Zone Alarm Scumbags?

[nihil]

I just got a message from ZoneAlarm....................some nasty virus due to go off on the third of February..................

It seems that I have to pay them$19.95 for the "non-free" version to be "protected"

It is at this point in time that most ship's rodents look for a line or a liferaft?

ZA just blew it IMO?

[ShagDevil]

Figures Nihil.
What I would do if I were you, is if you really want to keep ZA and not pay the $19.95, research the virus and configure the firewall yourself (a.k.a what ports it's known to use, .exe's, .dll's, etc). I'm also a little confused as to how they would "protect" a firewall.

[Relyt]

Hey Nihil,

You got my interest up so I visited ZA's site, had to google for it...lol

However the whole thing appears to be an opportune time for them to push for the paid versions. I didn't find anything that said the freebie would do the same things. But scan the verbage here and I think will see that it's a perfectly timed sales pitch.

Zone Labs Products: To ensure the most comprehensive protection, computer users should employ ZoneAlarm® Security Suite, or ZoneAlarm Pro.

ZoneAlarm Family: ZoneAlarm Pro and ZoneAlarm Security Suite protect your system against this vulnerability through "Internet Zone Security" and "Trusted Zone Security".

Interesting no mention that the Freebie won't.

Did they specify it won't in the notice they sent you, just curious?





Edit: Here's the beginning of thier advisory

BlackWorm Email Worm

Overview: BlackWorm is an email worm that uses its own SMTP engine to spread through e-mail and open network shares. Blackworm is also known as BlackWorm/Nyxem/Blackmal/Blueworm/Grew. This vulnerability has been classified as "High Risk." Computer users should take appropriate action to be protected against this worm.

Date Published: January 25, 2006
Date Last Revised: January 25, 2006

Impact: Using its own SMTP engine, BlackWorm spreads using different subjects, email bodies and attachments. The attachments sent by the worm may contain the following extensions: pif, scr, mim, uue, hqx, bhx, b64, and uu. On February 3rd, computers that are infected with BlackWorm will have the following file types overwritten by the worm: DOC, XLS, MDE, MDB, PPT, PPS, RAR, PDF, PSD, DMP, ZIP. The files are overwritten with an error message ('DATA Error [47 0F 94 93 F4 K5]').

Platforms Affected:
Windows 2000
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server 2003
Windows XP

Zone Labs Products:
To ensure the most comprehensive protection, computer users should employ ZoneAlarm® Security Suite, or ZoneAlarm Pro. Zone Labs products are not vulnerable to this attack. All Zone Labs security products, including ZoneAlarm, protect the user's system from unauthorized access and intrusions, and alert the user when malicious code attempts to access the network.
...

[nihil]

Hey, I am not a toe-rag,

All I was saying was that the freestuff does not work?

It is theirs to give, and theirs to take away?

So sayeth The Lord

[Relyt]

Edit: Didn't mean to imply anything. I don't rely on ZA, but just curious about it because of another issue with the non-paid version:

Direct Data Exchange - Interprocess Communications:

http://www.security.nnov.ru/Jdocument825.html

From:
Debasis Mohanty <mail_@_hackingspirits.com>
Date: 29.09.2005
Subject: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC


"...I found that a very old flaw still exists in many latest versions of desktop based firewalls. It is possible for a malicious program to bypass a desktop based firewall by using DDE-IPC (Direct Data Exchange - Interprocess Communications) which enables an un-trusted program to communicate with the attacker or access internet via other trusted programs..."



[Full-disclosure] Zone Labs response to "Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC"

Zone Labs Security Team security at zonelabs.com
Fri Sep 30 00:43:00 BST 2005
Zone Labs response to "Bypassing Personal Firewall

Affected Products:

"...Zone Alarm free versions lack the "Advanced Program Control" feature and are therefore unable to prevent this bypass technique..."

toe-rag???... -had to look that one up

It means that the person addressed is contemptible or worthless, a scrounger. Though it can be a relatively mild insult among friends, you should avoid saying it to strangers unless you want a smack in the mush or a punch up the bracket.

/me reaches over and pats the old 500mhz box on the head and says, "Down Boy - Black Worm doesn't affect you Smoothy!"

cheers

[migik]

Here compare of ZA products:
COMPARE

If ZA cannot then it is may be good use AVAST and it's NETWORK shield, in addition to ZA.

For a time before it was some bug in ZA that make's it crash when avast was installed. I hope that this bug gone. ZA is slow in updates of free version.

[JonnyFrond]

I got the same email from them, and if you look, they are just trying to advertise their antivirus. It is a little sick though I must admit, as about a month ago, I nearly lost they use of my pc to something called "winfixer" which popped up everytime I opened my browser. A box would pop up, giving me a yes/no choice saying "buy this and we can get rid of this banner for you so you can use the internet again" to which point you say no, and it would shut down the browser. Particularly annoying when you have revision to do.

The fact that Zone Alarm hint that it knows how to solve this problem of Blackworm, for which there is an alert on this website, to me is a particularly unethical way to behave and tempts me to find another fire wall. Problem is, I have not been able to find a better free one.

It is sad when a company you trust abuses it in such a way.

Anyone know of better firewalls??

Regards
Jonny

[geepod]

Surely if you are that bothered about an antivirus solution you would pay for it. OK so they want $20 thats nothing to protect you data right, about £12 if your in the UK.

No matter what they say about there free versions, if you get a free product you will get what you pay for as it were.

I personally have used just about every personal firewall, antivirus, security suite out there and have found the latest version of the internet security suite from zone labs to win hands down, if you wantr the best anitvirus solution for a home user i suspect that kaspersky is the best solution and will work happily along side zone labs with there anitvirus disabled.

Free versions are great but you do get what you pay for, at the end of the day the prices charged for protection today are quite cheap if you value your data.

Every user and every machine is different, however for me and my machine the Zone labs security suite 6 works great if i was bothered i would disable the antivirus and run kaspersky as a seaperate solution.

Pay and then if they let you donw then complain, dont complain because someone gave you something for nothing.

[Relyt]

Originally posted here by migik
Here compare of ZA products:
COMPARE

If ZA cannot then it is may be good use AVAST and it's NETWORK shield, in addition to ZA.

For a time before it was some bug in ZA that make's it crash when avast was installed. I hope that this bug gone. ZA is slow in updates of free version.

Great idea about keeping other options open, however, never a good idea to mix two software firewalls within the same OS. They are competing in that case and you will encounter frequent conflicts and crashes. One properly configured and updated firewall with a well founded layered defense!

cheers

[Aspman]

ZA have always been a little sneaky with the freebie. It flashes up a lot more warnings than the paid for version. I can live with that, it's free and it works ok.

Mind you Nihil, the free ZA is a firewall only, why would you expect it to protect you from email viruses?

As an aside what are the current freebie alternatives to ZA? I've used it for so long I've lost track of the other products?