The Security Mentor

Windows programs can talk to each other. In particular, they can say things like "the mouse just moved to such-and-such a place" or "the Y key just got pressed" whether it's true or not.

So what happens if a bad guy tricks you into installing a program which tells your firewall program in effect "the user just turned you off"?

That's the question Ferruh Mavituna set out to answer. He wrote a program to lie to firewall programs. He discovered that malicious software can disable firewall security on your machine.

Skydivers have a general-purpose emergency procedure. No matter what sort of predicament you're talking about, their answer is "don't get there in the first place". That's the best answer to problems like this one. After all, the first of Microsoft's Ten Commandments of Security is that once a bad guy runs a program on your computer, it becomes his computer.

But if you do get tricked into running nasty software, you're better off with a firewall program that asks for a password before it reduces security. Reportedly Zone Alarm version 5 does this.