ZoneAlarm Free flaw - no fix

Discussion in 'Computer Support' started by Max Quordlepleen, Jul 2, 2003.

  1. Apologies if this is old news, but I found it noteworthy, and a good
    reason to shun ZoneLabs http://snurl.com/1pgw
     
    Max Quordlepleen, Jul 2, 2003
    #1
    1. Advertisements

  2. Max Quordlepleen

    Mara Guest

    Sygate! ;)
     
    Mara, Jul 2, 2003
    #2
    1. Advertisements

  3. Max Quordlepleen

    Paul - xxx Guest

    Max Quordlepleen deftly scribbled:
    Must admit to thinking it's relatively refreshing to see a company
    acknowledge that a product of theirs can be exploited via a 'bug' in
    something else and suggest a way round it.

    Admittedly their way around it is to purchase an enhanced version of their
    free software, that has more controls built-in, something along the lines of
    'get what you pay for'. It would also appear to me (though I'm *not* a
    professional in PC/Networking security), that almost *any* firewall that
    allows applications free access to the internet, unless it had specific dll
    and application dll control, would also be susceptible to this bug. It
    doesn't seem to be purely 'Zone Labs' who could be exploited this way ..

    It appears to me that to exploit this 'vulnerability' a hacker would need to
    get a trojan ionto your machine which could firstly 'steal' usable
    information, invoke the shell32.dll, then run the shellexecute function and
    change the parameters in shellexecute to pass a web address to IE, which
    which could then pass that 'stolen' information to said website .. I mean,
    just how likely is that to happen ? To a home user, especially one who
    takes anti-trojan and anti-virus measures seriously ?

    I'm not saying that there is *no* danger, just that the amount of danger is
    so small that it's beyond reasonable measures to counteract .. unless you
    want to pay for a firewall .. ;)
     
    Paul - xxx, Jul 2, 2003
    #3
  4. Max Quordlepleen

    gangle6 Guest

    Plammers!
     
    gangle6, Jul 2, 2003
    #4
  5. Max Quordlepleen

    gangle Guest

    What's more despicable, arrogant software goomers,
    or lackadaisical sheep molesters?
     
    gangle, Jul 2, 2003
    #5
  6. Max Quordlepleen

    Paul - xxx Guest

    Max Quordlepleen deftly scribbled:
    I understand what you're saying .. But I look at it differently, and I
    didn't hear or read of them saying 'shut up and bugger off', they offered an
    alternative, albeit paid for, solution .. ;)

    Almost any company that offers a 'free' software of some sort, and I *do*
    mean companies as opposed to guys producing their own software for fun, tend
    to offer the free stuff as a loss-leader, with the chance that you'll like
    their kit and subscribe to their 'better', professional, priced and
    registered products. I see ZA as doing this with their firewall. It's not
    a despicable practice, I think it's a reasonable marketing strategy.

    The free stuff is *very* good .. yes, it has this flaw, but don't other
    firewalls and softwares that we pay far more for, like some OS's, have flaws
    ? The purchased products have extra features and benefits that we pay for,
    increased protection possibly being the 'extra' that demands a built-in
    cost.

    For me, ZA, does exactly what it says for free. I've tried other firewalls
    and *none*, at the same price, offer the same ease of use and safety that ZA
    does.

    There's no absolute guarantee of complete safety with *any* product ... ;)
     
    Paul - xxx, Jul 2, 2003
    #6
  7. Max Quordlepleen

    gangle Guest

    Yes, even cotton balls are deadly in the wrong hands.
     
    gangle, Jul 2, 2003
    #7
  8. Max Quordlepleen

    Paul - xxx Guest

    gangle deftly scribbled:
    Ear wax stands no chance, no way ..
     
    Paul - xxx, Jul 2, 2003
    #8
  9. This is the Flibbydabby Dee service of the BBC, & on Wed, 02 Jul 2003 23:17:06
    +1200, Max Quordlepleen uttered this:
    Hmm...it also reminds me of a large software company in NW USA....
     
    William Poaster, Jul 2, 2003
    #9
  10. This is the Flibbydabby Dee service of the BBC, & on Wed, 2 Jul 2003 04:38:09
    -0700, gangle6 uttered this:
    My case rests....
     
    William Poaster, Jul 2, 2003
    #10
  11. Max Quordlepleen

    Richard Guest

    It's freeware. Use at your own risk.
     
    Richard, Jul 2, 2003
    #11
  12. Max Quordlepleen

    Mara Guest

    Bleem ix ord nuged.

    "Fnord gigsfar."
     
    Mara, Jul 2, 2003
    #12
  13. Max Quordlepleen

    MudBone Guest

    I tried Sygate it *totally* screwed my system up. Had to do a system
    restore.
     
    MudBone, Jul 2, 2003
    #13
  14. Max Quordlepleen

    Mara Guest

    That's odd. Neither I nor anyone I know has ever had a problem with it. In fact
    I switched to it from ZA Pro because I _did_ have problems with ZA Pro. What
    exactly did it do?
     
    Mara, Jul 2, 2003
    #14
  15. Max Quordlepleen

    Paul - xxx Guest

    Stevo deftly scribbled:
    That was partly what I was saying .. It's only the free product that suffers
    from this 'anomaly', but it's fixed, or not a problem, in the retail
    versions .. ;)
     
    Paul - xxx, Jul 3, 2003
    #15
  16. Max Quordlepleen

    MudBone Guest

    I also had ZA, but the retail ZA Pro that was working excellently but
    wanted to try it to see what the *raves* were all about. Well I
    *uninstalled* ZA, cleaned the registry, rebooted, installed Sygate,
    configured it, rebooted, after about 30 minutes while browsing 8everything*
    shut down to a blue screen (not the usual BSOD people get) that stated
    system was shut down to prevent serious damage and it began a memory dump.
    After that was over I rebooted, uninstalled Sygate and went back to my
    reliable ZA that I have been using since the '90s' with paid renewals and
    getting ready to renew license yet again.
     
    MudBone, Jul 4, 2003
    #16
  17. Max Quordlepleen

    Josef Knecht Guest

    William Poaster doodled:
    "Duck tape is like 'The Force'..
    it keeps the universe together."

    http://www.octanecreative.com/ducttape/duckvsduct.html

    --

    zar 2k3 - ULC Reverend
    Certified Word Police Officer - Details Detail
    http://www.geocities.com/spamresources/spambots.htm
    http://www.drcnet.org/ http://www.abovegod.com/
    NuMbEr Tr3#3!!!!11! on a lits...

    "A man, a plan, a canoe, pasta, heros, rajahs,
    a coloratura, maps, snipe, percale, macaroni,
    a gag, a banana bag, a tan, a tag, a banana bag
    again (or a camel), a crepe, pins, Spam, a rut,
    a Rolo, cash, a jar, sore hats, a peon, a canal
    - Panama!"

    - Guy Steele Jr., CLTL2
     
    Josef Knecht, Jul 6, 2003
    #17
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.