ZASS: A Perfect Spy?

Discussion in 'other firewalls' started by fax, Jan 18, 2006.

Thread Status:
Not open for further replies.
  1. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    Zone Labs has posted their official reply on the Zone Labs user Forum to clear up any misconceptions:
    http://forum.zonelabs.org/zonelabs

     
  2. Nitrox

    Nitrox Registered Member

    Joined:
    Aug 11, 2003
    Posts:
    64
    Location:
    Ontario, Canada
    Looks like an admission of guilt after being caught to me.;)
     
  3. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    I think for Zone Labs to come out and say we have a bug is pretty much what we expect a good company to do. In my opinion the main intention of this was to clarify what the communication was for since people are starting to think that ZoneLabs is collecting people's surfing habit and that new rumours on the Isreali and U.S. governments are collecting info have surfaced. As I mentioned, much of this worry is unfoundeded and this is not the first time where Zone Labs was accused of working with the U.S. government.

    I you want another interesting read, have a look at this:
    http://iggyz.com/blog/_archives/2006/1/23/1719960.html
     
  4. Iagree

    Iagree Guest


    I agree. It does sound that way. I for one wouldn't be surprises though if ZoneLabs did work with the NSA behind our backs. I mean why not? Every other business in the US has to do basically whatever they command them to, so why not Zonelabs? I already dumped ZA. There are many other very good firewalls around and they don't have all the problems ZA has had as of late. Goobye to ZA and goodbye to all your problems. ;)
     
  5. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    There sure is a number of increasing number of paranoid people or conspiracy theorist here on Wilders, a far cry from the better days of the past.

    I'll quote Hoov's response on this "governement spying using ZA" theory

    http://castlecops.com/t145287-ZoneAlarm_6_0_quot_phones_home_quot.html
     
  6. AnonymousOne

    AnonymousOne Guest

    Get an older copy of ZA the last good working and stable and secure version was 4.5.
     
  7. devilish

    devilish Guest

    What's the big deal, just use your firewall to block it. :)
     
  8. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    Bug, what a load of old...... ;)

    I find it hard to believe that this coudn't be replicated yet so many people have complained about this problem.

    A pertinent question to ZA would be what exactly is sent out from a users PC? Verbatum. Not some spurious sales speak about needing to know about updates.

    Perhaps someone here knows how to intercept the data and post it here, word for word.
    That is the minimum required IMHO to allay peoples fears.
     
  9. Sigid

    Sigid Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    30
    Dear JJ -
    Good luck on that - let me know how that works out for you!
    I posted a similar request on the "official" ZA forums, and had the entire thread deleted within 2 hours. Not the sort of behavior that tends to allay any unfounded suspicions.
    I tend to agree with Hoov that the NSA could, if the wanted to, come up with far better ways to get info off the Internet, and that we would have no way of ever detecting it.
    However, if the NSA had the chance and were interested, why NOT take free advantage of a very popular (and financially self-supporting) means of gathering a large amount of data? For the record, I have no idea whether the NSA really cares about me or anybody I know :D
    I have decided not to continue to hound the members of the official ZA foum with this issue; I have sent a letter to the COO of ZoneLabs asking for precisely this information, and will share back with you all here if I should get any response.
    However, I don't expect any response. If ZA were willing to have the contents of the encrypted personal data stream that they are GETting from my personal machine made public, they would have done so by now so as to kill the sort of rumors and speculation that their otherwise unexplained behavior gives rise to! On the contrary, the fact that they continue to remain silent on this should be a legitimate concern to all ZL product users.
     
    Last edited: Jan 30, 2006
  10. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    Errr, isn't a message on the forum a word from ZA? I don't see where ZL kept silent.

    Zone Labs has worked with James Borck(the person who discovered the bug) on the issue as mentioned in the message and that was how Zone Labs determined there was a bug and could determine what the communication was used for. James Borck, I guess, has accepted Zone Labs response since he was working in together with ZL to determine which aspect of ZA had the bug. Otherwise he would be making more noise over it.

    If the NSA wanted to use a program (for incredibly strange reasons) to spy on people, they could have easily talked with developers of the most downloaded programs (such as the top 10 or 20 most downloaded software from CNet's Download.com). ZoneAlarm which is the most downloaded firewall only ranks 47 in the list which is substantially smaller than those in the top 10-20.

    And if you really feel that ZA is spying on you, than please submit the program to antispyware companies so that they can analyse and add it to their definitions. I don't know why I still haven't seen ZA being detected as spyware yet if people really think its spyware.

    P.S. Posts on the forums aren't deleted just because of wanting to discuss the topic. The gurus, contributors and me have 'talked' on the forum when ZL for releasing their ultra buggy ZA 5.0. There were many threads that were created on this issue too that were not deleted. Posts are usually deleted if they violated the forum terms of usage such as excessive use of vulgarities (I think people can be more civilized especially when that forum is being read by kids too), promoting competitor's products, starting a new thread on a topic that has already existed(which is probly your case, Sigid) etc. If you want to continue about the ZA spying on people issue on ZL's official forum, you can use this thread which has not been deleted:
    http://forum.zonelabs.org/zonelabs/board/message?board.id=security&message.id=14301#M14301
     
    Last edited: Jan 30, 2006
  11. <DreamCatcher>

    <DreamCatcher> Registered Member

    Joined:
    Jan 6, 2006
    Posts:
    154
    Please forget this post
     
    Last edited: Jan 30, 2006
  12. Sigid

    Sigid Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    30
    Dear Unhappy Viewer:
    As I have stated several times, the statement from ZA on the unofficial forum does NOT provide sufficient detail for me to be able to decide for myself what it is, exactly, ZA is GETting from my machine. You didn't address that point there and you are not addressing it here, either.

    The fact that James Borck has not (yet?) replied means nothing - "absence of evidence is not evidence of absence". Your statement in this regard has no meaning. I could just as (in)validly say that he has not yet been able to *prove* that the data stream contains inappropriate data items. (BTW, since the data stream is encrypted, how would he ever be able to pass any judgement as to its contents?)

    How this for an idea - ZA could tell James Borck (in confidence if need be) the content of the stream, and then JB could reassure us all in a follow up article that this was just an innocent misunderstanding. I don't see this happening either, but I'd be very glad to have ZL prove me wrong.

    As I already answered you on the ZA forum, I did NOT start a new thread - period. And there were absolutely no vulgarities of any kind (I don't stoop to that) nor was any competitor's product so much as mentioned. (BTW, other posts in that forum DO mention competing products, so this cannot be a valid issue.) So stop bringing up these red herrings, will you? You are clearly trying to distract attention away from the main issue with these non-sequiters.

    Face the facts - I posted to a thread which already existed on this topic *and* which pre-existed any statement from ZA, *and* which included concerns voiced by *other* members of the ZA forum. After the Form Moderator posted back that my request for details of the encrypted data stream "exceeded the scope of the original article from InfoWorld, and so would not be answered"(!?!), the entire thread was immediately locked against any further discussion and then two hours later was deleted - my stuff and also everyone else's. These are facts, UV, not opinions, and not speculations.

    I *never* brought up any issue of NSA - *YOU* did when you quoted the Guru Hoov posting on another forum. Was bringing up such an extreme interpretation merely an attempt to paint ZA critics as being "extreme" or "paranoid" - i.e., another attempt at a red herring on your part, rather than addressing the actual issue?

    And in view of the thunderous lack of specifics from ZA, I am still unable to determine whether I have any reasonable cause to believe that ZA is truly spyware - and that, UV, *IS* the whole point. The statement from ZL on the forum is a statement of their *intent*, and does not include any specific *content* to answer the actual issue of *what* data items they see fit to harvest from my machine.

    Can you offer any insight into this specific question, other than to suggest that I share your faith in the wisdom and benevolence of ZL?
     
  13. strange

    strange Guest

    A quote from ZA:

    "The actual communication in dispute is a simple encrypted GET file that is checking to see if the user’s security software is current. We will continue to work with Mr. Borck and anyone else who might have any concerns about this issue."

    This is actually very curious: they don't say "checking if ZA u are using is current". They talk about "security software". Means not necessarily ZA, but other soft u are using ??!! If you take literally what's being said, it's hardly a bug, there must be a delibarate action to do this.
     
  14. faceit

    faceit Guest

    Face it ZA is spyware. That's why I dumped it real fast too. ;)
     
  15. manzz

    manzz Registered Member

    Joined:
    Oct 6, 2005
    Posts:
    55
    For me, this is simple. An application firewall should give the the user full control over ALL applications on the PC. ZA allows "vsmon" uncontrollable / unlogged connections.
    If ZL wanted to put this to rest, they could simply allow the user to block all comms for "vsmon" from within ZA. (At this time, you cannot add "vsmon" to the app list in ZA).
     
  16. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    Vsmon.exe is the true vector engine of ZA. The very thing that analyses your connectiom to determine what is allowed in and what is not. If you block this, you will essentially have a non-working internet connection. You can stop all communications by hitting the big red "Stop" button in ZA.

    And to the people who say ZA is a spyware, please by all means sue ZA. AT &T just got sued for helping the NSA.
     
  17. <DreamCatcher>

    <DreamCatcher> Registered Member

    Joined:
    Jan 6, 2006
    Posts:
    154
    http://www.dslreports.com/forum/remark,15294155~start=20#end

    Hi,

    Ive been reading the info on the above link and this thread, and was wondering if people still think its worth installing the latest Pro version of ZoneAlarm firewall even though it may be spying and sending info back? I kinda like this version of ZoneAlarm, I admit its not the best out there, but it works well with my current security set up.

    DreamCatcher
     
  18. manzz

    manzz Registered Member

    Joined:
    Oct 6, 2005
    Posts:
    55
    I am sure it does not need to be allowed outbound internet connections to perform this. (just network access)
    o_O
    I actually dont believe ZA is spyware,..... I just think a firewall should give all control of internet connections to the user.
     
  19. manzz

    manzz Registered Member

    Joined:
    Oct 6, 2005
    Posts:
    55
    If you like it, use it.
    From the point of "spying on you"...I was testing the latest ZA for 6 weeks (I have 2 current licences) with all connections logged (external packet analyzer), I found nothing that would make me think that ZA was "spying".
     
  20. <DreamCatcher>

    <DreamCatcher> Registered Member

    Joined:
    Jan 6, 2006
    Posts:
    154

    Thanks for the info manzz, I've been trying it for about a week and hav'nt really seen any strange connections yet with any of the programs i use, but it does make you think twice about using ZoneAlarm inregards to some of the negeative stuff I have read.

    Cheers Mate.
     
  21. manzz

    manzz Registered Member

    Joined:
    Oct 6, 2005
    Posts:
    55
    Yes I agree,......but I think its more a case of the fact that the firewall can make outbound connections that is the problem.......I personally have no problems with ZA (apart from "vsmon" hard-code), and think its a good firewall, with good protection. But I think that of a number of firewalls,.......I have no favorite....

    Regards
     
  22. Natas

    Natas Registered Member

    Joined:
    Feb 26, 2006
    Posts:
    6
    First of all Unhappy_viewer works for ZoneLabs,he will never admit to it,but a good source from the ZoneLabs Forum has explained Unhappies responces to me and another user.Second Zonealarm has had this behavior even before the 6.0 release to the general public,often having rogue communication with its servers and a few other servers which belonged to Akamai.I honestly lost trust in ZoneLabs,for the reason that this has been discussed on their own forum,it has been reported to the beta team,that their program somehow makes communication with their servers even when specificly disabling all the communication points in the software.It took an article by InfoWorld to get an admission from ZoneLabs,if they wold have just admitted to it earlier on when the beta team was testing and when reports started to crop up in their own forum,then it would have given me more hope in them.

    I recommend anyone who has doubts about ZoneLabs motives of calling it a bug to switch their firewall,once you feel any thoughts of paranoia,they shouldnt stick with that firewall.
     
  23. ned kelly

    ned kelly Registered Member

    Joined:
    Sep 28, 2005
    Posts:
    14

    Actually Unhappy_viewer also works for the CIA as well, i also work with him and we have been planted to spread dissinformation about ZA, I am also watching you to Natas so be carefull.Have you noticed your phone has a clicking noise now Natas.....:ninja:
     
  24. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    It seems they finally fix the spurious communication issues....:eek:

    New and improved features in ZoneAlarm Internet Security Suite version 6.1.744.000

    Fixed - Service stability issue
    Fixed - Communicate with the centralized server issue
    Fixed - Overlapped text in support and update information
    Fixed - Anti-Spam installation issue
    Fixed - Various other bug fixes


    Fax
     
  25. feverfive

    feverfive Registered Member

    Joined:
    Jun 17, 2005
    Posts:
    121
    Or so they say.....:ninja:
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.