ZoneAlarm Employs Scare Tactics Against Its Users 216
snydeq writes "Check Point Software appears to be ripping a page from the 'scum it claims to fight,' running a scare-tactic warning dialog to frighten users into upgrading to a paid version of the company's ZoneAlarm firewall product. Preying on fears of ZeuS.Zbot, the Check Point warning dialog tells users their PCs 'may be in danger' without having found ZeuS.Zbot, nor having checked to see whether you're running an antivirus product. 'The program doesn't care if you're infected with ZeuS.Zbot, or if you have protection in place. It just wants to sell you an upgrade to the firewall that may or may not detect future ZeuS.Zbot variants' activities — some day.' Check Point's customers have inundated the ZoneAlarm forums with complaints."
ZoneAlarm was backdoored, right? (Score:4, Interesting)
Re:Summary is correct (Score:4, Interesting)
Yeah, I ditched Zone Alarm for Comodo some time ago after ZA got bought out by Checkpoint. I think it was that the newer post-buy-out versions of the software kept re-ckecking the "automatic updates" option in the preferences and kept giving itself permission to access the internet, despite me explicitly blocking it. Several instances of this and I thought, 'crikey, the new owners are a bit dodgy' and jumped ship to Comodo.
Can't say I'm surprised to see them plumet down the 'sacrifice integrity to serve our bottom line' route. (That's also why I ditched AVG).
Re:Trusted (Score:1, Interesting)
When I got a drive-by download of the usual TrustMeI'mTotallyAnAntiVirusProgram 2010, my firewall caught it trying to phone home. My anti-virus didn't even get a chance to alert me because I got to work exorcising my computer immediately after blocking its outbound connection.
I've since moved to an OS where I don't have to jump through hoops to make sure I'm not running as Admin all the time. Before you jump to any conclusions, I mean Windows 7, though I do run Linux on my media PC.
Re:Inundated? (Score:3, Interesting)
They're also editing people's posts under their "terms of use" policy. Mostly it's removing the names of other firewall products, but there's a couple by the main editor "GeorgeV" with no indication of why the edit was made or any placemarker to show where it was made.
Ah, and there's also some posts which have entirely disappeared. Since the unique post ID is common to the entire forum it's hard to detect, and the #x post counter on the right is dynamically generated when the thread is displayed. I did see one post disappear, and then the user re-posted. Here's the details of the new post, which I expect to disappear as well.
http://forums.zonealarm.com/showpost.php?p=283543&postcount=40 [zonealarm.com]
Attack command redacted because I'm nice
Whoops, that post's gone, too.
Way to go Checkpoint, with one twitch of your marketing neuron you've alienated your loyal users and enraged the script kiddies.
Re:See ya ZA (Score:3, Interesting)
I stopped recommending ZA a few years back, when they had that stream of critical vulnerabilities. Only recently had I thought about adding them back into the recommendations list since I hadn't seen many major problems in a while. This knocks them back off the list for a couple more years at least.
Re:ZoneAlarm was backdoored, right? (Score:4, Interesting)
Googling for "car colour theft", one of the top hits is an article suggesting painting your car pink [nytimes.com]. Not sure if the cure is worse than the disease, but that's your call to make for your own situation.