Matousec and his Firewall Challenges Hall of Shame 2008/2011 Awardee

To me it is a great pleasure to announce that Matousec and his so called Firewall Challenges is Smokey’s Security Weblog 2008/2011 Hall of Shame Awardee. He realy did all he could to become awarded, there was no reason to deny him anymore this prestigious Award. Congratulations Matousec, well deserved!

Let’s take a look at my motivation to grant Matousec the honor to become member of The Hall. In my “almighty” wisdom I even decided that his stay in The Hall will be definitive.

In April 2008 I already blogged about wrinkles in Matousec’s Firewall Challenges. Instead of taking serious notice of my critism, he decided to ignore entirely my prewarnings. That was a bad sign, however I decided to provide him with the advantage of doubt.

Mentioned ignorant attitude in the past and his recent Firewall Challenge were sufficient to provide him with the honorable Smokey’s Security Weblog 2008/2011 Hall of Shame Award.

Recapitulation to Award Matousec:

– Labeling Firewalls, Behavior Blockers and HIPS with the generic label “Firewalls” and testing these programs subsequent with equal (firewall related) test procedures. This is just one of the reasons that his tests are completely unacceptable.
– Matousec demonstrated again and again to produce unreliable tests and being an untrustworthy person. Concerning the latter, I am thinking at his commercial activities related to his tests.

Conclusion: Matousec’s tests are misleading the reader, disadvantaging several vendors in a unacceptable way and his commercial activities in relation to his tests can be labeled as dubious. My advice: stay far away from his so called “tests”. They are not worth the paper they are written on.

Smokey

November 30, 2008 - Posted by Smokey | Advisories, Friends, News, Recommended External Security Related Links | behavior blockers, conflict of interests, credibility, DIFINEX, dubious tests, Firewalls, HIPS software, Matousec Firewall Challenges Hall of Shame 2008 Awardee, Matousec’s Firewall Challenge wrinkle, prewarnings, Smokey’s Security Weblog Hall of Shame Awardee, testing procedures

4 Comments »

I hardly call a bunch of “young people with an interest in security research” to be professionals … which is how they are now trying to be viewed by everyone in the security community.

These samples he (supposedly) uses are very hard to come by … you don’t find these on your home PC or get them by visiting a bad website…most underground hack sites do not even have most of these.

You can’t examine ANY of the alleged samples. Maybe that is different for the vendors. He says it doesn’t want to make those files available for download (scrutiny) but he doesn’t mind the place he gets them from making them available. As far as i am concerned you can write anything on paper you want … doesn’t make it factual.

Just another hacker turned security consultant – which is my impression of the team and site.
They do run the online Nmap after all – which can be used for good but almost never is.

My guess is they probably found it was easier to make money through extortion of security company’s than sniffing data for credit card #’s.

Comment by Six | December 3, 2008 | Reply
While I have had doubts for a while about the impartiality, the applicability and the appropriateness of his tests, it’s reassuring to see I’m not alone.

Thanks for your succinct summary, Smoky. Hopefully the masses will start to view their results with the grain of salt they so richly deserve.

Cheers 🙂

Comment by Panic | December 11, 2008 | Reply
[…] Matousec’s New Moves to Recapture the label “Trustworthy” The faithful reader of my blog will probably remember the critical article I wrote about Matousec and his Firewall Challenges, “Matousec’s Firewall Challenge wrinkle: conflict of interests?” and the honor I granted him to add his Challenges to “Smokey’s Security Weblog Hall of Shame”. […]

Pingback by Matousec’s New Moves to Recapture the label “Trustworthy” « Smokey’s Security Weblog | May 3, 2009 | Reply
[…] * Matousec’s Firewall Challenges * […]

Pingback by About Smokey’s Security Weblog Hall of Shame Awards « Smokey's Security Weblog | April 4, 2010 | Reply

Introduction

__________________________________________

Text from the song Spark by Amy Macdonald

I am the light in the dark
I am the march
I am the spark

Just dry your tears and I’ll be there
Don’t live for anger all this pain
Don’t worry, I’m ok, I’m ok now

Always in our hearts – R.I.P. Donna Buenaventura

__________________________________________

.
Welcome to Smokey’s Security Weblog!

Let’s introduce myself: my (nick)name is Smokey aka Smokey Bear.

Like my board Smokey’s Security Forums, this blog is mainly devoted to Security and all related issues. However, other issues like e.g. major occurances on my forum and social topics will be blogged too.

My board offer free security and malware related Support, Help, Advice and Education forums, however is not limited to such issues. Smokey’s have also forums with comprehensive Microsoft Windows related issues like Microsoft and Windows OS Based Products News, MS Download Center, MSDN Developer Information, software reviews, browser and tools forums, Webware, Social Networks info, Hardware- and Gadgets forums and last but not least a dedicated Windows Drivers, Linux Drivers, Firmware and BIOS Survey & Updates section containing (recently) released Drivers, Firmware and BIOSses, Windows 7 releases included. Note: most info on Smokey’s is real-time and therefore always up-to-date.

As extra service we have a OTL (formerly OTListIt2) Log Analyzing and Malware Removal/Cleaning Help Forum, full qualified OTL Log Analysers/Malware Hunters will be pleased to help you for free to clean your malware infected PC.

Smokey’s host and maintain the Official Jetico Inc. Support Forums, including the following products:

– Jetico Personal Firewall V1
– Jetico Personal Firewall V2
– Jetico BestCrypt for Windows
– Jetico BestCrypt for Linux
– Jetico BestCrypt for Mac
– Jetico BestCrypt Volume Encryption
– Jetico BCArchive
– Jetico BCWipe for Windows
– Jetico BCWipe for UNIX

Disclaimer: information in this blog can be based on (not confirmed) statements of (anonymous) sources, Smokey’s Security Weblog don’t take any responsabilty for the credibility of these sources and their statements. Also, statements and opinions expressed in articles, reviews and other materials herein, reproduced by me, are those of the authors.

The posts/articles in this blog can be supplemented with so called “Possibly related posts” links. Because these links are automatically generated by WordPress.com, Smokey’s Security Weblog have no influence on the links itself and/or content of them. Therefore this Weblog don’t take any responsability for these links and all related issues.

About Copyright and this Blog: it is allowed to reproduce (parts of) posts in this blog if this reproduction is provided with a direct link to the original blog post. It is NOT allowed to copy, use and/or reproduce any image or blog banner.

Blog comments policy: to restrain indecent and off-topic comments and spam, comments are reviewed before publishing. Therefore, delay in comment publishing is unavoidable. Obligatory language of comments is English.
.