Zone Alarm is spying discussion ?

Just remind other users in case if they are not aware.

-----------------------------------------------------------------------
Zome Alarm is spying on you by phoning home (January 20, 2006):
http://www.spamdailynews.com/publish/ZoneAlarm_phones_home.asp
Also: http://www.infoworld.com/article/06/01/13/73792_03OPcringley_1.html

The issue is Zone Alarm has been caught phoning home, even when told not to. It is proved by InfoWorld Editor James Borck that Zone Alarm was suspiciously sending data back to four different servers for unknown reasons, despite disabling all of the communication options. The data are encrypted, so we couldn't know what kind of data was sending back to Zone Alarm.

In fact, this issue (phoning home without user authorization) has been rumoured long before the news. Some users reported this years ago but the company has kept silent about this until it was caught by proved by James Borck.

Users should reconsider whether they should still place trust on this company or continue using its products after the incident.

-----------------------------------------------------------------------
Discussion about Zome Alarm spying on another thread (including the extract of the official reply from Zone Alarm):
https://www.wilderssecurity.com/showthread.php?t=116345&page=2

Is Zone Alarm spying on you?

-----------------------------------------------------------------------
Other firewall alternatives:
See my signature!
See Also:
http://www.firewallleaktester.com/tests.php
https://www.wilderssecurity.com/showpost.php?p=837071&postcount=29 (Recommendations on paid and free firewalls)

 

Re: Why can't Zone Labs get it right?

in my knowledge the spying issue was solved when version 6.1 or something was launched and it has definetly been settled with new 6.5 version..

 

Re: Why can't Zone Labs get it right?

Yes, it should be unless there's another hidden spying which we don't know.

After all, done is done. Some people may not wish to use its product because of its suspicious spying history (even if the issue is resolved now, but the trust can't be regained just by this).

 

Re: Why can't Zone Labs get it right?

Wai Wai,

There was never any proof that ZA spies on people. All there ever was is people blatantly trying to spoil big companies' reputation (Symantec etc.) by spreading hoaxeszone. That was a bug in v6.1 and ZL has fixed that. They have even issued a press release detailing the features in ZA that you need to turn off if you do not want ZA to communicate with ZL's severs:
http://download.zonelabs.com/bin/free/pressReleases/2005/pr_22.html

If ZL is indeed spying on you, please feel free to send ZA to an antispyware company such as Webroot, Lavasoft etc. for analysis and post back back here when a company has added ZA into their definitions. People have the right to know if ZL is indeed spying on them and jump ship (I know I would definitely do so). I will patiently wait for a million years or so (maybe I'll cryogenically freze myself for such an occasion) for you to post back such a result. Until then, do not blatantly post rumors about any security products without proof. I am sure as a person who posts alot on Wilders, you'd should be more knowledgable than to believe in rumors.

 

Re: Why can't Zone Labs get it right?

Doesn't matter. What I try to do is to present the issues so other people can know more before they make their own judgement or purchase; nothing more, nothing less.
People should do their own due diligence based on the issues presented.

Spyware: Any software that covertly gathers user information through the user's Internet connection without his or her knowledge.

Phoning home is regarded as one kind of spying activities. If the data sent by the program is sensitive or user information without user acknowledge, it can be regarded as spyware.

Zone Alarm claims this is a "bug" which has occurred for years. But it is left to people to judge whether this is really a "bug" or "special feature" offered by Zone Alarm. Anyway, this "bug" has been present from about 4.5 up to 6.1! We can see its efficiency of bug fixing in this case.

Is Zone Alarm spying on you?

 

Re: Why can't Zone Labs get it right?

Since a rumor is unverified or unconfirmed information; wasn't there "proof" in the form of the InfoWorld article/investigation which proved there was communication going on that casual users were not aware was occurring? While it could be argued by ZA that they were not spying or collecting info. I believe the burdon of proof would lie with them proving they were not spying rather than the user having to prove they were. IMHO, a security company should do nothing that could be construed as deceitful or questionable.

How can it be considered a "bug" when ZA clearly states

and then they go on to tell you what to turn off to stop the communications. IF it were truely a "bug" they would undoubtably fix it. However, their message clearly states the communication is intentional for "ongoing updates". Their message is also clear that the communications with the central servers will continue for those people who choose to allow the "ongoing updates". So in light of that I don't think it can be called a "bug".

just my thoughts

 

Re: Why can't Zone Labs get it right?

The data is encrypted. It is hard for us to see what data is being sent.

Hipgnosis, did Zone Alarm explain what data exactly the program send to Zone Alarm? Why does it encrypt the data and constantly sending to their 4 different servers?

I couldn't find any detailed explanation about it.
Maybe they don't wish to explain at all.

That may be why Zone Alarm is reluctant to fix it until the "phoning home" message is widely spread to the public.

 

Re: Why can't Zone Labs get it right?

And how can I trust a site whose title is "spamdailynews"? Those "issues" have pretty much been unfounded.

Yes. But ZA has specified in their EULA that no personal information is collected. Only things such as programs listed in people's program list are sent to ZL 's servers if they opt to be part of the SpyNet community which helps ZL to quickly identify and analyse malicious programs so that appropriate advices can be posted on SmartDefence Advisor to help people decide to grant access or deny a suspicious behaviour.

Again if ZA is spyware, please feel free to submit to anti-spyware companies. They have the expertise to anyse such software as spyware and their if they say ZA is spyware, then I'd wholly agree with you.

Again what proof? Why have you not submitted v4.5 to 5.5 to anti-spyware companies for analysis? Why did it take so long until v6.0 was released for someone to then come out and say they found a bug (thats about 2 years)? You have got to have proof. Making allegations is not good enough without the proof.

James Brock(I think I may have got the name wrong) of Infoworld was the researcher who discovered the bug. He did that with the help of a packet sniffer and what he has determined was GET requests were made to ZL's update servers to check for updates to ZA, and not personal information being leaked to ZA. He has even worked with ZL to fix the issue. If a security researcher has not called ZA spyware, what gives normal users like use to call ZA spyware.

The defintion of a "bug" is when something does not function in what was supposed to be intended. In this case, the intended funtion was supposed to be "stop checking for updates when the specific option was switch off". The issue which was only present in ZA 6.0 and 6.1 has been fixed since v6.1.744.000. We have already been through this issue last year on Wilders and I think this has pretty much closed with people agreeing and accepting that this was a legit bug after they read through James' and ZL's report on the issue.

Again, no one is forcing anyone to use any particular software product but make sure that you can really support the issues which you brought up with real solid evidence. Prosecutors cannot put criminals on trials if they don't have that sort of evidence. If lets say a man is suspected for murdering his ex-girlfriend in her flat, you can't go to court with the evidence being that fingerprints were found all over his ex-girlfriend's home. Thats' not solid and suficient.

 

Re: Why can't Zone Labs get it right?

Ohh...!!! Really!!!

My goodness, I thought it could protect my pc from hackers and trojans. I was surprised that they themselves are also doing the hackers jobs, I mean, inside jobs.

How about other firewalls? I hope more intelligence reports should be reported here so that we could be more aware of those who are doing an inside job into our pc...

 

Re: Why can't Zone Labs get it right?

This surprised me too when I first discovered it myself (after hearing some rumours about the spying issue , not after the news came out).

There are plenty alternatives, paid and free.

See my signature. The firewalls I list are the good ones - Jetico(85.2), Look'n'Stop(74), Outpost(74)
See also: http://www.firewallleaktester.com/tests.php

I observe Norton Firewall is better after the event that it acquired Sygate firewall technology. The main purpose is to do with enterprise products (It combines Sygate's software for enforcing network security policies and securing endpoints, and make use of Sygate's universal network access control technology). Its firewall has passes more leaktests.
You may try Norton Personal Firewall which is for home users.

If you don't wish to pay for firewall, there are many free alternatives. Jetico Personal Firewall is a good one. It also stands out from others in the leaktest. However it is for intermediate or expert users.

List of firewalls:
=========================================================
# Jetico Personal Firewall *FREE* (for intermediate and advanced users):
www.jetico.com/index.htm#/jpfirewall.htm

# Outpost Personal Firewall (free and pro):
www.agnitum.com/download/outpost1.html (30-day trial pro version)
www.agnitum.com/products/outpostfree/download.php (*free* version)

# Look 'n' Stop (30-day trial. It turns into lite after trial is up. The lite has no application filtering):
www.looknstop.com/En/index2.htm

# Norton Personal Firewall (15-day trial):
www.symantec.com/home_homeoffice/products/overview.jsp?pcid=is&pvid=npf2006

# Private Firewall (4 versions; 1 is free):
www.privacyware.com/personal_firewall.html

# Sunbelt Kerio Personal Firewall (free and full version):
www.sunbelt-software.com/Kerio.cfm


Others (*FREE*):
=========================================================
# Firewall Builder (Free, Open source):
www.fwbuilder.org/

# AirSnare Freeware:
http://home.comcast.net/~jay.deboer/airsnare/

# GoldTach personal firewall download for free:
www.goldtach.com/firewall-download/firewall-download.htm

# SafeZone 3.0.0 Freeware:
www.softpedia.com/get/Security/Firewall/SafeZone.shtml
www.minutegroup.com/prodpg_safezone.htm

# Enigma Firewall (free scanner only):
www.enigmasoftwaregroup.com/products.shtml

# Xeon Personal Firewall (Free with ads):
www.econceptsoftware.com/xeon.html

# CHX-I Packet Filter and/or NAT:
www.idrci.net

# Secure Point Firewall and/or VPN Client:
www.securepoint.cc

# Soft Perfect Personal Firewall:
www.softperfect.com/products/firewall/

# Firewall 2004:
www.wyvernworks.com

# Filseclab Personal Firewall:
www.filseclab.com/eng/products/firewall.htm

# Primedius Personal Firewall Lite:
www.primedius.com/PersonalFirewall.htm

# Sphinx A-Wall:
www.sphinx-soft.com/firewall/programs.html

# FirePanel XP:
www.router19.org/Software.aspx

# Proxy+ (free version for 2 concurrent users, 3 mail users, 1MB of disk cache):
www.proxyplus.cz/

 

Re: Why can't Zone Labs get it right?

Not a true statement either. Norton Personal Firewall is still utilising the same firewall engine as it always has. It has not utilised Sygate Personal Firewall's engine yet even in their NPF 2007 product line.

Symantec is only using Sygate technologies for their enterprise products: products that are installed on company server machines.

 

Re: Why can't Zone Labs get it right?

Originally posted by Wai_wai

The Safezone (Minute Group) website is still active. However, the site has not been updated for several years and version listed is an old one. Oddly, CNET and Softpedia have a newer version listed (4.1) which appears to be a recent release.

The free version is not a firewall, but appears to be a HIPS program (dynamic security agent). The chart seems to imply that the security agent has a firewall, yet the description does not mention that.

http://www.privacyware.com/personal_firewall.html

 

Re: Why can't Zone Labs get it right?

Guilty unless they can prove they're innocent? Just how are they supposed to do that? How do you prove that you are not calling home, sending personal info, or anything similar? If ZA is or was doing this, it would be easy to prove. There's no way to prove they're not. They can't prove their innocence any more than you can prove that you're not trying to spy on my system or spam my mailbox. That's not an accusation, just an example of the impossibility of your statement.
I'm no ZA fan. I dropped their firewall back around version 3.1 for reliability issues. Tried several versions on a testbox since then and didn't like any of them, multiple reasons. IMO, ZA is not one of the better firewalls, but if it was actually spying, it would have been found long ago, and proof posted. Far too may talented people test firewalls on a regular basis for that to have gone unnoticed or unreported.
Rick

 

Re: Why can't Zone Labs get it right?

Ok, maybe I should have said "the burden of proof should lie with them". I don't think it's an impossible statement. My point of view was that if a security company (or any company for that matter) does something that raises the spector of impropriety, they should do everything in their power to remove that perception. I think anyone has a right to be suspicious when a program is calling home and the user doesn't understand why; and I believe it is up to the company in question to clarify exactly what they are doing. In this case, ZA said it was to get dynamic updates and they told the users this...and eventually fixed the issue.

Case closed, everything is right with the world and harmony reins throughout the universe.

 

Why is this 'non personal information' encrypted? Why would information requesting dynamic updates need to be encrypted and do other firewalls do this? If it's so essential and they don't-why not?
Have Zone Alarm ever given any examples of exactly what it is that's being communicated?
Until they do there will continue to be suspicion. If there is nothing to hide-firstly, why encrypt and secondly why not give exact examples of what is being sent?

Simple questions and easily answerable by Zone Alarm.

 

Re: Why can't Zone Labs get it right?

Thanks for the correction, and sorry for the ambiguity.

I observe Norton Firewall becomes better after the event of "Sygate acquisition" occurred. It has passed more leaktests. Not sure if there is anything to do with the Sygate Technolgies.

Symantec Acquires Endpoint-Security Company Sygate (August 16, 2005)

 

Re: Why can't Zone Labs get it right?

Thanks for the correction.

I couldn't access to its website. Is it just me?

I'm not too sure about this either.
The website does indicate it has a firewall in the comparison table.

 

Re: Why can't Zone Labs get it right?

In fact, it has been reported that Zone Alarm has been "spying" (or has some suspicious behaviour) before the news came out and spread widely. Some users complained this on its official forum. One said its thread was deleted about 2 hours after the thread created. Before the news, I think most people think the "spying" issue was just a rumour, and many of them have never heard of this "rumour" at all.

So James Borck is never the first person who discover this, but James Borck is the first person who successfully spread this issue (ie Zone Alarm is "spying") to the public, and this has successfully pressured Zone Alarm into resolving this issue.

However Zone Alarm has refused to admit it for a few months after the news came out. I don't understand why it took so long to identify this "bug" and admited the mistake. It also took a bit too long to fix this small "bug".

Now at least it is proved Zone Alarm always sent unknown encrypted data to its 4 servers, even it was told not to do so. It may be spying; it may be not. Who knows? (except Zone Alarm )

 

Originally posted by Wai_wai

I had no problems accessing the website. However, I do have a correction to my previous post. Softpedia lists version 3.0 which is outdated. CNET lists 4.1 which appears to be the most current. However, minutegroup.com still lists an evaluation version (3.0?).

http://www.minutegroup.com/prodpg_safezone.htm

I did notice that as well. Some did consider the program to provide outbound protection that the Windows XP firewall lacked so that it could be considered a partial firewall. I looked over the user guide and it doesn't allow you to block or open ports. Without this capability, I don't think this program is a firewall, in my opinion.