Source: http://www.theinquirer.net/default.aspx?article=29157

IT’S OBVIOUS, REALLY, that the best way of penetrating users' PCs to see what they get up to online would be to become a Firewall maker.
Like, when I wanted a Firewall and was too tight to pay for one, I turned to Checkpoint’s little freebie Zone Alarm. It sits there between you and the Internet and lets you know when someone’s trying to sneak in through your backdoor or when a program you’re running tries to connect to the Web for no apparent reason. When you’re as techie as me – not very – you just have to trust it.

Of course, Checkpoint’s an Israeli company and as a foreign journalist working in Israel you know the hyperactive security services here would like to keep tabs on you. And you know that they do. It has been confirmed to me by a security sources here that mobile phone conversations I have had have been listened to – and in circumstances which I won’t reveal, the contents of a call I have been involved in have actually been relayed back to me.

It’s part of the game – like the airport interrogation, or the surreptitious copying of your notepad while you’re off having a body search. You know what goes on but you have a job to do and just get on with it – hoping that what you get up to in the legitimate pursuit of your business won’t upset anyone to the extent that they’ll come break your door down and cart you off somewhere.

Now, the handsomely-named Mr Cringely has revealed that a colleague of his at Infoworld noticed that Zone Alarm 6.0 was sneakily sending off data to four different servers. Cringely says that Zone Labs (acquired by Checkpoint in March of 2004) at first denied the activity for a couple of months before deciding the software had a "bug" even though, as he points out, "the instructions to contact the servers were set out in the program’s XML code."

The company says it will fix the "bug" soon. In the meantime you can work around it by adding:
# Block access to ZoneLabs Server
127.0.0.1 zonelabs.com
to your Windows host file.

The "bug" seems to be present in the retail version of Zone Alarm, so there’s no telling what the freebie gets up to. We called Checkpoint here in Israel to find out, but were referred to a US spokeszoner. Trouble is they’ll all be in bed there on this sunny Sunday morning.

According to one of the reviews on Download.com Ashampoo's firewall spys on you too.

Is there one that isn't?

They are all like that, i used to have arguments with my Mum about this, she always downloaded free firewalls and antivirus software, to stop my little brothers looking at porn, then accused them of looking at porn when the PC was really badly infected with Spyware, i told her it was the software she had downloaded but she wouldn't believe me.

Oh well, she doesn't want to beleive anything i say anymore, she thinks i am mad with my theories.

Is there one that isn't?


?-?-?-?-?

inquring minds want to know.

There are hardware firewalls.

If you have a broadband connection you should have one
or at least a router.

Is there one that isn't?
sygate firewall, that you can still download but that it cannot contact sygate server because the server is no longer there.
and, this is probably the most reliable software firewall ever, and very light on resources.
And, i did test quite a few of firewalls
next good candidate is Kerio firewall, also very good and light firewall that does the job well.

There are hardware firewalls.

If you have a broadband connection you should have one
or at least a router.

all hardware firewalls allow outbound connections by the default, even Ciso Pix, most secure of them all.
So, this is why you need a software firewall that controls
outbound traffic, because you want to know what application or malware is trying to connect to what server
on internet.

so, a software firewall should be installed on your PC
because you want to control outbound connections.
So, let your hardware firewall block inbound connections
and your software outbound connections.
And, if you need to allow certain type of inbound connection into your network -- you "poke a hole" in your hardware firewall and open traffic to given service on your PC or server. Of course, most PC users do not need to allow any inbound service, but if you have a special situation
you will have to do as suggested.
So, you would have 2 firewalls working together.

Now, lets think about this; if your software firewall "phones home" without your knowing -- what information are they sending out?
right... you do not know because you trust them, even pay them to protect you.

if you are a techie, you can install a network sniffer on your
local segment that is between your PC (usually on local LAN) and your hardware firewall or the router.
Sniffer can tell you what is in each packet, but an average Joe will have major problems in understanding the readings, much less setting up the sniffer filters properly.

so, if Zonelabs decides to build a backdoor (or two) in their firewall (as they most likely did) you as an end user would not even know, because they can build a hidden rule that
allows all traffic out to servers of their choice and if rule does not even show up in the rules list -- how would you know that it even exists?

Unless you know how to use a network sniffer like that guy
has done at Networker's conference -- you would have no clue that other servers are contacted by your PC.

I never liked Checkpoint and I never liked Israelis.
One Israeli Checkpoint instructor that I met years ago immediately started crying how they Jewish People are used to hardship because they have always being persecuted. And, what he said was out of context of our conversation.

He reflected the mindset of many other Jews -- they are all programmed with that shit that they are the poor victims
and that everyone is trying to "get them", so
i am not surprised at all that they have that inherited need to spy on other people.

anyways, you should always have hardware and software firewall protection as well as antispyware protection.
together with good imaging program like acronis -- you should be all set for safe computing.