Monday, September 20, 2010

anatomy of a snake oil campaign

a certain piece of snake oil was brought to my attention over the weekend and i thought it might prove useful to highlight some of the questionable things i saw.

originally found here
  1. trusted by 100% of fortune 100 companies? what does that even mean? do you think all 100 of those companies use zone alarm? really? not a single one uses norton? that would be pretty amazing considering norton is in the #1 position in this industry. obviously trusting and using must be two very different things. it seems to me like this is just a clever way to put 100% on the page without claiming something false like 100% detection or 100% protection. instead they say something completely meaningless but still get the benefits of having 100% prominently displayed on the page. how many people do you think will come away from this page and think that 100% was actually in reference to something meaningful like detection even though such a claim, had they actually made it, would have been false? yeah. very sneaky.
  2. a financial trojan virus? really? financial trojan, sure. virus? maybe, i don't know for sure that it doesn't self-replicate. but to put those two terms together like that seems like the work of someone who didn't know what they were talking about. a common ploy is to throw out technical sounding jargon in order to add the air of credibility - but when you don't know what you're talking about you have a tendency to combine terms inappropriately. there's a fine line to walk when it comes to jargon. obviously there are times when a vendor needs to use these in order to convey particular information. but what also happens sometimes is that vendors will use jargon unnecessarily to confuse the audience and make themselves look smarter and more important. some vendors are good at this - checkpoint? not so much. at least not here.
  3. comparing products on the basis of virustotal results. some time ago i wrote about using virustotal for comparing anti-malware products. i wrote that those of us who know better will laugh at you when you do it. i'm laughing at you right now, checkpoint, and i don't think i'm the only one. the rule of thumb is this: virustotal is for testing malware, not anti-malware. vendors who want to be taken seriously should try to remember that. consumers should probably try keeping it in mind too. virustotal is a great tool, but it's a quick and dirty tool, there's a lot of functionality in modern anti-malware software that it doesn't (and probably can't) leverage.
  4. only zonealarm can protect you? the whole page hypes up the threat of this one variant of zeus. in one breath they tell you that zeus changes often (it does this by way of many, many variants) and then make a big deal out of protecting against this one variant. imagine advertising a bulletproof vest on the basis that it's the only thing that can protect against bullets with a particular striation pattern. all things considered, do you really think you're likely to be fired at with those particular bullets? i didn't think so.
  5. complete protection against new threats is almost textbook snake oil. nothing can protect the user completely, much less protect them completely against new threats. why are vendors still trying to pull crap like this? how have practitioners of this kine of snake oil salesmanship not gone under yet?
<sarcasm>really folks, just get zonealarm, it'll cure what ails you. or your computer. or your dog. </sarcasm>

folks, you need to learn to be more discerning consumers so that the pool of money that supports this sort of intellectual dishonesty dries up. vote with your wallet - steer clear of manipulative marketing and the companies that engage in it.


Ed said...

Don't know if you saw this, but The Register is running with a story that ties in with this:

kurt wismer said...

thanks ed, i actually did see that thanks to someone on twitter, but i've forgotten who now after having been sick all week. also, sorry for taking so long to publish your comment.