Message-ID: <366BC730.56E@nwi.net> Date: Mon, 07 Dec 1998 04:16:48 -0800 From: pchelp Reply-To: pchelp@nwi.net X-Mailer: Mozilla 3.04Gold (Win95; I) MIME-Version: 1.0 To: Scott Davis Subject: Re: Lockdown Program References: <199812062233.OAA26084@law-f92.hotmail.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, "Scott Davis." What lies, you ask? Just go to their front webpage at lockdown2000.com! The title: The Complete Fire Wall For Windows: LockDown 2000!! Firewall? Do YOU know what a firewall actually is? I do. And as far as my observations have gone, this product is at best a small PORTION of a firewall. They begin the PR with this statement: Hackers have found a way to access your Windows 95, 98, and NT application software. Right. Specifics, please. There are many ways to hack into systems, and always have been. And what's this "access your application software" thing? There are known vulnerabilities in some software, yes. But this is strangely vague, oddly worded. "Internet users should know that their private information stored on their computer is no longer secure." Was it ever? The suggestion is, everything's changed. It hasn't. There have been no major developments, really, just more of the same stuff all along. With very little trouble, even less experienced hackers can tunnel into your database through an electronic loophole and major security hole in modern personal computer operating systems. Into your DATABASE? Electronic loophole? Specifics! Specifics please! This is sensationalism, not information. Because of this electronic loophole all users have become easy prey Whoops! Lie Number One. "All users?" Let's bear in mind what this security hole actually is, always realizing they _haven't_ told us. It's resource shares. Nothing more, and it does NOT appply to "all users" nor even to a large percentage. You know this. Are you blind to this lying hype? Do you agree with such tactics, Scott? for the most casual, indiscriminate computer hacker. Harbor Telco Corp. believes internet users must recognize the serious security breach created by this software loophole. H.T.C. is taking action and has developed a solution, LockDown 2000.--- Still no specifics... why the big mystery? Lock Down 2000 is now the world's most effective and complete security system available for Windows 95, 98, and NT. Lie Number Two. This is pure bullshit. Compare it head-to-head with a few of the REAL products, please. Real firewalls. Real comprehensive security products. There are lots of them. Why no comparisons? LockDown 2000 automatically disconnects, traces and identifies unauthorized users in electronic seconds. Yeah, users of network shares. And it's simple to trace probes from trojan users, although I assure you while it may do this now, it did not before. With LockDown 2000 you will never have to worry about Hackers invading your privacy, deleting your files, attaching a virus or a trojan horse program without your knowledge. It handles FILE SHARES. Which is fine, but that's it. Again, if they added trojan prevention, it was AFTER they made this statement. When a user logs on to the Internet, they log on to a WAN, Wide Area Network. As soon as WAN users log on, they become prey to Internet hackers who simply invade the user's computer with one simple Windows command. Lie Number Three. Taking advantage of open shares is indeed easy. But it is not possible with "one Windows command" and it is not done "as soon as users log on." It requires a search, it requires multiple commands, and it requires a moderate amount of important background knowledge which is not itself "simple." After breaching the unsuspecting user's system, they can download or delete all of the information on a user's entire hard drive. The worst part is that just about anyone, not only hackers, can type in the one simple command and break into almost any Windows 95, 98 or NT computer connected to the Internet. Lie Number Three repeated. It is not "one simple command." If you're interested in how it IS done with ordinary Windows apps, you can go to this URL: http://www.cultdeadcow.com/cDc_files/cDc-0338.txt Here's another: http://www.hackersclub.com/km/newbies/lesson3/index2.html It is a multi-step process. It can be made simpler using specialized applications. It is nonetheless NEVER just "one simple Windows command." And they are STILL not telling what the hell this "hole" is! This problem goes far beyond U.S. borders. Every person and corporation around the globe who connects to the Internet using Windows 95, 98 & NT can no longer be sure that their computer data is safe -- it is not. Lie Number Four. Where file shares are concerned, it is EASY I repeat: EASY! to check the status of file sharing on your system and/or to disable sharing on the dial-up connection. So the truth is, people CAN be sure their data is safe, where this Omigod! "hole" is concerned. LockDown 2000 prevents anyone from any computer in the world from getting into your computer. Find a few dozen of the most revered computer experts on Earth, put them all to work on the problems of security, and whatever they come up with, even such powerhouses of knowledge are not so stupid as to make an all-encompassing statement like this one! Click here for all the details. OR, Click here to find out more about the security hole. When you click on the link to "find out more about the security hole" you get a sensationalized "press release" which in fact does NOT tell the SIMPLE FACTS about this HORRIBLE GAPING SECURITY HOLE which is in fact file shares enabled on the dial-up networking connection on some older Windows and NT machines. The error can be made on newer machines, but you have to ignore Microsoft's dire warnings and be an idiot besides. The sheer NUMBER of open file shares across the Net is easily in the thousands, and such people are indeed open to serious risk. But those people don't need a $100 program, only a page of simple instructions to correct their problem. And the PERCENTAGE of Net users with open file shares is NOTHING like the claims made elsewhere on this site. This whole thing is a fucking overstated, deceptive, overblown description of a "new" security hole that's been known for years and is NOT a problem to the vast majority of the unfortunately gullible people who are likely to be taken in by this shameless PR. Why do I care? I care because I think ordinary people deserve honesty. I think they should be told things in plain language. I think it's despicable to take advantage of people's ignorance to sell them a product they don't need and that makes outrageous claims. OK, so you say it now really does deal with trojans. Tell them to send me a full, registered copy of their program and I'll test it, honestly, and I'll report on what I find. If it's good, I'll say so. If it suits me, I'll install this older version I first downloaded and demonstrate once and for all that at the time I wrote my page, they were indeed lying about their trojan-handling claims. But I don't think you honestly want me to do that, do you? Because I suspect you're lying to me too. I think you have more of a stake in this than you pretend. Some of your information, such as your description of WinHackGold, is in part inaccurate, as I believe is the very questionable data you present about the HackerProof98 tale. Much more than 4 months ago, Hackerproof98 sales were traced to the Florida offices of Harbor Telco. I provide links to records of that fact (it wasn't me) on my page. Your huge effort to cajole and threaten me is unlikely to come from anyone not directly involved in the scam. I don't think you're merely an interested customer. I could always be wrong about you, and if I am consider my apology already made. There are all sorts of gullible people in this world and you wouldn't be the first. The simple truth is I don't like scam-artists who lie to ordinary people, who sell a product with false fear and sly verbiage. And that is what I'm about. No matter how good this over-hyped product is, it remains that its creators are LYING to people in order to sell it. That alone is reason enough to NEVER buy from them. This is why I never bothered to test the program. Like I said, I could never recommend it anyway. But I did examine its help file in complete detail; it contains full instructions for use of the program, screen shots, etc. I also read the textual contents of the main .exe file. I am confident my assessment _of the program I downloaded_ is fully accurate. I have no fear of legal action, no concern whatsoever for the mood or comfort of those who choose to conduct themselves as these folks have chosen to do. They'd lose horribly if they sued me, and they'd make me and my exposure of their PR quite famous; I suspect they're not that stupid. But if they are, I have an excellent lawyer or two, and enough time and resources to deal with it. But I'll listen to reason. I don't wish to be untruthful. Think about it. If I did wish to lie, I would never have admitted I had not fully tested their program. If I find I've been incorrect in any factual statement I have made, I will gladly correct it. I'll see what's on my schedule and in the next few days or so, I will _probably_ install and test the Lockdown 2000 I downloaded on the 10th of November. pchelp