Thanks for the support! 🍻

You're absolutely right to be skeptical about Portmaster's "free" claim, especially coupled with their non-transparent installation process. Here's how to unpack that and why "free" software often needs further scrutiny: How "Free" Software Makes Money: Adware: The software incorporates advertising. This can degrade user experience and sometimes presents subtle security concerns. Limited Features: A "free" version may be severely limited, pushing users to purchase a paid tier to access essential functionality. Data Collection: User data from a "free" service can be highly valuable. Your browsing habits, connections, and device behavior could be sold to third parties. Bundling: The installer might package unwanted additional software (this is less common now but still seen sometimes). In Portmaster's specific case: Since their website doesn't clearly outline their business model alongside the "free" claim, it raises reasonable suspicion. Here are ways they might monetize: Premium Plans: They may offer a limited free version and push users towards paid subscriptions with more features or control. User Data: Without explicit clarification, they could generate revenue by collecting and selling anonymized user networking behavior data. Strategic Partnerships: Unseen bundling of some type or partnerships with other, less reputable products cannot be ruled out with their current lack of installer transparency. The "Plate on the Table" Problem: "How do they bring the plate on the table" (i.e., how do they stay in business) becomes especially relevant when a security-focused product's business model isn't clearly explained. Here's why that transparency is vital: Potential Conflicts: If there are undisclosed ways they profit, this could create scenarios where a focus on your security and privacy may not be their only priority. Trustworthiness: If there's ambiguity around their revenue generation, it's much harder to establish trust as a user, especially given the critical nature of firewall software. Your Best Course of Action: Sticking with your paid firewall is, undoubtedly, the most secure choice for now. While there might be a legitimate explanation within Portmaster, their 'free' claim in combination with the installer raises enough red flags.

Thank you!

Thanks for the support!

I don't think there's a way to exclude certain programs. I took a look through settings to confirm and didn't see an option to do it.

Thanks! Yes, IPFire is a solid choice. If you want two alternatives, pfSense and OPNsense would be two other great options. OPNsense is my personal favorite for open source firewalls.

Is comodo not updated anymore?

Malwarebytes makes good software. I think their WFC is more similar to Simplewall than it is to Portmaster. If you want something to just be able to do something like auto block internet, then MB would work just fine. PM has more advanced features like encrypted DNS with malware and tracker filtering. The two could probably run fine together. I've used Simplewall and Portmaster together and they work well with each other.

Yeah WFC is basically like Simplewall, in the sense that it's a 3rd party front-end for the factory windows defender firewall. Question, have you stopped using Simplewall and Portmaster together? And if so, which one do you use now?@@KenHarrisio

I'm still running both together for the time being. I really like how Simplewall handles app connection requests.

Yeah same. I'm using WFC for prompting and Portmaster on default mode for the extra filtering@@KenHarrisio

I've actually been testing SPN and a VPN side by side a lot recently. I'm planning the video right now to cover the differences of each and how they work. It'll probably be out in about two weeks.

If you want something that is a plug and play solution, then going with a 3rd party suite is the way to go. That being said, like the previous commenter mentioned, Avast has a peppered history and it might be a good idea to choose a different provider.

Choose anything but Avast

I have used Avast Free Antivirus for more than ten years without any problems. Why shouldn't I use it, and what else do you suggest?@@hamim8029

Don't use any free antivirus. If you don't know your machine, you've a learning curve to follow. Better use Linux than Windows. My personal favorite for beginners: Linux Mint, got a retro Win look, but a power house for all kinda users. You can learn the best with Mint Cinnamon or Zorin OS, which you can customize in any way you want. Here comes Zorin OS, for which you'll ve to pay for all the features, while Mint has a huge dedicated community. For typical Windows users, Zonealarm free version is the only way out for those who don't want a firewall that might seem complicated. You'll get a notofication often, just get used to its UI, and it's buttery, but of course not the way Portmaster or Stacer-like applications can do it, well, if your country allows it, mine doesn't.

For a specific app, you can select the app that you want to add that rule to. It's the four boxes button on the middle left side of the app. Select the app that you're looking for, click on the settings tab, and you'll see a dropdown option on "default network action" where you can change it to prompt. As for the second part, you can make custom rules in the settings page. The button is just below the apps button on the left hand side of the app. By default, Portmaster only shows options to make outgoing rules. If you want to make incoming rules, you'll need to go to the top right and change from simple interface to advanced interface. The option to set rules is just above the filter lists section.

@@KenHarrisioThanks so much!

Good idea, thanks for suggesting! I'll add it to my video list. To give you a quick answer now, I definitely prefer Portmaster to any other Windows firewall for the time being.

Thanks.

That's a good question. I'll reach out to the devs to find out.

Thanks for letting me know. I'll let the devs know to see if they can come up with a solution for this.

Sadly, no. The best option for an open source network firewall is OPNSense. There are a lot of people that recommend pfSense, but there has been a lot of controversy with Netgate. If you want to get about 80% of the way there regarding threat blocking, you can use a good DNS provider. The amount of filtering you get from DNS these days is really damn good. dns0 and Quad9 are excellent free options that don't require a user account and most routers should let you point to DNS servers of your choice. If you're fine with giving up some element of privacy, you could set up an account with ControlD or NextDNS and create your own filter lists. What kind of hardware do you have to work with?

@@KenHarrisio Wow! Very good explanation! Thanks. I currently work with the Ubiquiti Unifi USG Pro.

@@marcusnascimento2235 USG Pro is a good piece of hardware! What you could do is a piecemeal solution for securing the network. You can enable the intrusion prevention system with deep packet inspection if you haven't done so already. There might also be an option for the USG to enable a honey pot. Keep in mind that IPS and DPI takes a lot of processing power to work. The older USG models will cap out at around 80 mbps and the newer ones at around 250 mbps if you turn those features on, so if you have fast internet, it'll be slowed down somewhat. I don't know if the USG has a way to monitor network activity, but if it doesn't, you could use Portmaster on your computer and use the activity monitor on there. It's a roundabout way to do it, but if a device with malware or an intruder is on the network, you will usually see odd connection requests show up on the activity screen since they will look for more devices to infect.

@@KenHarrisio Thank you so much for this protection lesson! I have some of these features enabled in the USG. I really like Ubiquiti solutions, and they are improving in terms of security. I'm looking to further protect my work network.

Yup! You can find the specific option in the global settings page > filters list > ads & trackers > telemetry. As soon as it starts, you can see MS connections being blocked in the network activity screen. That said, if you have Group Policy, or if you only have Home edition and use something like Chris Titus Tech's tool to block telemetry, you can stop 95% of it without having to rely on a blocklist.

@@KenHarrisio Tnx Really kind of you. I use LTSC, and I've already manually deleted some stuff,. Soon i switch to Linux, but unfortunately at least in VM I will still have to deal with Win, so regoing manually everything every time, it's tedious. I take this opportunity to congratulate you on the excellent channel, to which I'm subscribed, which I hope will grow quickly. You have a particular way of explaining, very in-depth unlike many other video tutorials/reviews, i can see that you put passion into it.

@@jackburton5085 Thanks, I appreciate the support! 🍻

I don't think they are trying to push SPN. It depends on how the settings in the VPN app are used, which like you said, is because of DNS. I've used several different VPNs and it works fine with Portmaster running as long as the VPN DNS isn't enabled. If one wanted to just use an incompatible VPN temporarily, they could also just turn Portmaster off.

It's an okay firewall, though I don't think it's great. One of the biggest issues with it is the massive amount of popups of stuff trying to connect.

@@KenHarrisio i put it in safe mode, and it say that chromes tries to connect to the internet and no more, i think i am safe or it doesnt work (sorry for my bad english). Is kaspersky better?

No worries, your English is really good. If you want to block Chrome from having an internet connection and it doesn't work anymore, then yes, it's working. The amount of popups that it throws out makes it hard to really understand what needs to be allowed and what need to be blocked. As for Kaspersky, it's been one of the highest rated security suites for quite a few years. If I had to pick Comodo or Kaspersky, I would definitely take Kaspersky.@@alifsheikh4237

It's okay ...

@@iewauhedoc9970 now i use kaspersky free plan+proton vpn+ some chrome extension (i am thinking to switch to firefox, but idk for all things happening with yt)

Zonealarm used to be top shelf back in the mid and late 2000's when I first got into this stuff, but I haven't used it in recent years. I was looking at some reviews and it sounds like it has fallen off compared to a lot of other options. Since I haven't used it in so long, I can't give you a good personal opinion on it.

I'll tell you my experience. I've been using it for years. I know that it uses a lot of resources but it was always my go-to firewall. For the last few years, it had something running in the background and it was not only slowing my computer every 10th time, it was getting worse and worse the more time passed by. My RAM and my motherboard were suffering so much, it killed them both. How do I know? I bought a new mobo, new RAM. Top of the line. In less than two weeks, my PC started acting again. Luckily, I manage to figure out that it is only acting when one process from ZoneAlarm was going in endless loop, stressing my whole PC utterly. I deinstalled Zonealarm and not once today did the sluggishness appear. Just installed this firewall and it looks promising. ZoneAlarm is free yet in the end, was costing me 280€. I know, sound silly - firewall destroyed my motherboard haha you must be joking me, right? I am telling you, I've spend counteless hours trying to figure out what is wrong with my PC. After replacing mobo and RAM, I was determined to find out what IS the problem becuase it was driving me crazy. This was only explanation since PC was sluggish ONLY when that process was runnign in the loop in the background, starting / stopping endlesly. Hope this helps. Writing this only becuase I am flabbergasted by the fact that random software in the background was stresing hardware to the maximun so that the hardware finally stopped working. New motherboard and RAM were working for three years like this, until it finally got fried. Only very noticeable last few months, it was sluggish from the beginning but never noticed since it could barely be felt at the very beginnings. Cheers. Sorry for long text. p.s. I love PC hardware, I've assembled more than 50 PCs in my life, it's my hobby, had my own company for repairing computers and that is my hobby since I was 14. I am 45 now. Just saying, I am not a random kid that thinks he knows hardware and saying that XYZ program destroyed my PC is really a bold statement, I know how it sounds but that is the only explanation. Everything, hardware related, in my system is top notch - best components etc. It was a huge suprirse to me that mobo stopped working after only 3 years, that is just ridicilous... But now I know and what ever some one out there could say (haha software killed the mobo haha), I am sure that I am right. Take care.

@ Wow, I didn't know the software had been going that far downhill. Back in the mid 2000s, ZA used to get top reviews and was at the top of their game. It's interesting to see the changes in the cyber world. Panda was another one that used to be top tier and it seems like they've fallen off somewhat as well, and now it's companies like ESET and Kaspersky that are leading the pack. I'm sure in another 10 years, there will be different companies taking those places. And in case anyone doubts what you say, software is absolutely capable of destroying hardware. I've had some close calls with some of my hardware in the past, though fortunately didn't have any of it get fried.

Damn, that sucks. I had no idea they were blocking this. I'm guessing it might have something to do with the encrypted DNS? The most immediate thing I can think of that might work instead is to try a VPN with v2ray or a similar obfuscation method to mask the VPN traffic.

@@KenHarrisio when ur govt literally attacks, you can hardly do anything. I just got a sudden power interruption yesterday and now one of my Win PC's gone and a power inverter. This happened coz am one of the folks who're organizing this campaign against EVMs in the country, plus I write against this fascist regime and am an athiest+communist in a country where fanatics are the rulers. I'm currently using probably world's most secure-and-privacy friendly VPNs but since the Indian govt made this rule for all VPN providers operating within the territory to give away all user logs for 5 years, Open VPN is the only option remaining, or a reliable Open VPN client. But by the time they connect, at least Windows PCs and Android phones already broadcast your IP. Another interesting thing for more than a year I've been noticing now that no private DNS works on certain telecom/ISPs. You can't download torrents on some ISPs, on others, you've download without VPN. Maybe you can search Central Monitoring System or Aadhaar issues, both political and privacy-related stuff. Unfortunately, nobody writes aganist the digital crime+Gestapo hub this nation's become, thanks to BJP's Narendra Modi govt's media muzzling rules and laws.

Because some people like to have other options and capabilities in a program.

Not everyone knows how to write a Powershell script lol

why@@Barncore

@@lollubrick apparently being able to write powershell scripts stopped your brain from working