We have all been using the built-in firewall through the control panel, set the in/out permissions and consider ourselves safe, but how fool-proof is it? For example, I had noticed in the past (a few years ago) that some apps can change or alter those rules. Once I had installed VirtualBox and it added its own firewall rule to allow itself internet access (both in and out). However, I removed those rules, but when I upgraded VirtualBox to a newer version, it recreated those rules again! This led me to the question, how safe is the firewall really? If any app can add/substract the rules, then what good use is the firewall. Suppose, somebody writes an app that adds a firewall rule to allow a free access, then do everything they want (like create a botnet, etc.) and then remove that rule. What will happen then? Will such event even be recorded somewhere to later prove that the app did it?