Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zone Alarm Vs 180 Solutions: Zango hooks?

Posted by Hemos on from the deconstructing-postmodern-spyware dept.

Sub-Seven writes "Found at Vitalsecurity.org, they detail how a Microsoft MVP pulled the Zango file to pieces, and discovered some interesting facts about exactly what a "simple" fun and games application does to a machine that its running on. Hooking into Windows OneCare and Microsoft Antispyware? What's that all about? "

6 of 166 comments (clear)

  1. First Time I've ever seen that... by dtolman · · Score: 4, Informative

    Is it just me, or is the friggin slashdot summary got more information than the linked article?

    Thats gotta be a first...

    1. Re:First Time I've ever seen that... by Bob_Villa · · Score: 5, Informative

      On the blog, just click the link that says "Very thorough runthrough", which links to the following url: http://mvps.org/winhelp2002/temp/zango.htm

      I think this link is actually pretty good. I agree, the blog wasn't the most clear.

  2. Removing spyware in applications by dada21 · · Score: 4, Informative

    It wouldn't surprise me if 30% of my IT company's income came from user stupidity combined with software such as the XCP, spywared games, and other fun entertainment products. Yet this is just the market at work. Loopholes are found, usually because of click-through-licensing. Companies will always attempt to build their markets and consumers will always find the bad seeds.

    It is very important to realize that as long as end users continue to install these programs, marketing companies will feed their needs. You could ague for laws against these backdoor programs, but it wouldn't solve anything and in fact might make the problem worse as companies find sneakier ways to get into your desktop.

    The only way to make a smart consumer is to inform them of the bad things. This means getting the word out, telling others to be careful, and even offering training for groups. My company makes a good profit on spyware, but we offer completely free training days for companies that want to save money by training their employees in safe web browsing. I don't think the answer is "Install Linux and Firefox and the problem will go away!" If Linux/Firefox occupied 90% of desktops, the marketing companies would find a way to take advantage of that platform.

    Smart users are informed users are users who won't continue making the same mistakes. Finding band-aids through legislation or discrete installation of anti-spyware software isn't going to solve the problem.

    As a sidenote -- the reason for training my customers in smart browsing techniques is a selfish one. As we reduce a company's cost of doing business, our referral rate skyrockets. The less we work/bill, the more work we have to bill. If you're a consultant and you're not seeing a decent increase in your customer base every year, you're not doing a good enough job. There is more work in the U.S. than is being tapped, and it is usually because companies aren't seeing things getting better.

  3. Re:Software firewalls?! by sirwired · · Score: 4, Informative

    Um...not sure what's going on here...but I think software firewalls have to be one of the silliest 'security products' out there. I still can't believe cable companies don't distribute modem/routers to users and remotely configure them to block the commonly exploited ports and protocols.

    Errr... because quality software firewalls (like ZoneAlarm) and home hardware firewalls/routers protect against two entirely different problems?

    Home Routers/Firewalls protect your machine against INBOUND, unsolicited connection requests. This makes you immune to attemts to exploit server-type services, like file-sharing, IIS holes, etc. This lets me run VNC, Apache, whatever on my home machine and not have to worry about keeping patches up to date (or even setting a password, for that matter.)

    Software firewalls protect you against OUTBOUND connections you did not authorize. Port-blocking does nothing to stop this because a nefarious software vendor can't be stopped from sending an outbound request on port 80 by an external firewall.

    I can't count how many programs (even legit ones) that shouldn't be talking to the internet keep requesting outbound connections. (This is all caught by ZoneAlarm.)

    SirWired

  4. Why the blog? by imroy · · Score: 4, Informative

    Why link to some guys blog with inane comments, when you can link to the page he refers to? Lots more information there.

    What is it with blog pages that link to another blog, which links to another blog, and so on? If this is how things are done in the blogosphere, then my already low opinion of bloggers just slipped a little. Just provide a link to the original f**king information!</rant>

  5. What's the hook being used for? by kawika · · Score: 5, Informative

    180 is suing ZoneLabs for a very specific and narrow statement as far as I can tell. ZoneLabs says 180 is monitoring key and mouse info, 180 says it is not.
    The analysis linked from TFA explains that he found evidence of setting a windows hook. The question is, does Zango use that hook to collect mouse and key info, even for a short time, or are they using the hook for other purposes? What would those purposes be?