ZoneLabs Won't Fix Hole In Free Firewall

from the if-it's-free,-you-should-suffer-through dept

ZoneLabs provides the most popular "free" firewall product out there. It seems to be the standard product that people recommend, but now that a security vulnerability has been found, ZoneLabs only response is that people should upgrade to the paid-for version. They won't fix the free version, because it would be too much trouble, and they don't think the security hole is that big (basically begging hackers to exploit the hole). I can understand not adding new features to a free version, but leaving open a known exploit for a security product doesn't seem too smart. It wouldn't make me that comfortable using either version. If I were a competing company like Kerio (which also offers a similar free-for-home-use personal firewall), I'd be out there promoting how my solution was more secure than the market leader's.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    CHIA GARCIA, 2 Jul 2003 @ 8:54am

    No Subject Given

    Zone Alarm used to be a freeware product. Then they started messing with lite and full editions. I stopped using their products then. When I upgraded my zone alarm to find that half of the features in the free version were disabled. I was pissed! Why should I bother with a company that pulls this kind of crap???

    link to this | view in thread ]

  2. identicon
    Aaron Anderson, 2 Jul 2003 @ 9:30am

    Is there some evidence that Kerio is not vulnerabl

    Quote from the ExtremeTech article: "... since the vulnerability was tied to Windows, the vulnerability would also affect other firewall manufacturers and not just ZoneAlarm."

    I searched Kerio's website for some mention of the ShellExecute vulnerabilty and they make no reference to it. Similarly a few simple Google searches yeilded no results.

    I'm not sure if this problem warrants everybody picking on only ZoneAlarm just yet.

    link to this | view in thread ]

  3. identicon
    bob, 2 Jul 2003 @ 2:17pm

    Re: Is there some evidence that Kerio is not vulne

    eeerm, if it WASNT just zonealarm and was a windows problem

    1: why would the 'pro' paid for version of zonealarm not have the problem
    2: why would they be telling people to upgrade to the paid for version

    link to this | view in thread ]

  4. identicon
    CraweN, 2 Jul 2003 @ 3:49pm

    No Subject Given

    Read the Article on ExtremeTech. It is a problem in windows as stated previously and of course if it takes to many resources(money) to fix versus how hard it is getting the hack to work, i fell he's right. why fix it! Would be a great advertisement fixing it though.

    link to this | view in thread ]

  5. identicon
    Vigil, 3 Jul 2003 @ 5:47am

    Re: Is there some evidence that Kerio is not vulne

    Whether it is a Zonealarm specific bug is neither here nor there. The fact remains that they are using the threat of this bug to virtually blackmail people. Either pay them money or be vulnerable. Or use someone else's product.

    link to this | view in thread ]

  6. identicon
    gravy, 3 Jul 2003 @ 12:04pm

    Re: Is there some evidence that Kerio is not vulne

    OR......you can go get emule plus and go to www.sharereactor.com and look under the software category for a ed2k link to the full pro version.

    you get what Zone Labs says you should to fix it and you don't have to pay for it. HA!

    link to this | view in thread ]

  7. identicon
    kenzo, 18 Aug 2003 @ 8:42pm

    Re: zonealarm freeware features disabled

    I worked there when this decision was made by sales/marketing. It was a conscious marketing ploy to try and trick/force people to have to buy the full version after they thought they were doing an update to the free version...

    link to this | view in thread ]

  8. identicon
    Ivan Barnes, 4 Feb 2004 @ 5:26pm

    ZZZoneLabs

    What is free ? Ever tried 3.7 version

    link to this | view in thread ]

  9. identicon
    gootoo, 20 Jan 2007 @ 8:16am

    Re: Re: Is there some evidence that Kerio is not v

    is emule pro free? if it is, on on my way mate!!

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.