Subject: Steve Gibson's December/2000 News from GRC.COM ...
_________________________________________________________________
Significant Security Vulnerability Revealed
in Almost ALL PC Personal Software Firewalls
NEW Firewall "LeakTest" freeware from me!
_________________________________________________________________
I have not written to you for five months because I haven't had
any really BIG news (until now) and I never want my eMail to be
irrelevant or annoying to you. I am committed to NEVER abusing
your trust.
Today's BIG news is the release of my latest freeware: 'LeakTest'
LeakTest is used to check your firewall's vulnerability to an
extremely common and easily exploited design flaw revealed by
this test. At this time, EVERY FIREWALL BUT ONE is vulnerable to
this danger, and some are more vulnerable than others.
(Due to the strength of its design, the FREE ZoneAlarm firewall,
produced by ZoneLabs, Inc., can not be penetrated by this test.)
ZoneLabs, Inc.
Our new LeakTest page, accessible through the link below and also
from our site's home page, provides the whole story and the means
to download my new and compact (27k byte) LeakTest freeware:
LeakTest Page
The LeakTest page also contains links to our very active public
newsgroup forum (grc.leaktest) at grc.com. This group is
discussing the LeakTest issue and comparing firewall behavior.
You can quickly find any help or further clarifications you may
need within this group.
Other News:
1. NANOPROBE:
I have been working on an incredibly exciting new Internet
security testing technology, known as NanoProbe. It is not
yet completed, but you will certainly be among the first to
know when it is. The following page contains background:
NanoProbe Page
2. FILE DOWNLOADER SPYING:
The last note I sent to you revealed the privacy breaches
inherent in many popular file download accelerators. Thanks
to YOUR SUPPORT on this issue, every vendor of those
programs immediately updated their software to remove this
spying behavior. THANK YOU for working with me to let them
know that this behavior was NOT ALL RIGHT with you!
3. OPTOUT and AD-AWARE:
I decided that my long-term plans for OptOut were wrong:
Rather than scanning the user's system for Spyware, I should
check the user's system for its firewall's VULNERABILITY to
known AND unknown spyware. This is the initiative I am now
launching with LeakTest.
But there is STILL a very pressing need for a high-quality
spyware scanner. I can recommend -- without reservation --
the EXCELLENT, comprehensive, and completely FREE Spyware
scanning and removal tool by LavaSoft: 'Ad-Aware'
Ad-Aware
4. FUTURE MAIL FROM ME:
Many of our subscribers have worried about not hearing from
me every month (fearing that they were missing my notes).
Others have said that they want to know what's going on
(like with my NanoProbe development) even if it's not "BIG
news". With my next mailing, I will create a means for you
to tell me and "Opt-In" if you want monthly news no matter
whether it's BIG or small. Until then I am not going to
bother you until I have something I KNOW you will want to
know.
_________________________________________________________________
Thank you for your time. I hope this has been useful to you.
Steve Gibson. GRC Website