Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: ZoneAlarm phones home
From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Fri, 3 Feb 2006 19:10:20 -0000

Ivan . wrote:

observed 'spyware phoning home' but who are then completely unable
to give any details about the contents or destination of the packets
read the article again Dave, you'll find that he did provide the ip
address of the destination servers to Zonelaram


  There is NO ip address listed in Cringely's article whatsoever.

  The URL of the article (see post at the top of this thread) is
http://www.infoworld.com/article/06/01/13/73792_03OPcringley_1.html

  The single paragraph he wrote about ZA contains this text:

" A Perfect Spy? It seems that ZoneAlarm Security Suite has been phoning
home, even when told not to. Last fall, InfoWorld Senior Contributing Editor
James Borck discovered ZA 6.0 was surreptitiously sending encrypted data
back to four different servers, despite disabling all of the suite's
communications options. Zone Labs denied the flaw for nearly two months,
then eventually chalked it up to a "bug" in the software -- even though
instructions to contact the servers were set out in the program's XML code.
A company spokesmodel says a fix for the flaw will be coming soon and
worried users can get around the bug by modifying their Host file settings.
However, there's no truth to the rumor that the NSA used ZoneAlarm to spy on
U.S. citizens. "


  Now, show me which bit of that is an IP address, or admit you are 
bullshitting.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]