"Case in point, Microsoft Office has no good reason to be aware of the existence of the internet."
shrug I think the same, but it's a fact that new versions of Word heavily integrate with Sharepoint and Teams. I don't use that functionality (at least not a lot), but for some businesses it's the primary use case, and it's how Word can manage to stay relevant even when competing with Google Docs. The concept of 'files' is going away slowly anyway, like it or not. (I don't, but again, nobody ever asked me). There's more - like, when you install a new spell checking language pack, something accesses the internet. It's most likely the installer/automatic updater 'service' that does this, but then you're again in the 'what's this process for anyway' territory.
My point - I think your view on how software 'should' behave is the same as mine, but the reality is that our view is outdated. It's just not how software works in 2023.
It's actually timely for me, as I just started using Glasswire with a clean ruleset. As I'm typing this, freakin' explorer.exe asked for network access to an outside IP address. It's hard to disallow explorer.exe network access as I won't be able to access SMB shares without it, but I have no idea why it would go outside my network.
I did just block Word from accessing the network at all. I guess I'll find out over the next few days in what ways it will break.
(that's another thing - most software nowadays doesn't even handle not having network access gracefully any more, if at all. Sometimes you just get blank parts of a window (presumably when embedded HTML views silently fail) and there is no way to 'reload' those parts of the UI. Or windows that don't open at all, so it just looks like a button doesn't do anything. And so on. It's disgraceful and like I said upthread, many of today's engineers just think it's normal, or are told to implement it that way against their own convictions. I mean I understand why things are they are, I just don't agree with the lack of effort in fighting back against the drivers of that outcome.)
> It's actually timely for me, as I just started using Glasswire with a clean ruleset. As I'm typing this, freakin' explorer.exe asked for network access to an outside IP address. It's hard to disallow explorer.exe network access as I won't be able to access SMB shares without it, but I have no idea why it would go outside my network.
I don't know glasswire, but on Commodo firewall you can set a rule to allow access to your local network by default (or any range of IPs) and ask about external access, which would be a way to solve your problem with explorer.
Yeah I should probably look into it more. Can Comodo's firewall be used standalone, i.e. without its antivirus? What I needed from Glasswire was click-to-allow on each network access, I couldn't find that in any product I tried a few years ago before I decided on Glasswire.
> Can Comodo's firewall be used standalone, i.e. without its antivirus?
Yep, just pick the firewall from the installers and make sure you uncheck everything except the firewall during the install (they are tricky, these guys):
after installing go through and (again) disable everything but the firewall. I also use their firewall to block their firewall (hah) from updating. Once you do this it works fine as a standalone firewall and the only reason to ever update it is if you reinstall or upgrade Windows.
EDIT: It does per-app blocking great; that's why I use it. I tried glasswire and didn't like it (or maybe they wanted to charge me money, I forget).
I am a bit confused about Portmaster and Safing. The documentation on Safing constantly refers to Portmaster. Does portmaster do anything besides act as a local firewall?
explorer.exe is also responsible for the Windows "shell" (Start menu, taskbar, system tray, desktop background), at least historically. I think more of this started to be done by Metro and UWP subprocesses since Windows 8. (But explorer.exe is ultimately still important—if you kill its process, you lose everything but alt-tab and control-shift-escape). So I'm not too surprised that it would request network access given how much it's doing.
shrug I think the same, but it's a fact that new versions of Word heavily integrate with Sharepoint and Teams. I don't use that functionality (at least not a lot), but for some businesses it's the primary use case, and it's how Word can manage to stay relevant even when competing with Google Docs. The concept of 'files' is going away slowly anyway, like it or not. (I don't, but again, nobody ever asked me). There's more - like, when you install a new spell checking language pack, something accesses the internet. It's most likely the installer/automatic updater 'service' that does this, but then you're again in the 'what's this process for anyway' territory.
My point - I think your view on how software 'should' behave is the same as mine, but the reality is that our view is outdated. It's just not how software works in 2023.
It's actually timely for me, as I just started using Glasswire with a clean ruleset. As I'm typing this, freakin' explorer.exe asked for network access to an outside IP address. It's hard to disallow explorer.exe network access as I won't be able to access SMB shares without it, but I have no idea why it would go outside my network.
I did just block Word from accessing the network at all. I guess I'll find out over the next few days in what ways it will break.
(that's another thing - most software nowadays doesn't even handle not having network access gracefully any more, if at all. Sometimes you just get blank parts of a window (presumably when embedded HTML views silently fail) and there is no way to 'reload' those parts of the UI. Or windows that don't open at all, so it just looks like a button doesn't do anything. And so on. It's disgraceful and like I said upthread, many of today's engineers just think it's normal, or are told to implement it that way against their own convictions. I mean I understand why things are they are, I just don't agree with the lack of effort in fighting back against the drivers of that outcome.)