Introducing LeakTest

This site has been most well-known for its FREE ShieldsUP! Internet security test. Crucial as it is to protect yourself from malicious hackers outside, those bad guys represent only half of the threat. The Internet has proven to be an extremely fertile transportation medium for all manner of nasty Trojan horse programs, rapidly proliferating viruses, and privacy invading commercial spyware. As a result, it is no longer true that all of the potential problems reside outside the computer.Your Internet connection flows both
ways . . . so must your security.

Not only must our Internet connections be fortified to prevent external intrusion, they also provide secure management of internal extrusion. Any comprehensive security program must safeguard its owner by preventing Trojan horses, viruses, and spyware from using the system's Internet connection without the owner's knowledge. Scanning for the presence of Trojans, viruses, and spyware is important and effective, but if a piece of malware does get into your computer you want to expose it immediately by detecting its communication attempts and cut it off from communication with its external agencies.

Marketing and Exploitation of Loyalty and Trust
Just like people, no two firewalls are identical. Some are rather spartan where others have plenty of bells and whistles. Some are easy to use and some have been made too easy to use — rendering them highly insecure. And, sadly, there are others which are pure snake oil sucker bait. This situation is further complicated by the fact that in this weird and immature market, you don't get what you pay for. One of the BEST firewalls is completely free, and one of the most WORTHLESS is the most expensive.

On this issue, ZDNet's eWeek quotes Jose Granado, a senior manager at Ernst & Young LLP's Security Solutions Group, in Houston:

"These firewalls were rushed to market and are poorly designed," said Granado, who has testified in front of the U.S. Senate about Internet security. "Version 1 of these things is not a 100 percent solution; it's like an 80 percent solution. But business is business. Everyone saw a personal firewall out there, and they all had to have one. Most of them have to get much better in their next rev."

— ZDNet eWeek, by Scott Berinato, 12/11/2000

My Role
It is for all of these reasons that I have decided to assume an active and vocal position as an unbiased third-party evaluator of the technology and security of personal software firewall products.

 . . . which is NOT to say that I don't have strong feelings and opinions about these products. But in every case you will know exactly why I feel as I do. And, more than that, you will be individually empowered to independently verify any and all of my findings. You don't need to take my word for it. You can see for yourself.

The LeakTest Family
To aid in the exploration of product strengths and weaknesses, and to invite an independent consensus and confirmation of my findings, I am producing a series of completely FREE "LeakTest tools". These tools may be freely used for experimenting with, and revealing, the security strengths and weaknesses of various firewalls.

My Goal
The biggest problem with highly technical products — like software firewalls — is that they are, ummmm, highly technical. When viewed from a great distance they often seem pretty much alike. And they all claim to be the latest state-of-the-art, most secure and amazing things ever to grace your hard drive. But few actually are. Many are simply junk.

By openly exposing the strengths and weaknesses of these products, two significant things will happen:

YOU will be able to make fully-informed decisions about which products best suit your needs, and,

Unable to hide in the darkness any longer, the forces of natural selection will induce these products to either improve or die. The truth is, I don't care which. We only need a few personal firewalls and the market has become flooded with opportunistic competition.

Why am I doing this?
Why do I do anything? Why did I create ShieldsUP!?, or FIX-CIH?, or Trouble In Paradise? (TIP), or Free&Clear? or any of the other things I've done? I am doing this because I believe it's important. And because — with YOUR support, trust and help — we can together bring about significant positive changes in the state of the Internet security technology marketplace.

For me, that's reason enough.  But if you want more, there is more . . .

Examine the software licensing agreement accompanying
the security product you depend upon, and you'll find that
the vendor who took your money is not responsible for its
operation and/or performance.  Oh yeah? . . .

LeakTest is destined to become a staple of this web site, and a continuing focus of my future work, because it's a proper companion to, and complement of, my ShieldsUP! and NanoProbe services. As I explained at the top of this page, your Internet connection flows both ways, therefore, so must your security. And therefore, so must your security testing.

For more than a year, ShieldsUP! has provided the personal computing industry with useful, free, "first pass" external security testing. NanoProbe will take that testing to its theoretical limits. The evolving LeakTest family will provide a suite of internal security tests.

When viewed in retrospect, isn't it obvious that we have desperately needed something like LeakTest?

Thank you for your support.

To continue, please see: How to Use LeakTest