Network News

X My Profile
View More Activity

ZoneAlarm gives people a new reason to hate security software

You've probably seen this before: An alarming pop-up alert warns you that "Your PC may be in danger!" and concludes with an all-caps prompt: "GET PROTECTION."

But in this case, the pop-up wasn't a "scareware" scam launched to frighten Windows users into installing Trojan horse malware. It came from CheckPoint Software Technologies, publishers of the ZoneAlarm line of security programs. CheckPoint evidently thought it was helping users of its free ZoneAlarm firewall by letting them know (correctly) that the program, by itself, would not stop a new, rapidly spreading Windows virus.

ZoneAlarm firewall users were not amused by the sales pitch and let the company know it; two days ago, the company backed down. A post on its blog said the company had turned off the pop-up, which it never intended "to lead customers to believe they have a virus on their computer."

Sadly, I can't say I was surprised to learn about this. Commercial security-software vendors have a history of making a nuisance of themselves. At best, they simply bug the user with reminders of what a great job they're doing, and at worst you have things like ZoneAlarm's alarmist pop-up--which isn't the first time the company has resorted to pushy marketing on a user's desktop.

(Correction: At worst you have toxic interactions that cut you off from your own legitimate Internet applications. After hearing about enough of these problems from my brother after he installed ZoneAlarm's firewall several years ago, I stopped recommending that program.)

Last fall, I heartily recommended the free-for-personal-use Microsoft Security Essentials for its unobtrusive, nag-free operation. MSE's strong performance in independent tests since then has given me no reason to doubt my initial thumbs-up.

But I sometimes wonder if the presence of a free security tool from Microsoft won't drive developers of non-free competitors to desperate measures. ZoneAlarm's fiasco suggests that's a genuine risk--even as the PR blowback it suffered should provide an object lesson to other security firms. Ars Technica's Emil Protalinski said it well in that tech-news site's write-up, which features some entertaining screenshots comparing the ZoneAlarm prompt to that of a generic scareware alert: "the marketing department should not be allowed to make security warning decisions."

Was your desktop graced by ZoneAlarm's alert? If so, did you think it was a legitimate notice, or were you wondering why your security software hadn't stopped it?

By Rob Pegoraro  | September 22, 2010; 3:43 PM ET
Categories:  Security  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Late-night experiment: Rooting an Android phone
Next: Facebook etiquette: Let friends break their own big news


Yes, I got the "scare ware" (for that is, indeed, what it was) warning over the weekend. I was shocked when I saw it was signed by Checkpoint. For a moment, I legitimately believed I had a trojan on my computer, that's how strongly worded the message was. It's total BS that they are trying to claim they never intended to lead users to believe they were infected. It's clear that is exactly what they intended.

Just a nitpick though, your recommendation of MSSE, while a good one, is sort of irrelevant to this discussion. MSSE does not include a firewall - that would be the built-in Windows Firewall, which is available whether you use MSSE or not. MSSE would not be a replacement for Zone Alarm.

Posted by: tmiller2009 | September 22, 2010 4:03 PM | Report abuse

I don't know why anybody bothers with ZoneAlarm any more.

If you have a legit copy of windows, you get the Microsoft Anti-Virus/Anti-Spyware for free.

Combine that with the 64 bit version of Windows 7 using Chrome or Firefox and you have pretty good security.

Posted by: Ombudsman1 | September 22, 2010 10:35 PM | Report abuse

I got it several times. Once on my Win 7 laptop and then once for each of my three user accounts on my XP desktop. What was really irritating is that Zone Alarm was also doing their separate pop up offer to upgrade to Zone Alarm Pro. It seems like every time I start my computer lately I have to decline a Zone Alarm offer.

True, the windows firewall is virtually silent. But I'll stick with Zone Alarm for now because it's better at outbound program monitoring and I like to know which programs on my computer are trying to connect to the internet. But my Zone Alarm loyalty is a lot weaker than it used to be.

Posted by: Booyah5000 | September 22, 2010 11:35 PM | Report abuse

I put up with the warning for a couple months, but finally had enough in August. I switched to Comodo, and have never been happier.

Posted by: timmdrumm | September 22, 2010 11:48 PM | Report abuse

There is a new one going around. It's called 'Security Suite' (the "company" address is in England), which leads you to believe you have a virus on your computer. It starts up as soon as you try to access the internet. SS asks you if you want to initiate your security software.
When you foolishly click on 'yes' believing this will solve the problem, 'Security Suite' is downloading viruses onto your computer. It then locks up your internet access---and most everything else on your computer. My son's computer got 11 viruses, mine got 5----from 'Security Suite'. Your existing security software does not detect the viruses. At least ours (Norton 360) did not.

Watch out for emails, too. People have figured out how to hijack your email address to send you spams. Just a few days ago, I got an email from "Lieselette" (sounded like Lies A Lot--how accurate) with a subject line of "Top Boner Pills". When I looked at the return email address, it was MINE. I certainly had not sent this to myself!!!! If you open this email, the person likely gets confirmation that its a valid email address they can use for who knows what purpose. DON'T OPEN IT!!!! Delete it immediately as the 'spam' that it is.
If you don't recognize the senders email address, DON'T OPEN THE EMAIL!!!!!!!!!!!!

Posted by: momof20yo | September 23, 2010 7:41 AM | Report abuse

Install Secunia Personal Software Inspector. It's a free download that checks for vulnerabilities in your opeating system.

Posted by: Ricardo3 | September 23, 2010 7:50 AM | Report abuse

I got the Zonealarm scare message, but simply ignored it. They always want to sell you their complete package anyway, so what is new? And how come their firewall won't stop the new virus threats? What does it stop anyway?(I'm running XP).

Posted by: funfun881 | September 23, 2010 7:51 AM | Report abuse

AVG Free is as good as Norton, McAfee or anything that costs money. Essentially nag-free, and self-updating (after you set the scan / update schedule).

The also free MALWAREBYTES is the second tool everyone should have in their arsenal. If you encounter "scareware" just fire it up and do a full scan and you should be good.

The newer scareware will prevent you from running Malwarebytes, go to AVG, Task Manager etc, but if you reboot there is a window of time when the system is firing up the "startup" tasks where you can start it and run a scan.

Best to update it once in a while (auto update comes if you pay) so you have the latest data).

I also have the free SPYWAREBLASTER running in my startup. I haven't had much of anything so far as adware etc show up in Spybot after starting to use SpywareBlaster.

All of this available for download at (FOR FREE)

Posted by: tojo45 | September 23, 2010 8:28 AM | Report abuse

Also re AVG, when I switched to it my system ran much better because Norton (Symantec) etc are huge resource hogs. I couldn't believe the difference. I don't have a new, super-fast machine so it was very noticeable.

Posted by: tojo45 | September 23, 2010 8:33 AM | Report abuse

I got it, but at least I'm computer savvy enough to recognize it for what it was: a sales ploy. I don't even use Windows much; it's just a VM on my mac so I can test websites I build in IE.

Zone Alarm has gotten progressively worse over the years in its sales tactics. Every time you have to upgrade, you've got to wade through screens of upsells to get to the free program. I think I'm pretty much done with them. Next time I launch my VM, I think I'll be uninstalling ZA.

Posted by: taupecat | September 23, 2010 9:35 AM | Report abuse

Your recommendation to try MS Security Essentials was great. I immediately put it on one computer for a couple of weeks and then my other computers. It has worked great without any problems. The slowdowns and interferences by Zone Alarm, McAfee and other programs/packages I used became so obtrusive that I would uninstall them so I could use the internet, and then reinstall to clean up what hit.

Posted by: PamDB | September 23, 2010 9:59 AM | Report abuse

A good option if you want a free firewall, is Comodo. It works great and ive never gotten any of these scareware alerts from it.

Posted by: jeremyharewood | September 23, 2010 10:02 AM | Report abuse

A good option if you want a free firewall, is Comodo. It works great and ive never gotten any of these scareware alerts from it.

Posted by: jeremyharewood | September 23, 2010 10:03 AM | Report abuse

This article misses the point completely. The quintessential reason for 'security software' is to prevent, detect, or eliminate malicious software. The nag screens are hardly the point. In fact, if the lame stream media wants to write a compelling expose on malicious software, why not investigate, and I mean really investigate why our ELECTED OFFICIALS never, ever arrest or punish those that cause extensive economic and computer damage to those they so callously and viciously attack? We are a Nation of laws, and those laws are designed to act as a deterrent. If these malcontents that write this vicious code are never brought to justice, what deterrent is in place to prevent them from writing additional and ever more sophisticated malicious software in the future? Do the freaking math. Demand justice, or at least common sense.

Posted by: techresmgt | September 23, 2010 10:06 AM | Report abuse

I uninstalled Zone Alarm years ago because of the constant pop-up nags. It wasn't worth it; the annoying pop-ups were as counter-productive as most malware it was blocking could possibly be. When I realized that ZA was the biggest threat to my peace of mind while working, off it came.

Posted by: hisroc | September 23, 2010 10:34 AM | Report abuse

You poor people.

Haven't used 3rd party protection software since 2003.

Posted by: delta11 | September 23, 2010 10:44 AM | Report abuse

I still believe these 'security' companies make the malware and viruses then sell us products to combat it paranoid but think about it...what better scam would there be....secretly create these rogue programs and then become the hero for cleaning the systems....too X-Files ;-)

Posted by: michaelaudet | September 23, 2010 11:18 AM | Report abuse

I like the idea of ZA, but non-techies see the allow?s and don't know what to do so they Just Allow. Not a good way to secure the computer.

For years, I've been telling customers that the virus checkers have three jobs: check for viruses, make sure your license hasn't expired, and tell you what a great job they're doing (deleting tracking cookies mostly) so you send more money. And I tell them that two of these tasks are unnecessary and ALL of them slow down the computer.

Ombudsman1 has the right idea. MSE isn't bad. Run malwarebytes or superantispyware occasionally or as indicated and you'll be pretty safe.

Or run Mac OS or ubuntu.

Posted by: filfeit | September 23, 2010 11:51 AM | Report abuse

What are you people yappin' about? You're using free software from a company that sells software and you don't think they're going to try and get you to buy? Apparently their latest gimmick was over-the-top, but I can't believe that anyone's surprised.

This isn't 1995 when the Internet was fun and informative and freeware abounded; those days, unfortunately, are gone. I've used Zonealarm for many years and remember when they never bugged you to buy, but I did anyway and I don't have any compaints. Back in the 90s, I also had a free version of Macafee which guarenteed me free upgrades and updates for life. I ended up having to backdoor their site through the University of New Hampshire for updates - I haven't used their crap for years. I use AVG Free on one of my installations and am quite pleased, but I figure it's just a matter of time before they get into the game.

There's nothing wrong with doing things on the cheap, but in the end, nothing's really free - live with it.

Posted by: ancientdude | September 23, 2010 1:27 PM | Report abuse

That's too bad--back when I used Windows PCs, Zone Alarm was a good tool.

I switched to Macs a few years ago and haven't had to worry about that sort of thing since then, of course.

Posted by: irasciblecurmudgeon | September 23, 2010 2:35 PM | Report abuse

I agree with irasciblecurmudgeon; switch to a Mac and you'll not need to deal with issues like these.

Posted by: nonagon | September 23, 2010 3:45 PM | Report abuse

ZoneAlarm has kept my computer trouble free for many years. A few months ago, I removed it and replaced it with a product that was recommended by the Washington Post. Suddenly, I had computer security problems for the first time ever. The only people I know who do not have computer problems also use ZoneAlarm. (Note: MAC is not an option for many of us. We use what our companies use). I deleted the program and reinstalled ZoneAlarm and haven't had a problem since. Until I find a legitimate reason not to use ZoneAlarm, I'm going to continue using it. I enjoy seeing the warning boxes telling me who is trying to access my computer. I did see the warning but ignored it, realizing it was an attempt by ZoneAlarm to try to get me to buy something. That doesn't mean there is anything wrong with ZoneAlarm.

Posted by: Suzy66 | September 24, 2010 11:37 AM | Report abuse

Post a Comment

We encourage users to analyze, comment on and even challenge's articles, blogs, reviews and multimedia features.

User reviews and comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions.

characters remaining

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company