S
Shenan Stanley
Guest
<snipped>
Conversation in entirety:
http://groups.google.com/group/micr...8/b3486be8412ee2af?lnk=st&q=#b3486be8412ee2af
Comments in-line...
Nunya Bidnits wrote:
> As a rank and file home user with above average skills (but not an
> expert), and as a person with marketing and PR experience, here's
> my impression:
>
> MS and ZA both screwed up.
>
> First, ZA is widely used. Second, MS should have, or could have
> known that the July update would therefore have a broad negative
> impact. Third, *if* ZA had enough advance warning to issue a
> corrective fix before the update, and just knowingly and
> negligently chose to do so for no particular good reason, double
> shame on them. But that does not really seem likely. However its
> indisputable that the first two are true.
>
> Both screwed up because:
>
> MS did not make any effort to make the ZA problem known. The issue
> was not discussed on the web page for the update, nor was there any
> other alert associated with the update. Yet there is no way they
> were not aware of the problem before pushing the update, unless
> they were negligent in their preparations. Either way, bad on MS.
> They left average home users, the most affected single group,
> completely utterly in the dark. Those users do not usually know
> where to look, such as in these newsgroups, to find out about such
> problems. And any more, since half of them use the scum-ridden
> Google Groups, they could not access them anyway, MS having trashed
> their WWW access.
How would MS have known (as you state - before pushing the patch) that
somebody elses firewall application (created and supported by another
company) would have problems with this patch...? What are the limits in
what third-party things a company must test to ensure that fixing their own
product won't cause issues with someone elses product?
Also know that not *all versions* of Zone Alarm exhibit this issue with the
patch MS released. Older versions of ZA have been discussed elsewhere in
this very conversation with the people stating they have *not* experienced
any issues.
Your statement about "MS having thrashed their WWW access" - while it was
the patch that exasperated the issue - it was ZA (that particular version no
less (or so it seems)) that had to be modified to remedy the situation.
> ZA did a very very poor job of responding to the problem. It was a
> pain in the neck for me to find out that it was a ZA problem at
> all. I knew enough to uninstall the update, something many home
> users would not necessarily think to do, or know how to do. Going
> back to a restore point, as many of them did, is an excessively
> destructive solution.
ZA did jump on it fairly quickly - all things considered. They fixed it and
released the patch within two days and had work-arounds *I believe* the same
day that the patch was released.
> When I tried to find the updates through the click point in the ZA
> software "check for updates", repeatedly, N**none** were found.
> When I went to the web pages suggested in these NGs for the fix, at
> the time I checked, the links to the updates were not there.
> Several on these groups became frustrated with me for asking
> repeatedly, but somehow they did not manage to keep these links
> posted as they apparently kept making changes to the page. Finally
> on hard refresh I found the links. Bad on ZA.
Yes. Bad on ZA, but perhaps they were putting things up and realizing other
issues, taking them down, putting things back up, etc.
Then again - I did see that part of your discussion and every time I went to
the web page link during that time - the thing you were being told was
there - was there. Then you would answer that it was not - but I could
still see it. It is possible that something was awry on your computer(s) -
or it was cached, proxy, etc and not refreshed. *shrug*
> From now on I will not allow MS to install any updates
> automatically and will check for problems for a few days before
> accepting them.
For an educated person - that is always the wisest choice. Control your
data/stuff completely - only you know the nuances of it and what is/is not
important to you. Why anyone would do anything else is beyond me. ;-)
> And due to this and other past avoidable ZA problems, plus
> information that indicates their firewall is only marginally
> effective at best, I will move on to a better firewall.
The built-in Windows XP firewall (especially if you are also behind a NAT
router of some sort for any high-speed Internet you might have and keep you
AV/AS updated) is *more* than sufficient.
For _most_ home-users - anything more than what is built into Windows XP and
later (consumer OSes from Microsoft) is usually wasted space and time in
terms of 'firewall protection' - IMHO. Why add the complication(s) and
possible problem(s) (as demonstrated so well in this case) if there is no
logical reason to and especially if the home user probably would not be able
to fix it themselves in case of a problem.
--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html
Conversation in entirety:
http://groups.google.com/group/micr...8/b3486be8412ee2af?lnk=st&q=#b3486be8412ee2af
Comments in-line...
Nunya Bidnits wrote:
> As a rank and file home user with above average skills (but not an
> expert), and as a person with marketing and PR experience, here's
> my impression:
>
> MS and ZA both screwed up.
>
> First, ZA is widely used. Second, MS should have, or could have
> known that the July update would therefore have a broad negative
> impact. Third, *if* ZA had enough advance warning to issue a
> corrective fix before the update, and just knowingly and
> negligently chose to do so for no particular good reason, double
> shame on them. But that does not really seem likely. However its
> indisputable that the first two are true.
>
> Both screwed up because:
>
> MS did not make any effort to make the ZA problem known. The issue
> was not discussed on the web page for the update, nor was there any
> other alert associated with the update. Yet there is no way they
> were not aware of the problem before pushing the update, unless
> they were negligent in their preparations. Either way, bad on MS.
> They left average home users, the most affected single group,
> completely utterly in the dark. Those users do not usually know
> where to look, such as in these newsgroups, to find out about such
> problems. And any more, since half of them use the scum-ridden
> Google Groups, they could not access them anyway, MS having trashed
> their WWW access.
How would MS have known (as you state - before pushing the patch) that
somebody elses firewall application (created and supported by another
company) would have problems with this patch...? What are the limits in
what third-party things a company must test to ensure that fixing their own
product won't cause issues with someone elses product?
Also know that not *all versions* of Zone Alarm exhibit this issue with the
patch MS released. Older versions of ZA have been discussed elsewhere in
this very conversation with the people stating they have *not* experienced
any issues.
Your statement about "MS having thrashed their WWW access" - while it was
the patch that exasperated the issue - it was ZA (that particular version no
less (or so it seems)) that had to be modified to remedy the situation.
> ZA did a very very poor job of responding to the problem. It was a
> pain in the neck for me to find out that it was a ZA problem at
> all. I knew enough to uninstall the update, something many home
> users would not necessarily think to do, or know how to do. Going
> back to a restore point, as many of them did, is an excessively
> destructive solution.
ZA did jump on it fairly quickly - all things considered. They fixed it and
released the patch within two days and had work-arounds *I believe* the same
day that the patch was released.
> When I tried to find the updates through the click point in the ZA
> software "check for updates", repeatedly, N**none** were found.
> When I went to the web pages suggested in these NGs for the fix, at
> the time I checked, the links to the updates were not there.
> Several on these groups became frustrated with me for asking
> repeatedly, but somehow they did not manage to keep these links
> posted as they apparently kept making changes to the page. Finally
> on hard refresh I found the links. Bad on ZA.
Yes. Bad on ZA, but perhaps they were putting things up and realizing other
issues, taking them down, putting things back up, etc.
Then again - I did see that part of your discussion and every time I went to
the web page link during that time - the thing you were being told was
there - was there. Then you would answer that it was not - but I could
still see it. It is possible that something was awry on your computer(s) -
or it was cached, proxy, etc and not refreshed. *shrug*
> From now on I will not allow MS to install any updates
> automatically and will check for problems for a few days before
> accepting them.
For an educated person - that is always the wisest choice. Control your
data/stuff completely - only you know the nuances of it and what is/is not
important to you. Why anyone would do anything else is beyond me. ;-)
> And due to this and other past avoidable ZA problems, plus
> information that indicates their firewall is only marginally
> effective at best, I will move on to a better firewall.
The built-in Windows XP firewall (especially if you are also behind a NAT
router of some sort for any high-speed Internet you might have and keep you
AV/AS updated) is *more* than sufficient.
For _most_ home-users - anything more than what is built into Windows XP and
later (consumer OSes from Microsoft) is usually wasted space and time in
terms of 'firewall protection' - IMHO. Why add the complication(s) and
possible problem(s) (as demonstrated so well in this case) if there is no
logical reason to and especially if the home user probably would not be able
to fix it themselves in case of a problem.
--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html