Comment by M95D
6 months ago
In my Windows, it wouldn't be a problem. The firewall I use would pop up for any new program that tries to connect somewhere.
But Linux doesn't have a per-program firewall.
... and even if it did, there's no way to do popups/questions from the kernel,
... and even if there was, most programs would just run curl or wget or openssl. That would mean a popup for each and every connection attempt through those programs.
Windows does certain security things better than Linux OSes, which makes it such a shame that Microsoft keeps shipping more and more stuff with Windows that undermines all that work.
Opensnitch is really good on Linux
It requires having dbus, it's for the popups, one of the things I said the kernel doesn't have.
But unfortunately, IMHO, dbus is a much bigger privacy risk than not having a per-app firewall - it broadcasts everything that happens in the computer to any program that would listen. I hate programs communicating to each other without my consent even more than I hate programs connecting to the internet without my consent.
Dbus is just for IPC. Its up to the apps and developers to choose how to set up their interfaces. Sensitive interfaces do have auth. Its just COM but better, and allows for some great automation.