In news just in, a new security breach has been discovered which is not caused by a worm or virus but by your own trusted guardian the firewall, specifically the Zone Alarm 6.0.
This shocking revelation was made by one Mr.Robert Cringley and was discovered by his colleague James working at Infoworld before two months.
Zone alarm was acquired by checkpoint an Israeli company in 2004.
This news would have ramifications world wide as the application's you trust to keep your system safe from prying eyes are themselves acting like a mole.
What is worse is that the company failed to acknowledge the problem when it was notified before two months and kept on branding it as a bug even though the list of servers were hardcoded into it.
If the retail version of Zone Alarm 6.0 can behave surreptitiously then what should we expect from the free version is anybody's guess.
How it works :
Zone alarm sneakily sends off encrypted data back, to four different servers. The instructions to contact the servers are set out in the program’s XML code.
Workaround :
A company spokesmodel says a fix for the flaw will be coming soon. In the meantime TechEnclave users can do the following -
Edit your windows hosts file to add following lines of code :
# blocking zone alarm from spying
127.0.0.1 zonelabs.com
Hosts file is located at :
Windows 95/98/Me x:\windows\hosts
Windows NT/2000/XP Pro x:\winnt\system32\drivers\etc\hosts
Windows XP Home x:\windows\system32\drivers\etc\hosts
where x: is the place where your os is installed
This shocking revelation was made by one Mr.Robert Cringley and was discovered by his colleague James working at Infoworld before two months.
Zone alarm was acquired by checkpoint an Israeli company in 2004.
This news would have ramifications world wide as the application's you trust to keep your system safe from prying eyes are themselves acting like a mole.
What is worse is that the company failed to acknowledge the problem when it was notified before two months and kept on branding it as a bug even though the list of servers were hardcoded into it.
If the retail version of Zone Alarm 6.0 can behave surreptitiously then what should we expect from the free version is anybody's guess.
How it works :
Zone alarm sneakily sends off encrypted data back, to four different servers. The instructions to contact the servers are set out in the program’s XML code.
Workaround :
A company spokesmodel says a fix for the flaw will be coming soon. In the meantime TechEnclave users can do the following -
Edit your windows hosts file to add following lines of code :
# blocking zone alarm from spying
127.0.0.1 zonelabs.com
Hosts file is located at :
Windows 95/98/Me x:\windows\hosts
Windows NT/2000/XP Pro x:\winnt\system32\drivers\etc\hosts
Windows XP Home x:\windows\system32\drivers\etc\hosts
where x: is the place where your os is installed