Full Disclosure mailing list archives
Re: Re: Re: ZoneAlarm phones home
From: "Ivan ." <ivanhec () gmail com>
Date: Mon, 6 Feb 2006 09:23:42 +1100
http://theinquirer.net/?article=29157
The company says it will fix the "bug" soon. In the meantime you can
work >around it by adding:
# Block access to ZoneLabs Server 127.0.0.1 zonelabs.com to your Windows host file.
On 2/4/06, Dave Korn <davek_throwaway () hotmail com> wrote:
Ivan . wrote:observed 'spyware phoning home' but who are then completely unable to give any details about the contents or destination of the packetsread the article again Dave, you'll find that he did provide the ip address of the destination servers to ZonelaramThere is NO ip address listed in Cringely's article whatsoever. The URL of the article (see post at the top of this thread) is http://www.infoworld.com/article/06/01/13/73792_03OPcringley_1.html The single paragraph he wrote about ZA contains this text: " A Perfect Spy? It seems that ZoneAlarm Security Suite has been phoning home, even when told not to. Last fall, InfoWorld Senior Contributing Editor James Borck discovered ZA 6.0 was surreptitiously sending encrypted data back to four different servers, despite disabling all of the suite's communications options. Zone Labs denied the flaw for nearly two months, then eventually chalked it up to a "bug" in the software -- even though instructions to contact the servers were set out in the program's XML code. A company spokesmodel says a fix for the flaw will be coming soon and worried users can get around the bug by modifying their Host file settings. However, there's no truth to the rumor that the NSA used ZoneAlarm to spy on U.S. citizens. " Now, show me which bit of that is an IP address, or admit you are bullshitting. cheers, DaveK -- Can't think of a witty .sigline today.... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Re: ZoneAlarm phones home Dave Korn (Feb 03)
- Re: Re: Re: ZoneAlarm phones home Ivan . (Feb 05)
- According to Ivan, the secret ZA phone-home server is located at 127.0.0.1 [was Re: Re: Re: ZoneAlarm phones home] Dave Korn (Feb 06)
- Re: According to Ivan, the secret ZA phone-home server is located at 127.0.0.1 [was Re: Re: Re: ZoneAlarm phones home] Frank Knobbe (Feb 06)
- Re: According to Ivan, the secret ZA phone-homeserver is located at 127.0.0.1 [was Re: Re: Re: ZoneAlarm phones home] Dave Korn (Feb 06)
- Re: Re: According to Ivan, the secret ZA phone-homeserver is located at 127.0.0.1 [was Re: Re: Re: ZoneAlarm phones home] Ivan . (Feb 06)
- RE: Re: According to Ivan, the secret ZA phone-homeserver is located at 127.0.0.1 [was Re: Re:Re: ZoneAlarm phones home] Greg (Feb 06)
- Re: Re: According to Ivan, the secret ZA phone-homeserver is located at 127.0.0.1 [was Re: Re:Re: ZoneAlarm phones home] Ivan . (Feb 06)
- Re: Re: According to Ivan, the secret ZA phone-homeserver is located at 127.0.0.1 [was Re: Re:Re: ZoneAlarm phones home] Ivan . (Feb 07)
- According to Ivan, the secret ZA phone-home server is located at 127.0.0.1 [was Re: Re: Re: ZoneAlarm phones home] Dave Korn (Feb 06)
- Re: Re: According to Ivan, the secret ZA phone-homeserver is located at 127.0.0.1 [was Re: Re:Re: ZoneAlarm phones home] Dave Korn (Feb 07)
- Re: Re: Re: According to Ivan, the secret ZA phone-homeserver is located at 127.0.0.1 [was Re: Re:Re: ZoneAlarm phones home] Ivan . (Feb 07)
- Cringely's FUD-spreading leads to broken workarounds being suggested Dave Korn (Feb 09)
- Re: Re: Re: ZoneAlarm phones home Ivan . (Feb 05)