrophic operation, OpenCandy does not permanently install
itself. Of everyone, and I mean everyone, that bitched about OpenCandy
as something permanently intrusive infecting their computer, none have
bothered to read http://opencandy.com/faqs/. I bet the download site
that those users visited to find the download are seeing lots of ads in
those web pages (unless using an adblocker).

The real hazard with any bloatware whether it is bundled in with the
original installer (the one you wanted) or with OpenCandy is that the
author of the program you wanted is not responsible for how the other
installers behave. ImgBurn's installer is probably polite but any other
programs you elect (usually opted in by default) can be corrosive. With
OpenCandy, the author has no choice over what other offers are
presented. This is similar to free web pages where an ad is presented
from the webhoster as a banner in your so-called free web page. I still
remember some church using a free web page service and something risque
was presented in the ad banner. The web page provider doesn't tailer
the content of their ad banners to the topic of the free web page user.
If an author bundles in badware with their installer then that author is
definitely responsible for turning their own product into badware. With
OpenCandy, the author doesn't know what offers will be presented but
they use OpenCandy to recompense their expenses for providing their
resources for you to use for free while keeping their installer small.

Users that run an installer and click through as fast as they can along
with choosing the Typical or default install scheme *will* end up with
bloatware installed on their computers. Doesn't matter that OpenCandy
was used to provider offers rather than bloating the installer with the
bundleware. If users don't actually look at and read the screens then
they get whatever the author decided to opt-in by default. These are
the same users that leave Windows Updates enabled for automatic download
and install or even for those that set it to "notify only" but then
accept all updates without reviewing each one.

| http://www.oldversion.com/windows/do...mgburn-2-5-0-0
|
| 2.5.0.0_SetupImgBurn_2.5.0.0.exe 2,169,915 bytes Jul 26, 2009
| CRC32: 39CD6FC6
| MD5: F3791CFACDAC03B9E676E44AA2630243
| SHA-1: E07BCC23B495D0A966BAE359EA9E0E3A11888454
|
| That's the version, just before the "fatter" version
| with the adware onboard.

I have 2.5.8. I don't remember any adware
issues installing, unless it just offered something
like a toolbar. The EXE is only 2.6 MB. Not exactly
lean, but certainly not bloated. I wonder if
maybe Micky got it from a funky source rather
than going to imgburn.com.

On file blocking -- I've never really dealt with
that, but I wonder if the best solution might be
to just write a simple program to prepend a
JPG header onto the file. Both ends would need
a copy of that program, but it can be very small
and simple.

| According to http://www.dpreview.com/forums/thread/3618404
|
| imgburn, one of the best programs out there, now comes with unwanted
| software attached. That was my impression to, 3 months ago, though I
| don't remember exactly why.

I had occasion to install the latest yesterday.
2.5.8. No adware. No junk. It tried to call home
after install, as most software does these days,
but it also showed the option to disable update
checks. (One really just has to have a firewall
these days to prevent all that calling home. I
also run my network cable through a desktop
UPS, so it's easy to unplug when I'm not online,
which includes anytime I install software.)

The page you linked is mysterious. It seems
that half the people have got clean software
and the other half have got unavoidable crapware.
Maybe the author is experimenting.

Zip it with encryption and send that way.
Change the Zip extension to .doc or some other innocuous thing then send.
Usually 5M is not too much but it is probably being rejected due to the
extension or the file contents. Zip with encryption will hide the
problems. Just provide the recipient with the password.

My service allows up to 30MB attachments.


--- news://freenews.netfront.net/ - complaints: ---

[Default] On Fri, 11 Mar 2016 09:59:56 -0500, in
microsoft.public.windowsxp.general "Mayayana"
wrote:

| According to http://www.dpreview.com/forums/thread/3618404
|
| imgburn, one of the best programs out there, now comes with unwanted
| software attached. That was my impression to, 3 months ago, though I
| don't remember exactly why.

I had occasion to install the latest yesterday.
2.5.8. No adware. No junk. It tried to call home
after install, as most software does these days,
but it also showed the option to disable update
checks. (One really just has to have a firewall
these days to prevent all that calling home. I

What kind of firewall do you mean? With '98 I used to have ?? but
now i just have Vista and the router firewall.

also run my network cable through a desktop
UPS, so it's easy to unplug when I'm not online,
which includes anytime I install software.)

The page you linked is mysterious. It seems
that half the people have got clean software
and the other half have got unavoidable crapware.
Maybe the author is experimenting.

Micky wrote on 2016/03/11:

What kind of firewall do you mean? With '98 I used to have ?? but
now i just have Vista and the router firewall.

Those only let you manage unsolicited inbound connection requests. They
do not control or alert on outbound connection requests, like software
(good or bad) phoning home. A 3rd party firewall lets you manage
network traffic both ways.

Actually, as of Windows 7 (maybe Vista), you can reconfigure it to
control outbound connects but the typical scenario has you somehow
knowing a program wants outbound connects and you create rules for those
you want to allow. The Windows Firewall doesn't come pre-configured
that way because Microsoft rightly assumes their major user base are not
network admins. There is a tool called Windows Firewall Notifier (WFN)
that can change Windows Firewall's behavior to manage both inbound and
oubound connections along with prompting the user on alerts, like when
an unknown process wants to connect out. Besides changing the Windows
Firewall to no longer blindly allow all outbound connect, WFN monitor
the Windows Event logs for network events which alert on the outbound
network connect requests. Then WFN presents an alert, like you see with
3rd party firewalls, asking you if you want to allow the connect or not.
See:

https://wfn.codeplex.com/

It isn't really a 3rd party firewall (e.g., Comodo Firewall) but instead
repurposes the existing Windows Firewall. I used it for awhile but
decided that I like the additions of HIPS (Host Intrusion Prevention
System) in the 3rd party firewalls. It affords more protection against
malware due to its heuristics and added registry protections. As I
recall, when uninstalling WFN, I had to go into the Windows Firewall and
reconfigure it back to being its original half-brain dead firewall that
only guards against unsolicited inbound connects.

| What kind of firewall do you mean? With '98 I used to have ?? but
| now i just have Vista and the router firewall.
|

I'm using Online Armor on XP and Private Firewall
on 7. 7 is basically Vista, so it should run for you.
There might be better options, but those are the
ones I ended up with after a fair amount of research.

Online Armor is easier to use, but when I went to
find it for Win7 it required "registration", so I decided
to look for something else.
Whatever you use, you should be able to choose
which software can go online and be asked if
something tries to go online. The router may help
with inbound, and newer routers often have a nice
feature that allows blocking IP addresses. So it might
even be possible to do something like block
updates on Win10 using that function. But you
need something more if you want full control.

| It isn't really a 3rd party firewall (e.g., Comodo Firewall) but instead
| repurposes the existing Windows Firewall. I used it for awhile but
| decided that I like the additions of HIPS (Host Intrusion Prevention
| System) in the 3rd party firewalls.

I'm curious: What are you using now, and why?

Mayayana wrote on 2016/03/11:

It isn't really a 3rd party firewall (e.g., Comodo Firewall) but instead
repurposes the existing Windows Firewall. I used it for awhile but
decided that I like the additions of HIPS (Host Intrusion Prevention
System) in the 3rd party firewalls.

I'm curious: What are you using now, and why?

Comodo Firewall (*only* their firewall, not their Internet Security
Suite that includes their worthless anti-virus product). Comodo came
out with CAV (Comodo AntiVirus) and deliberately left in beta status for
way over 3 years. That was to omit it from inclusion in AV comparison
testing. They relied on their users to submit malware reports to build
their signature database. They promised to migrate the D+ (HIPS)
feature of their firewall into CAV to give it some more guts to detect
malware other than just signatures. Instead Comodo decided to roll CAV
into a suite with the Firewall product so the D+ module from their
Firewall product could be incorporated with CAV.

Comodo probably isn't the easiest firewall to figure out. Once you
start delving into changing away from the default setup or adding rules
for network connections or registry protection, it can swamp the typical
user hence why their forums stay rather active.

I did use Online Armor in the past (Windows XP) but didn't like how the
transfer was handled from Tall Emu to EmsiSoft, how Emsi was obviously
more greedy, and development seemed near stagnant (and now Emsi has
dropped OA). OA was good but didn't have the registry protection
afforded by Comodo's firewall where, for example, I could add a registry
tree to make sure an undetected DNS changer couldn't change my DNS
settings to point at a malicious host for DNS lookups). With Comodo, I
could also have it protect the proxy setup so some program (good or bad)
couldn't change Internet Options to use a proxy or change from the one
that I specified. As an example of just far you can dig into the depth
of protection afforded by Comodo, some registry entries in this case,
read https://tinyurl.com/jupklxq (Comodo forum thread I started there).

I don't remember that granularity possible with Online Armor. The only
thing I remember about ZoneAlarm was quickly getting rid of it and the
huge effort to eradicate all the remnant file and registry entries.

I trialed WFN for awhile because it interested me that the Windows
Firewall could be repurposed to be a more robust firewall by also
alerting the user to outbound connects and letting the user choose an
action in the alert. Alas, I still wanted the protection afforded by
HIPS in the 3rd party firewalls. Not because I got nailed by malware
but more for a warm fuzzy safe feeling that I had HIPS to help protect
me beyond controlling outbound connects and using anti-virus/malware.