The Black Ice sales scam.

Russ

Lifer
Oct 9, 1999
21,093
3
0
From Fred Langa's column:



<< Smells Like A Scam To Me
If you're attuned to cheesy, fear-mongering marketing tactics, you won't be
surprised to learn that some security test sites overplay supposed
vulnerabilities in your system in an attempt to drive sales of related
security software. For example, a site called &quot;How Secure Is Your Computer&quot;
carries this to an amazing extreme.

Its security test page states, &quot;Internet security is and always will be an
important issue for anyone online?. Click on the TEST SECURITY link below
and if access is granted, your system is NOT SAFE.&quot;

The &quot;Test Security&quot; link brings you to a page that states &quot;Access Granted,&quot;
and then displays the contents of your hard drive. To the uninitiated, it
looks as though the &quot;security test&quot; has found a way to peek at your files.
Wow, better buy some security software, right?

Wrong. Beneath some page redirection and DHTML smoke and mirrors, the &quot;test
page&quot; doesn't test anything at all. It simply issues a &quot;file://c:/&quot; command
to your browser, which then locally (and harmlessly) displays your
hard-drive contents. Nothing is sent to or from the remote site; the
process is entirely self-contained within your PC. You can accomplish the
same thing a lot less mysteriously simply by typing &quot;file://c:/&quot; in the
address bar of your browser. Try it!

But again, to the uninitiated, it's frightening to see your hard-drive
contents appear in your browser window.

You might think this a harmless prank, but I don't. That's because the site
is using this ruse to scare users into buying a copy of Black Ice Defender,
a personal firewall, supposedly to prevent this &quot;vulnerability.&quot; (If you
examine the site's sales URL, you'll see that the site owner is an
&quot;affiliate&quot; of Network Ice, the publishers of Black Ice Defender. The site
owner retains a percentage of any sales generated from the site.)
>>



Russ, NCNE
 

tm37

Lifer
Jan 24, 2001
12,436
1
0
This is one of those thing the government does need to stop. Ripping off morons is just wrong! Easy, but just wrong.
 

kami

Lifer
Oct 9, 1999
17,627
5
81
That's a damn shame. Hey Russ, don't you have a link like that on one of your sites?

edit: yup:) tacube.com
 
Apr 5, 2000
13,256
1
0
Um, the government doesn't own Network Ice

And I noticed Blackice Defender &quot;trial&quot; seems to have a lot of &quot;attempted hacks&quot;, yet when you buy the full version, they suddenly stop.
 
Apr 5, 2000
13,256
1
0
Now that I think about it - old Steve Gibson down at GRC plugged Zonealarm like crazy (its free for home users, $xx for businesses - wonder if he gets a spiff off of that)
 

ZapZilla

Golden Member
Oct 9, 1999
1,027
1
71
If you visit here and read about Steve's great and ongoing DDOS adventure (long but rewarding) you will discover that BlackICE Defender is worthless (about %90 down the page under &quot;Personal Firewalls and IRC Zombie/Bot Intrusions&quot;).
 

pulpp

Platinum Member
May 14, 2001
2,137
0
0
and thanks to GRC and those crap sites dor spreading Moron paranoia... the author of grc could spend his time better writing a daytime soap opera.
 

ZapZilla

Golden Member
Oct 9, 1999
1,027
1
71
pulpp do you have information that counters Steve's data?

Spouting off without backing the spew with factual substance gets us all nowhere.

edit: <corrected moronic spelling error>
 

pulpp

Platinum Member
May 14, 2001
2,137
0
0


<< pulpp do you have information that counters Steve's data?

Spouting off without backing the spew with factual substance gets us all nowhere.

edit: <corrected moronic spelling error>
>>



didnt know steve actually had any &quot;data&quot; on his site, i read some of his articles, and everytime, what could have been said clearly in a couple of paragraphs, is rather stretched into pages of nonsense paranoia that probably does more damage to newbie`s than actually inform them.

lets take the latest WinXp daram he put up, MS been criticized before for not implementing a full tcp/ip stack, and now that they do, they are still criticized for it? what about all the other OS that have a full tcp/ip stack? the first DDoS attack came from Sun machines, and anyway, if someone is able to put a trojan on your machine, they can add the libraries required to win9x to make it sedn spoofed packets. so the argument that win xp poses more threat simply because its a home OS is really doesnt stand. i would have more respect for him if he simply stated what he have to say in a reasonable way, rather than feeding on the lowest common dominator of paranoia of new users.
 

HaVoC

Platinum Member
Oct 10, 1999
2,223
0
0
I agree with pulpp. Steve would do much better to leave the sensationlist tone and bold letters out of his web site. It hurts his credibility in my eyes. I also remember reading a well-written debunk of one of GRC's claims but I can't find it now. Steve's a brilliant guy but I think he overextends himself sometimes.
 

Russ

Lifer
Oct 9, 1999
21,093
3
0
Bwuahahahahahaha!!!!!! I just went to The scam site, and when you run the &quot;security&quot; scan you get a popup that says:



<< This was just a prank. I am sure that your system is quite safe.

You can get the same result by typing in &quot;file://c:/&quot; in the browser
address bar.

Have a great day :)

If you want to know why this information page exists, see this page:
http://www.informationweek.com/841/langa.htm
Robrob8 is NOT a scammer
>>



He got popped, so suddenly it's just a &quot;prank&quot;.

Russ, NCNE
 

glen

Lifer
Apr 28, 2000
15,995
1
81


<< This is one of those thing the government does need to stop. >>

Poh hell no. It would cost tax payers about $2.5 million and a team of 12 incompetent workers to do half the job RUSS just did by posting it here.

less is more
 

Raspewtin

Diamond Member
Nov 16, 1999
3,634
0
0
that's interesting that Network Ice would support something like that. The must be getting hit hard by ZoneAlarm to resort to that stuff.
 

Russ

Lifer
Oct 9, 1999
21,093
3
0
Raspewtin,

They may not have known that one of their sales affiliates was pulling the scam. They may have nailed the guy after Langa brought it to light and that's why he put up his &quot;it was only a joke&quot; notice.

Russ, NCNE
 

Batti

Golden Member
Feb 2, 2000
1,608
0
0
pulpp - the difference is there will be more WinXP users on the Internet in a month after release then all the unpatched Suns ever sold! Look how many people on this board warez it the moment they can! That's the real problem - volume.

Steve is way too sensational, but these are media-numb newbies he's trying to reach!
 

Eug

Lifer
Mar 11, 2000
23,938
1,540
126
Yeah, stupid scam, but at least it wasn't Network ICE who did it.


<< If you visit here and read about Steve's great and ongoing DDOS adventure (long but rewarding) you will discover that BlackICE Defender is worthless (about %90 down the page under &quot;Personal Firewalls and IRC Zombie/Bot Intrusions&quot;). >>

I personally wouldn't pay for it, especially with Zone Alarm being free, but I don't think it's useless just because it only monitors incoming activity. For instance, had those computers which attacked Steve Gibson had BlackICE Defender and a good virus checker on them, they probably would NOT have been infected with the Sub7 virus, and thus would not have been involved in the DDOS attack on his site.

I would take his site with a grain of salt. Useful information, but extremely biased.
 

MrBond

Diamond Member
Feb 5, 2000
9,911
0
76
I like BlackICE, although I may switch to ZA just because it monitors outgoing traffic. My main issue with ZA is that it is FREE, and therefore, begging to be hacked. When millions of people use a free firewall, there's got to be an effort going on to crack through it somehow. Maybe I'm just paranoid