Slashdot Mirror
ZoneAlarm Employs Scare Tactics Against Its Users
snydeq writes "Check Point Software appears to be ripping a page from the 'scum it claims to fight,' running a scare-tactic warning dialog to frighten users into upgrading to a paid version of the company's ZoneAlarm firewall product. Preying on fears of ZeuS.Zbot, the Check Point warning dialog tells users their PCs 'may be in danger' without having found ZeuS.Zbot, nor having checked to see whether you're running an antivirus product. 'The program doesn't care if you're infected with ZeuS.Zbot, or if you have protection in place. It just wants to sell you an upgrade to the firewall that may or may not detect future ZeuS.Zbot variants' activities — some day.' Check Point's customers have inundated the ZoneAlarm forums with complaints."
I haven't used that piece of garbage software in about 5 years.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
I used to recommend them to residential users. I will not ever again.
...Rob
The American Dream isn't an SUV and a house in the suburbs; it's Don't Tread On Me.
Well, they fooled me at first because I've had ZoneAlarm installed for ages and trusted it. After looking through my running processes, registry, etc, and doing a virus scan I suspected something was dodgy because there was no indication of this zeus trojan. It was then I found the big list of complaints on ZoneAlarm's forums. I was a bit annoyed that they wasted my time. Until yesterday when this showed up I had no reason no to trust what ZoneAlarm was telling me. Now, I am not so sure.
The summary is spot on. I haven't been a Windows user for a number of years, but a friend asked me to fix her malware problem and I reinstalled her Windows XP box. For the firewall, I remembered ZoneAlarm from a few years ago and installed it. After the first reboot, some stupid popup appeared, prompting me to "like" the software on Facebook. I'm like WTF? But still gave them the benefit of the doubt. Next reboot it comes up with the totally bogus popup that I may get infected with Zeus. I had to reread it twice to find out it really was an advertisement.
I downloaded Comodo, unplugged the network, uninstalled ZoneAlarm, installed Comodo and plugged back into the inter webs. Never looked back.
I probably will not buy any Check Point software for my business either.
8 of 13 people found this answer helpful. Did you?
Requirements:
1) Rule-based. I want to permit/deny network traffic to certain apps. 2) Option of "PermitTraffic/AllowTraffic" and "LogTraffic/IgnoreTraffic" as independent settings. (e.g., I want to allow logging of permitted applications' traffic, as well as denied apps' failed attempts, and after looking at the logs, decide whether or not I want to bother logging it.)
3) Accurately figure out which app is actually responsible for denied traffic. (Looking at you, PrivateFirewall 7.0, which never actually says that it's the Windows Update client that's legitimately trying to access some random Akamaized download site.)
I tried the built-in Windows firewall, but it was difficult/cumbersome to set up in default-deny mode, and when I did, I couldn't easily find out which app was causing the denied traffic. (e.g. is it some game that phones home on the first attempt to register/activate, or is it some bullshit Games For Windows Live client that has no need to be used in a single-player game?)
Thanks to PrefBar for one-click Javashit and Flash toggling, a non-Adobe PDF reader, an ad-blocking local proxy, and the equivalent of a decent-sized ad-blocking HOSTS file implemented in the external router, I've never actually been hit with malware, so I'm more interested in monitoring unsolicited outbound traffic than worrying about inbound traffic. Likewise, I'm more interested in legitimate apps rather than malware that could trivially disable the software "firewall". Given that sort of environment, what's the current best practice for software "firewalls"?
There are posts that reference other threads where this was "already posted," but clicking those links leads you to a vBulletin "No thread specified" page. Presumably ZA has been deleting threads....
See http://forums.zonealarm.com/showpost.php?p=283423 and http://forums.zonealarm.com/showpost.php?p=283420 for example posts... both those posts reference a nonexistent thread.
Damage control maybe?
Here's to the crazy ones
It used to be a sophisticated light weight feature rich firewall for windows.... it allowed rules and whatnot.... now... its a bloated flaming pile of sh*t sinking with a horrible company that deserves to be put out of business for its questionable marketing practices and horrible customer support.
Noone writes jokes in base 13!
CVE-2007-0069
CVE-2007-0069
CVE-2010-1893
Though the last one really doesn't count for ZoneAlarm's intended function, as it's a local privilege escalation.
Reference: http://cve.mitre.org/index.html
Search terms: Windows kernel tcp/ip
Everybody gets what the majority deserves.
When they basically refused to support Windows 7. I have sense replace the firewall on ALL my machines (including my XP machines) with PC Tools Firewall Plus. It is free, and provides better protection than Zone Alarm.
Hello,
Below is a list of free application software firewalls I put together a while ago. Not sure if they are all current, and I am probably missing quite a few, but it is a starting point.
Firewalls
Active Network - Active Wall Free Edition
Agnitum - Outpost Firewall Free
AS3 Soft4U - AS3 Personal Firewall
Ashampoo - Ashampoo Firewall Free
Comodo Group - Comodo Firewall (now a part of Comodo Internet Security)
FilSecLab - Filseclab Personal Firewall Professional Edition
Group 4 Business Intelligence - IDNWebShield (main web site down when last checked)
NetVeda - NetVeda SafetyNet
PC Tools - PC Tools Firewall Plus Free Edition
PrivacyWare - Privatefirewall
SecurePoint - Securepoint Personal Firewall & VPN Client - (discontinued?)
SoftPerfect - SoftPerfect Personal Firewall
Tall Emu - Online Armor Free - (acquired by EmsiSoft?)
WIPFW Project - WIPFW - (port of BSD IPFW)
Firewall Managers
GT Delphi Components - Windows Firewall Ports & Applications Manager (WFWPAM)
Sheesley, Eric - XPFiremon
Hopefully, this is of help.
Regards,
Aryeh Goretsky
Dexter is a good dog.
Linux 2.2 wasn't released until 1999. 12 years ago, we were using a tool you probably never heard of called ipfwadm, and before that ipfw
Linux's firewalling capabilities have always been miles ahead of Windows' built-in firewall capabilities in terms of being functional, flexible, and easier to get to do what you want for the power user.
Windows, ZA, Comodo used to be ahead in terms of usability for the average user.
Linux firewalling capabilities improved a bit over time, they became more powerful and more user friendly (at least for the Linux admin), more capabilities were introduced in the form of modules.
However, Linux firewalling didn't change much --- it's pretty hard for something that is already nearly perfect to evolve.
On the other hand Windows had and still has a lot of ground to cover in regards to improving the firewall.
It is more cumbersome than ever to add firewall rules or exceptions to the Windows firewall. No simple text-based language. No built in rapid CLI-based addition method (have to resort to still a cumbersome GUI to do it).