Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Is your firewall spying on you? [Zone Alarm gets rumbled]
theinquirer.net ^ | Sunday 22 January 2006 | Paul Hales

Posted on 01/22/2006 11:09:42 AM PST by B4Ranch

Is your firewall spying on you?

Zone Alarm gets rumbled

By Paul Hales, in Jerusalem: Sunday 22 January 2006, 12:39

IT’S OBVIOUS, REALLY, that the best way of penetrating users' PCs to see what they get up to online would be to become a Firewall maker. Like, when I wanted a Firewall and was too tight to pay for one, I turned to Checkpoint’s little freebie Zone Alarm. It sits there between you and the Internet and lets you know when someone’s trying to sneak in through your backdoor or when a program you’re running tries to connect to the Web for no apparent reason. When you’re as techie as me – not very – you just have to trust it.

Of course, Checkpoint’s an Israeli company and as a foreign journalist working in Israel you know the hyperactive security services here would like to keep tabs on you. And you know that they do. It has been confirmed to me by a security sources here that mobile phone conversations I have had have been listened to – and in circumstances which I won’t reveal, the contents of a call I have been involved in have actually been relayed back to me.

It’s part of the game – like the airport interrogation, or the surreptitious copying of your notepad while you’re off having a body search. You know what goes on but you have a job to do and just get on with it – hoping that what you get up to in the legitimate pursuit of your business won’t upset anyone to the extent that they’ll come break your door down and cart you off somewhere.

Now, the handsomely-named Mr Cringely has revealed that a colleague of his at Infoworld noticed that Zone Alarm 6.0 was sneakily sending off data to four different servers. Cringely says that Zone Labs (acquired by Checkpoint in March of 2004) at first denied the activity for a couple of months before deciding the software had a "bug" even though, as he points out, "the instructions to contact the servers were set out in the program’s XML code."

The company says it will fix the "bug" soon. In the meantime you can work around it by adding: # Block access to ZoneLabs Server 127.0.0.1 zonelabs.com to your Windows host file.

The "bug" seems to be present in the retail version of Zone Alarm, so there’s no telling what the freebie gets up to. We called Checkpoint here in Israel to find out, but were referred to a US spokeszoner. Trouble is they’ll all be in bed there on this sunny Sunday morning. µ


TOPICS: News/Current Events
KEYWORDS: computers; firewall; lowqualitycrap; malware; pc; privacy; spyware; zonealarm
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-72 last
To: StarCMC; GummyIII

I don't use ZoneAlarm. I had other problems with it a couple of years ago on several customers' computers not related to this issue. Of course, ZoneAlarm has to contact the server IF you have it set to check for ZoneAlarm updates so this guy might be all wet.


61 posted on 01/22/2006 6:34:16 PM PST by El Gran Salseron (The FR Canteen's Resident Equal Opportunity Male Chauvinist Pig)
[ Post Reply | Private Reply | To 5 | View Replies]

To: oolatec

"Software firewalls suck. Nothing can beat hardware."

There's no difference.

What do you think that is, running on the dedicated hardware?


62 posted on 01/22/2006 7:07:32 PM PST by adam_az (It's the border, stupid!)
[ Post Reply | Private Reply | To 2 | View Replies]

To: TommyDale
127.0.0.1

Internal loopback IP... sometimes called internal host... used by programs (such as firewalls, proxie servers, and virus checkers among others) to hook into the data stream. (For a more detailed explanation, better find a professional techie, I'm only a wanna-be that keeps my own internal network running...)

63 posted on 01/22/2006 8:08:43 PM PST by NoCmpromiz (John 14:6 is a non-pluralistic comment.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: palmer
I build all my firewalls out of 7400 Quad NANDs.

Using plenty of cyanoacrilate, no doubt....

64 posted on 01/22/2006 8:12:25 PM PST by NoCmpromiz (John 14:6 is a non-pluralistic comment.)
[ Post Reply | Private Reply | To 15 | View Replies]

To: B4Ranch

This guy just drips paranoia. Why do I care what Israel thinks I am doing?


65 posted on 01/22/2006 8:16:24 PM PST by Tall_Texan (TEXAS LONGHORNS - 2005 NATIONAL CHAMPIONS!!!!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: B4Ranch

The news is also all over Usenet that Checkpoint is spying through Zone Alarm. I do not use Zone Alarm.


66 posted on 01/22/2006 8:17:47 PM PST by TheBrotherhood
[ Post Reply | Private Reply | To 1 | View Replies]

To: B4Ranch

I think it's great.
No problem with the install.
One program install from the command line (Automatix (Automated GUI installation script) and then Automatix will install just about anything else you will need.


67 posted on 01/22/2006 8:26:04 PM PST by philetus (What goes around comes around)
[ Post Reply | Private Reply | To 39 | View Replies]

To: adam_az

Well there is a difference, first the 'software' on a hardware router is embedded and can only be changed by flashing the eeprom. 2nd, it is independent of the OS and even the pc bios, which also makes its response time much faster. Most important though, is that a hardware firewall stops incoming before it reaches the pc unlike software that runs under the OS.


68 posted on 01/22/2006 8:30:26 PM PST by SeaBiscuit (God Bless all who defend America and Friends, the rest can go to hell.)
[ Post Reply | Private Reply | To 62 | View Replies]

To: SeaBiscuit

Thanks for the info, Seabiscuit. I've been using ZA for a long time but notice performance declines sometimes and it seems to interfere with other software. I checked out KPF and wonder how you downloaded it? What do you recommend? I'd love to try a different firewall for awhile and see if performance improves. I bought a used laptop by Gateway and have ZA free installed. Would you recommend KPF for a laptop?


69 posted on 01/22/2006 10:42:06 PM PST by The Westerner
[ Post Reply | Private Reply | To 57 | View Replies]

To: SeaBiscuit

"Well there is a difference, first the 'software' on a hardware router is embedded and can only be changed by flashing the eeprom.

These days many devices use nvram, not eeprom. Either way, it's still vulnerable to exploits. I found a bug on an old "hardware" wireless router which left tftp enabled on the internal interface... If you connected and did a tftp get for the conf file filename (which I retrieved from the eeprom update zip file) you could get it... and the plaintext unencrypted password for the web interface, too.

"2nd, it is independent of the OS and even the pc bios, which also makes its response time much faster."

Have you been inside many appliances? Most "enterprise" firewalls are dedicated devices using common mobo and chipset, either Intel x86 or ARM or something similar. Many consumer devices run a Linux or BSD based or similar commercial kernel. Many commercial firewalls such as Checkpoint can run on a standard UNIX box, such as Solaris Linux or FreeBSD. In fact, the Nokia Checkpoint boxes are really just stripped down FreeBSD with nice network hardware built in and avalable as cards.

The latency isn't necessarily much better. In fact, puter clock times and responses are measured in ns... Internet latency is measured by ms.

"Most important though, is that a hardware firewall stops incoming before it reaches the pc unlike software that runs under the OS."

This is really the only valid point.


2nd, it is independent of the OS and even the pc bios, which also makes its response time much faster. Most important though, is that a hardware firewall stops incoming before it reaches the pc unlike software that runs under the OS."

Well, the desktop firewall software recieves the packet before anything else - that's how it works.


70 posted on 01/23/2006 6:12:07 AM PST by adam_az (It's the border, stupid!)
[ Post Reply | Private Reply | To 68 | View Replies]

To: Trout-Mouth

I put AOL on the bottom and used Mircrosoft Internet Explorer and everything seemed to work fine. I've down loaded a lot since then and I don't understand why AOL wants to protect me from everthing or they only want me to use their stuff. I can't explain why though I'm very happy with the results. Good luck and I hope this will be of some help.


71 posted on 01/23/2006 3:47:59 PM PST by JOE43270 (JOE43270, God Bless America and All Who Have and Will Defend Her.)
[ Post Reply | Private Reply | To 51 | View Replies]

To: Roses0508

I have used a lot of firewalls with Zone Alarm being the most invasive.I used it up to when they upgraded and it slowed down my Pc so I then went with Sygate which has worked good for Me.I have known people to have their registry hosed by Zone Alarm.It happened to Me while working on a few Pc's that had Windows 98Se on them.

When uninstalling it would take a .dll file with it causing a no Cd rom support.There is a fix for it on Zone Alarm's site.

I use a Hardware Firewall plys the Software one and noone has came close to getting in.

The best way to keep hackers out is by using a old Pc something like Intel 66 mhz Cpu,16 megs of memory and you don't even need a harddrive.This drives Hackers up a wall when they can't download software to sniff your packets.

Hackers are lazy and most don't know what they are doing they download software that a hacker that does know how to exploit a Pc and sniff out Ip Address plus they are looking for what version of Windows you are running.The one's that are amatuers are called Script Kitty's because they are young and inexpierenced and rely on software sniffing software to get into your Pc.

There is software that hackers used called Snort that lets them sniff packets for info like your Mac Address and info you are sending.

I am all for prosecuting anyone caught doing this and have a first time offense of 5 years in the Prison House then see if they want to do it again.

The System is doing nothing to curtail them right now and it is the same as breaking into someone's Home or Vehicle.

I wish they would do the same with all the Spam/Malware/Viruses/ right now we are paying for the bandwidth they are using which is a lot.I am for ISP's being held accountable of letting them get through their Servers to us.Nothing is more offensive than the Porn and language they send you by stealing your e-mail address.

Fine them and give them a jail sentence.I believe that to use a PC one should have to take a course and be Certified to use Internet and mail.I don't mean a expensive hard test just a test to let them know that it is a fine and wrong to hack.If someone defrauds the Postal service they go after them.I see what they do with e-mail as no different.


72 posted on 01/25/2006 3:36:56 PM PST by tparker
[ Post Reply | Private Reply | To 21 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-72 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson