The other day, when my friend’s laptop spit-up a warning from ZoneAlarm that she was no longer protected, I stood over her shoulder and instructed her to update the firewall. The warning was basically a scare tactic, of course. Without the update she would still be protected, just as protected as she had been the day before. She just wouldn’t have any new whiz-bang features included in the update, nor would she be able to take advantage of any new security enhancements.
We ran the default install. This was Windows, so there had to be a reboot. After that, we opened the browser to find that the homepage had been reset to a ZoneAlarm themed Google search page. We had not opted-in to any such change; the ZoneAlarm folks had just taken it on themselves to hijack Firefox’s revenue, which I didn’t think cricket.
A ZoneAlarm toolbar was also installed, taking up screen space and not seeming to offer any useful puprose. It was eliminated and the home page was reset back to Google. I should’ve seen this coming. Since ZoneAlarm was purchased by Check Point a few years back, their marketing has gotten increasingly pushy.
I decided then and there that it’s time to find another software firewall solution for the Windows machines I maintain. Making changes without asking first is completely unacceptable behavior.
The next day I was at another Windows machine, this time a desktop, when the same warning box I’d seen the day before popped-up, repeating the same lie. I was not protected. I needed to upgrade.
Wishing to avoid the previous problems with unasked for settings changes, this time I chose the custom install. Unfortunately, that didn’t seem to matter. ZoneAlarm downloaded and installed without any input from me, other than to make sure I ticked-off the EULA. When it finished, it asked me if I wanted to reboot and I said yes. Nowhere along the way did it give me the opportunity to opt out of anything.
After reboot, I found that the ZoneAlarm toolbar was installed and that the homepage was changed. I manually rolled all the changes back, one by one, becoming firmer in my resolve to find an alternative firewall to use with Windows. Later I would discover another change, my search box now pointed to ZoneAlarm’s Google account.
These guys were being too damned pushy. I’m sure they think they’re entitled because they’re letting me use their software free, but that doesn’t sit too well with this Linux user.
I’ve been using ZoneAlarm since it was in beta, after seeing a recommendation from Windows security guru Steve Gibson. After using the free version for several years, I eventually purchased the more configurable paid version when I needed to set up a Windows network in my home. Since then, I’ve used the free version on any Windows box I maintain, as I don’t trust the firewall built-in to Windows.
Almost immediately after ZoneAlarm was sold to Check Point several years back, the product started to become dumbed down with less control given to the user. However it remained a solid firewall which always passes Gibson’s Shields Up tests. Unfortunately, as the firewall became more idiot proof, their marketing techniques became more aggressive. A few years back, after I’d successfully opted-out of the toolbar on a default install, I discovered traces left behind, as a deactivated toolbar in my Firefox settings.
Programs that change default settings upon installation are all too common an occurrence on Windows machines, especially in the freeware realm. Indeed, it’s true that a program like ZoneAlarm offers a valuable service at no cost. However, to my way of thinking, changing settings on a users computer is something akin to a cyber version of “breaking and entering” and should be a crime.
With Linux, of course, there’s no need for a third party firewall, as a firewall is built into the kernel. Even if a separate firewall was necessary, most likely it would come in the form of a completely free and open source program that would never think of violating the users settings for commercial gain.
ZoneAlarm, it’s been a nice ten years and I wish you well, but you have to go now. We can’t be friends any longer. Taking over users computers without asking first is completely unacceptable behavior.