Oh dear ! ...

  • Thread starter Thread starter RJK
  • Start date Start date
I don't actually use Zone Alarm but the feature you are talking about and
classing as spyware is well documented on their website and can be turned off.

From time to time programs need to talk to the company's server for certain
features to work, as soon as someone see's that the program is communicating
or sending data they scream and shout it's spyware, it's not spyware read the
following article on Zone Alarms website.

Link : http://download.zonelabs.com/bin/free/pressReleases/2005/pr_22.html

Andy W
 
Andy said:
I don't actually use Zone Alarm but the feature you are talking about and
classing as spyware is well documented on their website and can be turned off.

From time to time programs need to talk to the company's server for certain
features to work, as soon as someone see's that the program is communicating
or sending data they scream and shout it's spyware, it's not spyware read the
following article on Zone Alarms website.
Click to expand...

Yes, sadly this has become a common feature of many softwares. How do you
know what they're up to - you don't. I always switch off such spyware as soon
as I see it. If the programs "need to talk company's server for certain
features to work", then they can bloody well ask for permission first, and
then let the user see what is communicated.
 
With the amount of spyware/malware and virus infections as they are today, I
am glad that ZoneAlarm updates as frequently as it does. When I was using
Norton/Symantec products, I was always catching something. In the two years
I have been using ZoneAlarm Internet Security Suite I have had zero
problems. When new infections abound, I have seen ZA update 5-6 times a day.
Without constant talking back and forth to their servers, I may have been at
risk.

Let the communications continue!

--


Regards,

Richard Urban
Microsoft MVP Windows Shell/User

Quote from George Ankner:
If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!
 
After my, "careful and thorough read," and other re|Google|search I think
I'm heavily leaning back towards ZA.
It's the "consumer statistics/surfing habits/tracking" invasion of privacy
that REALLY sticks in my craw!
There's never anything in my PC that I wouldn't want anyone else to see, or
would be ashamed of, or would want hidden, other than personal details such
as credit card no. and bank details etc. ...tho bank account could be a
source of shame ! ...just kidding !

....it occurs to me that when large companies like ZA have acquired a vast
number of subscribers, they must be strongly tempted to sell on details of
their customer base - however sanitised, or stripped of individuals details
to filth like doubleclick - if that's the case.

regards, Richard
 
the first people that I saw use this "feature" was Microsoft in their
messenger software, this practice has become far too widespread for my
liking but luckily most of the reputable manufacturers have ways of
switching it off.

Jon
 
But there's a principle. Regardless of the oft heard pronouncements, of
nay-sayers who say there is no privacy etc. and the like .. and regardless
of the will to control of many governments and corporations, an individual
person does have the right to privacy. In the 'States it is vaguely
expressed on some censure against seizing a person's papers etc. etc. But
however it is expressed, you have the right to privacy and these companies
really have no business installing spyware on you. I'm not saying Zone Alarm
is spyware, I'm speaking generally.
 
RJK said:
After my, "careful and thorough read," and other re|Google|search I think
I'm heavily leaning back towards ZA.
It's the "consumer statistics/surfing habits/tracking" invasion of privacy
that REALLY sticks in my craw!
There's never anything in my PC that I wouldn't want anyone else to see, or
would be ashamed of, or would want hidden, other than personal details such
as credit card no. and bank details etc. ...tho bank account could be a
source of shame ! ...just kidding !

...it occurs to me that when large companies like ZA have acquired a vast
number of subscribers, they must be strongly tempted to sell on details of
their customer base - however sanitised, or stripped of individuals details
to filth like doubleclick - if that's the case.

regards, Richard
Click to expand...

I'm no fan of programs that automaticly dial out either, but it IS
prudent to be familiar with your source's reputation when you read
exposes like that. Some are quite accurate, but a few aren't. Zone Labs
has adopted a model of allowing the use of a reduced function free
version to advise users of the additional features of their paid version
and other security utilities. Reporting on the user's activities while
using the browser, mail client or other internet applications wouldn't
further their "security management" reputation. That doesn't rule out
such behaviour as much as makeing it unlikely.
 
I tried ZA and decided to go back to Sygate.
I figured that the way I set up the FW is to block ports from being accessed.
My machine has not grown any new ports. So the old Sygate should do it's job.
The only things I allow to access the net is IE and my AVG. And then they
are only allowed as clients.
One main thing is to not dissarm the pop-up alerts that something is trying
to access the net. If I get a pop-up? I go to Applications in Sygate and
block that program that is trying to access the net then go into it's advance
and clear all of it's access abilities.
If Sygate had a hidden "Phone Home" app. in it. It probly won't work, now,
since Sygate is not there anymore.
And updates?... What updates are needed for a firewall? It either blocks
traffic on specific ports or doesn't.
 
ZoneAlarm Professional does so much more than Sygate. The Internet Security
Suite does more yet. These extra program modules rely on the latest updated
information to do these extra chores accurately. So, the program
communicates with ZA periodically to see if there is anything new.

Even if you do NOT initiate the communication, ZA will "push" out updates to
you, after polling your system to see if you need them - or if you already
have them.

If that is considered spyware - I am glad to have it on my computer.

--


Regards,

Richard Urban
Microsoft MVP Windows Shell/User

Quote from George Ankner:
If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!
 
I don't disagree with what you've said.

But I *still* have reservations respecting its not notifying you of its
activities.

While I realize that this is in accord with the modern trend of
'black-box-ism' and the general problem of everything becoming rapidly too
complex to deal with, allowing *any* company free, unmonitored access is
equivalent to placing unquestioning trust in the idea that their interests
coincide with yours exactly, and that's a pretty shaky proposition.

But I must admit it is pragmatic--as long as you don't get burned, you're
*probably* safe. That may be as well as one can do in this age.

J
 
There's evidence which seems to show that it is, at least to some degree.
Certainly the statement that ZA continues to connect after ALL of the ZA
specified settings to stop this are turned off has been shown to be true. I
most likely wouldn't have objected to moderate local information necessary
to ZA operation being forwarded to them; however, ZA's lack of transparency
about this matter and apparent unwillingness to fully respond to concerns
about this was just too bothersome for me. I reverted to 4.5.495.000 in Dec
2004 after notifying ZA as to why I was doing so because of ZA's lack of
appropriate response to this issue (and for some other reasons having to do
with speed and bloat).

The simple solution for part of the issues raised on the cited page is to
add the following to your HOSTS file somewhere after the 127.0.0.1
localhost line:

#ZA Test
127.0.0.1 avu.zonelabs.com # 208.254.57.168, 208.254.57.174
(avu.zonelabs.com.edgesuite.net)
127.0.0.1 cm2.zonelabs.com # 208.185.174.65
127.0.0.1 hs2.zonelabs.com # 208.185.174.66
127.0.0.1 ls2.zonelabs.com # 208.185.174.67
127.0.0.1 pa2.zonelabs.com # 208.254.57.200, 208.254.57.200
(pa2.zonelabs.com.edgesuite.net)
127.0.0.1 ps2.zonelabs.com # 208.254.57.189, 208.254.57.191
(ps2.zonelabs.com.edgesuite.net)
127.0.0.1 update.zonelabs.com # 208.185.174.52
127.0.0.1 register.zonelabs.com # 208.185.174.51
#End of ZA Test


FWIW, this is what I do. In addition, I've added the IP's associated with
these URL's (see above) to ZA's Blocked IP's list in theFirewall|Zones tab,
but I'm not sure how effective this is. I've tested that this approach
appears to work for update.zonelabs.com when set on Manual and Check
for Update is clicked; however, I've no means of forcing an attempted
connection for the others in order to test them in this fashion. Thus, I've
continued use of the HOSTS file approach for blocking them (in this
particular case - I normally only use my HOSTS file for URL-to-IP
translation of my Favorites, and do Ad/Malware blocking with the Treewalk
local DNS client). You might want to modify this list to suit your
particular situation/needs (register, update, alert advisor functionality,
etc.), and the IP's should be rechecked every now-and-then. I have had
these entries in my HOSTS file in one form or another ever since reverting
to the previous 4.5.495 version without any evident problem. YMMV, of
course, and you're certainly free to chose how you handle the issue. Note
that this post doesn't address the dialup issue.
 
I don't mind the "automatic" stuff ....updates etc., and of course the
"security" offered by the various modules within the ZA suite, as with other
brands, is only as good as how up to date it's kept, so in that regard it
can do what it likes in my PC providing it always does it honourably. And
the more automatic it is - the better !

It was the reference to "harvesting" that got me going. I did notice,
(someone on this thread suggested that I may not have noticed it during
installation of ZA), the option to "share" my security settings, and I opted
out of that feature but, who knows what else the suite is harvesting behind
the scenes.

Now, I'm not for a moment suggesting that it would be doing anything
dishonourable but, should ZA ever become an very small part of a large
concern, (if it isn't already - i haven't looked into it), the pressures of
all that big money to be made by somone who can supply a vast amount of
"consumer statistics" from ZA's databases might weaken some honour in there
somewhere, ...if you see what I mean :-)

....so there it is, I'll just have to blindly trust it I suppose. I read
through ZA's statement of privacy, hyperlink posted by Cary Frisch MVP on
this thread, (I have read it before today), and whilst very calming and
soothing it still amounts to me having to allow them to do almost what they
like, when they like, in my PC ! Though, thinking about it, that's the
very nature of internet security software !

regards, Richard
 
ooops, I think I may have hit a "send" then by mistake...

....anyway, PRECISELY J and very well put, ...EXACTLY what I've been
stumbling around trying to say from the outset of this thread !

regards, Richard
 
RJK said:
I was falling in love with Zonalarm internet security suite, and then I
found:-
http://www.vtc.net/~cdgoldin/caveat/zap0719.htm

...the information here deserves a very careful and thorough read !

regards, Richard
Click to expand...

Richard, I looked into this not long ago, and here is the information I
came up with. I could never get a return contact from Checkpoint
(current owners of Zonealarm).

http://groups.google.com/group/micr...icrosoft.public&rnum=1&hl=en#01028344fc6cdaac

Or

http://tinyurl.com/jmjy3


HTH!
 
Back
Top