[Registration Codes]

Why require a registration code if they are free?

In short: developer's prerogative. The registration code system provides several benefits.

The primary benefit is that a single binary distribution is possible. Many levels of features are available within GlowWorm FW, and a valid registration code unlocks a certain set of those features. This makes development more manageable with limited resources.

The initial purpose of the registration system was to create a user base during the time that the Lite version was available while the first commercial version was still under development. At the option of the user at the time of registration, we made clear our desire to notify the user when the commercial version became available. Additionally, the wide distribution of registration codes provided an excellent test of the registration code system. Thus the first few Lite users were potentially subject to the version-one registration system issues instead of the first few customers.

Subsequent to the grand roll-out of the commercial version, it will no longer be as crucial to require free registration codes for the Lite version. This requirement will possibly be removed. It is undecided at this point.

Why not just use a serial number? First, serial numbers tend to prove relatively easy to crack. That's not to say that the GlowWorm FW registration system is impervious. Nothing is. The registration code itself contains XML which can describe exactly which features to enable, with a granularity that would not be possible with a serial number.

Update: The requirement for a registration code has been removed as of v1.5.2b9. Without a registration code, the Lite feature set will be enabled.

   [Password Prompts]

Why do I have to type in my password to active GlowWorm FW?

This question is asked a lot, and definitely deserves its own FAQ entry. Security is rarely convenient and many people expect to be able to add security without adding any inconvenience. This is unrealistic. However, the inconvenience can be minimized. Read on to understand how the GlowWorm FW rules system works, and how you can configure it to maximize its effectiveness while minimizing the inconvenience.

Aftering installing GlowWorm FW, you can set a preference so that it will enable at startup. No password prompts required. However, if you have your rules configured such that "unsupported" network events result in an "Ask" action, then the menubar application will need to be running; otherwise those network events will be auto-allowed.

Starting the menubar application requires providing your password. Why? Because without that level of security, any application (including a malicious application specifically targeted at GlowWorm FW) would be able to connect to the kext, manipulate rules, authorize network events, and many other things. This would effectively make the security provided by GlowWorm FW a complete facade; and even worse, the user would feel more secure for having installed GlowWorm FW, which thus only made the situation worse and less secure.

GlowWorm FW can be imposed upon non-administrative users by simply configuring the rules accordingly. No Administrative user needs to be present at any point after the initial configuration. To accomplish this, define a user-specific rule for the non-administrative user that will Deny All, and place it near the bottom of the rules list. Remember that rules are evaluated in the order that they appear in the rules window (top to bottom). If you have an Ask All rule in place, as is the case by default, be sure to place this new Deny All rule *above* the Ask All rule.

Now, when you (an administrative user) are using the computer, any unsupported network events will prompt you for a decision; while when the non-administrative user is using the computer, any unsupported network events will be denied.

The rules system is amazingly flexible and there are many ways that it can be configured; and it can likely meet the specific needs of your environment. Familiarize yourself with the rule options (like Users & Groups) and understand the order of evaluation (top to bottom).

© Symphonic Systems, 2006 All Rights Reserved