ZoneAlarm’s Sneaky Spyware Scare?

(See a more recent post on this for an update. ZoneAlarm no longer has this ‘feature’.)

I’m a big fan, and user, of ZoneAlarm firewalls. Their interface is clean, clear and I like the system tray icon which doubles as a traffic monitor. But sometimes they do things that don’t, in my view, help educate and simplify things for the ordinary user. After all, Internet security is already baffling enough.

I use the free version of ZoneAlarm firewall and usually it works fine and unobtrusively. But just now I got a popup window like this:


At first glance it looks like an ordinary update reminder, which would be fine. But it’s not. It seems to suggest, to the casual user, that something bad is happening to your computer. To the more experienced user it looks like one of those naff anti-spyware ads that appear on websites with a faux Windows-dialog suggesting you’re infected with spyware. (Notice there’s no option along the lines of ‘Never remind or show me this popup again. I have enough on my plate, thanks.’)

Click on ‘update now’ and you’re taken, surprise surprise, to a ZoneAlarm promotions page. To be fair to ZoneAlarm, if you’re running IE a scan will kick in (it won’t if you’re using Opera, Netscape or Mozilla as it’s an ActiveX application). Once spyware is detected, it’s not quite clear what you’re supposed to do next. Click on a ‘Remove Spyware Now’ link and you’re faced with a pop-up link pitching a ‘featured bundle’ of ZoneAlarm Internet Security Suite and TurboBackup for $50. Click on a red button marked ‘REMOVE SPYWARE with ZoneAlarm’ and you’re taken to the same pop-up (Yes, they seem to somehow get around the builtin IE popup blocker.) As far as I can see there is no other way to remove the alleged spyware.

This is all, I believe, part of ZoneAlarm’s new product,  ZoneAlarm Anti-Spyware, which it launched recently. I just wish that ZoneAlarm, which I’ve had quarrels with before, didn’t stoop to such befuddling scare tactics to tout a new product.  

A Way To Stop The Keyloggers?

Here’s a program that may help you if you worried about the recent spate of viruses and phishing tricks that focus on keylogging — small, often invisible, programs that secretly capture what you type, especially when you’re entering passwords .

System Mechanic 4, a collection of software tools from iolo technologies, includes parasite-fighting tool called SpyHunter(TM) which “seeks and destroys annoying and dangerous spyware, malware, adware, and other notorious malevolent applications, plug-ins and ActiveX controls that fly under the radar of antivirus solutions”.

SpyHunter also “protect users from keyloggers”, although the press release I got doesn’t say how. I will check out the software and get back to you.

System Mechanic 4 Professional includes Panda Antivirus Platinum 7.0 antivirus and firewall, System Shield, Search and Recover, and DriveScrubber. There’s also a Popup Stopper tool, a disk defragmenter and something called NetBooster, which claims to speed up Internet connections by up to 300%. The whole kaboodle costs $70.

News: Browsers Hit A Legal Minefield

 From the This Could Change Everything Or Mean Nothing Dept come reports that Microsoft (and presumably others) may have to redesign their web browsers after a US court found that Internet Explorer infringes another company’s software patent. The BBC reports that the World Wide Web Consortium, the body responsible for web standards, also released a statement saying that Microsoft “will very soon be making changes to its Internet Explorer browser software in response to this ruling.” The patent concerned describes a way of “automatically invoking [an] external application” and “providing interaction and display of embedded objects” inside a “hypermedia document”.
It’s not easy to figure out what happens next. Like all software patents, the BBC says, it is written in a complex legalistic style which makes it hard to determine just what it covers. However there is a general consensus within the web community that it would include clicking on a link to load a Flash movie or a video player, controlling an external application through a web interface and downloading and running programs inside a web page.
This means that core web technologies, including plugins for multimedia websites, Java applets, and even Microsoft’s own ActiveX controls, will be affected. Ouch.

Update: Protecting Your Castle

 Further to my column this week about protecting your computer in the Far Eastern Economic Review, (subscription required), here as promised is the full email from Brian Johnson of Centerbeam. It’s an excellent primer.
Jeremy, thanks for the invitation to send you something about protecting computers viruses, worms and other exploits.  I?I’ve spent some time with the engineers here and have come up with a checklist of the steps people can, and should, take to protect their computers. 
So, maybe the best way to describe the overall strategy of protecting your computer is to ask you if you saw Lord of the Rings: The Two Towers.  If you did, you?you’ll certainly recall the siege on Helm?Helm’s Deep, the ancient fortress of Rohan.  The castle was built with several nested layers of defense.  When the Orcs broke through one layer, the army inside fell back behind the next layer of defense.
And this is the best approach to computer security and protection:  Build several layers of defense so that, even if one layer is compromised, another layer is there to protect you. 
Layer One:  Stop Problems Before They Reach Your Computer
       Turn off Your Computer When You Aren’t Using It
It?Helm’s very tempting these days to leave your computer on and attached to your always-on broadband connection.  Don?Don’t.  Turn off your computer when you leave your home.  Quite simply put, if your computer is off, it can?Don’t be hacked.
       Disposable Email Addresses
When doing commerce on the net, use a one-use, disposable email addresses.  This cuts down on spam, and especially spam that might carry a virus or worm with it. is a good source of these addresses.
       Use A Firewall
Windows XP has a built-in firewall, but if you aren’t?Don’t on XP, or want an additional layer of protection to stop threat from ever reaching your computer in the first place, then try ZoneAlarm. 
       Turn Off Remote Services
Go to Start -> Settings -> Control Panel -> System -> Remote and turn off the remote assistance and remote desktop.  This will help prevent someone from hijacking your computer.
       Scan Your System for Vulnerabilities
Microsoft provides a free security tool called the Microsoft Baseline Security Analyzer, it can be used identify vulnerabilities, and how to fix them, quickly.  There are also a number of 3rd party security scanners available.
These five practices will help prevent viruses and worms from ever reaching you.
Layer Two: Immediately Identify and Stop A Risk When It Arrives At Your Computer
       Virus Protection
If an exploit makes it past your firewall, there?Helm’s still a way to stop it.  By now, hopefully, everyone has some sort of virus protection program installed on their computer.  If not, invest in a high-quality program such as the one offered by McAfee.  But do remember one thing, virus protection programs tend to look for the threats it knows to look for.  McAfee is constantly looking for new threats and regularly sends out updates.  Be sure to set up your virus program to automatically check for updates otherwise new exploits will not be caught.
Layer Three: Don?Don’t Allow Exploits to Work
If an exploit makes it past your firewall and your virus protection program, there?Helm’s still another level of defense:  Don?Don’t knowing allow the exploit to work.
       Get Your System Patches Up-To-Date
The easiest way to do this on a Windows XP system is to go to the System Update control panel and make sure this function is turned on and that it is checking daily for new updates.
       Turn Off Unused Services
If you do not need a particular service, (like File and Print sharing, etc.), disable them.
Disable Java, JavaScript and ActiveX if possible.  (Internet Explorer -> Tools -> Advanced)
       Don?Don’t Open Unknown Email Attachments
Pay attention to the email that hits your inbox- and don?Don’t click on it as soon as you receive it.  Don?Don’t open suspicious attachments (especially with file extensions such as .vbs, …exe, …bat, .wsh) and get in the habit of first saving all attachments, scanning them with anti-virus program before you execute them.
Layer Four: Find Out When Things Go Wrong
       Install An Alarm
Remember, many security measures depend on advance knowledge of what does and does not constitute a threat.  A finally line of defense is to set an alarm that will let you know when damage is done. 
A company called Tripwire makes a product that constantly monitors the critical system files on your computer and alerts you when they?they’ve been changed.  The idea here is two-fold:  It is the last perimeter of defense as it does let you know that something has made it past all the others and has started wrecking havoc. It also identifies the damage so you know what to repair. 
Layer Five: Be Able to Escape
       Boot Disk
The current exploit that?Helm’s on the loose has been known to complete crash a system so that it can?Don’t even be booted.  This is a reminder that it?Helm’s a good idea to create a boot disk, something you can boot the system with and at least recover your undamaged files.  To make one, right-click on your floppy drive and follow instructions.
It?Helm’s always a good idea and one more honored in the breech than in the observance ? like flossing.  Traditional back-ups onto removable media are time and task intensive.  And most people don?Don’t follow through on this best practice by keeping their back-ups someplace other than next to their computer.  A very good alternative is to do on-line back-up through a service like Connected.  This makes the process easy and, your data is someplace secure. 
Finally, resign yourself to the fact taking these steps are part of the price we pay for the convenience of personal computing.  In this day and age, it is inevitable that your system will come under attack.  So, you can pay the price now, or someday regret that you didn’t?Don’t.
Thanks, Brain.