Smokey's Security Weblog

veritas odium parit

Matousec and his Firewall Challenges Hall of Shame 2008/2011 Awardee

To me it is a great pleasure to announce that Matousec and his so called Firewall Challenges is Smokey’s Security Weblog 2008/2011 Hall of Shame Awardee. He realy did all he could to become awarded, there was no reason to deny him anymore this prestigious Award. Congratulations Matousec, well deserved!

Let’s take a look at my motivation to grant Matousec the honor to become member of The Hall. In my “almighty” wisdom I even decided that his stay in The Hall will be definitive.

In April 2008 I already blogged about wrinkles in Matousec’s Firewall Challenges. Instead of taking serious notice of my critism, he decided to ignore entirely my prewarnings. That was a bad sign, however I decided to provide him with the advantage of doubt.

Mentioned ignorant attitude in the past and his recent Firewall Challenge were sufficient to provide him with the honorable Smokey’s Security Weblog 2008/2011 Hall of Shame Award.

Recapitulation to Award Matousec:

– Labeling Firewalls, Behavior Blockers and HIPS with the generic label “Firewalls” and testing these programs subsequent with equal (firewall related) test procedures. This is just one of the reasons that his tests are completely unacceptable.
– Matousec demonstrated again and again to produce unreliable tests and being an untrustworthy person. Concerning the latter, I am thinking at his commercial activities related to his tests.

Conclusion: Matousec’s tests are misleading the reader, disadvantaging several vendors in a unacceptable way and his commercial activities in relation to his tests can be labeled as dubious. My advice: stay far away from his so called “tests”. They are not worth the paper they are written on.



November 30, 2008 - Posted by | Advisories, Friends, News, Recommended External Security Related Links | , , , , , , , , , , ,


  1. I hardly call a bunch of “young people with an interest in security research” to be professionals … which is how they are now trying to be viewed by everyone in the security community.

    These samples he (supposedly) uses are very hard to come by … you don’t find these on your home PC or get them by visiting a bad website…most underground hack sites do not even have most of these.

    You can’t examine ANY of the alleged samples. Maybe that is different for the vendors. He says it doesn’t want to make those files available for download (scrutiny) but he doesn’t mind the place he gets them from making them available. As far as i am concerned you can write anything on paper you want … doesn’t make it factual.

    Just another hacker turned security consultant – which is my impression of the team and site.
    They do run the online Nmap after all – which can be used for good but almost never is.

    My guess is they probably found it was easier to make money through extortion of security company’s than sniffing data for credit card #’s.

    Comment by Six | December 3, 2008 | Reply

  2. While I have had doubts for a while about the impartiality, the applicability and the appropriateness of his tests, it’s reassuring to see I’m not alone.

    Thanks for your succinct summary, Smoky. Hopefully the masses will start to view their results with the grain of salt they so richly deserve.

    Cheers 🙂

    Comment by Panic | December 11, 2008 | Reply

  3. […] Matousec’s New Moves to Recapture the label “Trustworthy” The faithful reader of my blog will probably remember the critical article I wrote about Matousec and his Firewall Challenges, “Matousec’s Firewall Challenge wrinkle: conflict of interests?” and the honor I granted him to add his Challenges to “Smokey’s Security Weblog Hall of Shame”. […]

    Pingback by Matousec’s New Moves to Recapture the label “Trustworthy” « Smokey’s Security Weblog | May 3, 2009 | Reply

  4. […] * Matousec’s Firewall Challenges * […]

    Pingback by About Smokey’s Security Weblog Hall of Shame Awards « Smokey's Security Weblog | April 4, 2010 | Reply

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: