Slashdot Mirror
Zone Alarm Vs 180 Solutions: Zango hooks?
Sub-Seven writes "Found at Vitalsecurity.org, they detail how a Microsoft MVP pulled the Zango file to pieces, and discovered some interesting facts about exactly what a "simple" fun and games application does to a machine that its running on. Hooking into Windows OneCare and Microsoft Antispyware? What's that all about? "
Zango dango bo-bango, banana fana fo-fango fe-fi mo-mango, Zaaaango.
180Solutions was complaining that "ZoneAlarm was advising that our 180search Assistant "is trying to monitor your mouse movements and keyboard strokes" well let's see after reading the above ... that description looks right to me.
This is worse than spyware. This could be used to transmit your account codes and PINs, passwords, etc.
Sounds like stealware(TM) to me!
HexaByte - he's a square and a half!
The linked-to blog article is clear as mud
No kidding. The blog article has ZERO content, apart from linking to two other sites about some program that purportedly is being flagged as spyware.
If slashdot is accepting lame "my blog entry" submissions like this (and what's with the "Microsoft MVP" comment in the submission? That's like trying to give credibility to a blog entry by purporting it to come from a "high school graduate"), then I'm going to start submitting every entry I make. Maybe I'll blog about this blog entry that blogs about a blog entry and submit that.
Ah well, like I - esteemed high school graduate and Blockbuster cardholder - said - most blogging is bloggers talking about blogging. (Yes, hypocrisy runs deep with this)
For anyone who doesn't know, you become a Microsoft MPV largely by being an unemployed loser - the more time you can waste away providing pro-Microsoft answers on Microsoft's message boards, providing them with a lot of free labour.
What about all those people providing support on Linux/MySQL/Apache mailing lists/forums etc - what
are they? Unemployed losers or OSS champions?
180 is suing ZoneLabs for a very specific and narrow statement as far as I can tell. ZoneLabs says 180 is monitoring key and mouse info, 180 says it is not.
The analysis linked from TFA explains that he found evidence of setting a windows hook. The question is, does Zango use that hook to collect mouse and key info, even for a short time, or are they using the hook for other purposes? What would those purposes be?
This is IMO becoming a problem in a lot of games. Counterstrike, World of Warcraft, Valve with its Steam engine, crap like punkbuster that scans your entire drive, registry and who knows what else, just to make sure you aren't cheating. And we are not talking about minor game companies here.
Don't get me wrong, cheating is a major (if not: the worst) problem in online games, but the lengths to which game providers go to assure (a) that you are using a legally bought version of the game (most important) and (b) that you are not using modified drivers, game libraries etc. in order to cheat (game company couldn't care less, but it costs them customers so they have to care..), could certainly make some of them be rated as 'spyware'. Then again, so can Windows XP itself. After users accepted that activation crap from Microsoft, where else could you expect this thing to go? If Microsoft is allowed to do it, then why not $small_corp_with_questionable_ethics?
(obviously, the answer is that Microsoft should not be allowed to do it in the first place, either. But as it is, this company might actually have a point - if Sony can do it and not be detected for over half a year, why can't they? The idea is ridiculous ofcourse, but hey...)
Every expression is true, for a given value of 'true'
On the blog, just click the link that says "Very thorough runthrough", which links to the following url: http://mvps.org/winhelp2002/temp/zango.htm
I think this link is actually pretty good. I agree, the blog wasn't the most clear.
For anyone who doesn't know, you become a Microsoft MPV largely by being an unemployed loser - the more time you can waste away providing pro-Microsoft answers on Microsoft's message boards ...
/. are admittedly funny at times, but this is as unfunny as it is unfair. First, only web weenies would refer to news groups as message boards. Second, those groups are an invaluable resource, being freely available, active, and representing a wide cross section of experience, they're one fo the few places where you can find honest and up-to-date information. And third, while Microsoft does offer a pseudo subscription-based pricing for "guaranteed responses" (from the MVPs, among others), most posts are the result of volunteer efforts.
/. is annoying enough without being forced to justify the efforts of those trying to help others, irrespective of the venue or their individual capacity.
The MCSE jokes on
Perhaps the next time you send a question off to debian-users, for example, hoping for an answer from one of the "regulars", you avoid suggesting that any of them must be an unemployed loser for bothering to respond. Unless playing the part of a troll is somehow more rewarding.
If it sounds like I'm pissed off, yeah, I am. Having to defend something Microsoft related on
As for anyone else using Windows and is unfamiliar with usenet, I'd suggest exploring the ms.public hierarchy with whatever news client you have available, and get into the habit of reading a few of them before applying the latest patch or service pack, or are otherwise trying to resolve an issue or trying to learn something. The top posting is murder, but the information is free and unlikely to be available to the same extent anywhere else.