"I still use ZoneAlarm. With all the updates and new versions I assumed they addressed the issues that TooLeaky and Firehole exposed, they didn't."
keep in mind that in order for tooleaky to work, a user has to willingly download their executable. how covert is that?
and to the best of my knowledge, steve gibson is no longer giving credibility to this "test". the zonelabs forum has a few posts that allude to gibson and the tooleaky author having a difference of opinion and falling out some time ago.
ultimately i think people are going to believe what they want to believe, and an awful lot of people think this tooleaky thing is rubbish.
one other note, i do believe that the paid version of zonealarm allows for tighter security settings for just this sort of thing. and i also belive that program checksums are always being compared so that if something tries getting through by posing as, say, IE, and it isn't, the firewall will alert the user.
my feeling is that if this tooleaky had real merit, the entire security community (not just a few rabid followers) would be denouncing zonealarm as a worthless piece of junk.
but that's not the case. zonealarm enjoys a very good reputation among all IT professionals and security people. you have to ask yourself, if there was merit to tooleaky, and the method of exploitation has been around for two years, wouldn't we all have been hearing stories of major firewall breaches and msblast-type attacks that defeated zonealarm?
jmo |
