dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
47

Ben E Brady
@dialup.mindspring.co

Ben E Brady to 2kmaro

Anon

to 2kmaro

Re: Steve Gibson - All Bent out of Shape??

Several people in this forum have asked why it would cost Mr. Gibson approximately $20,000 to make the modifications to my software.

The reason is VERY SIMPLE. Like Mr. Gibson, I am a businessman and a computer programming professional and my time is a valuable commodity. My estimates for making the modifications to my software is as follows:

There are 3 applications that need to be modified and tested for proper operation, each of them having disparate data structures. The estimate is 60 hours at $150.00 per hour. This comes out to $9,000.00.

Those of you that have postulated that you could do it in a half hour in VB6 obviously do not know what the software development process actually entails. Anyone can whack out code and claim that it works, I test my code thoroughly to make sure that it does.

After all of the testing is completed, installation programs must be generated, help files edited, the distribution channel and e-marketing company must be updated with the latest versions.

I have estimated this process to be approximately 20 hours of my time, or $3,000.00. This brings the total, so far, to $12,000.

Then the fun part begins...

My products require registration and the generation of an unlock code. I have tens of thousands of users for my ClearICE product, approximately 250 users of the ClearZone product and about 500 users of ClearRoute.

I would estimate that an additional 40 to 60 hours would be needed in order to send the email to all of the users informing them of an upgrade, generating and sending unlock codes to them, answering their questions related to the upgrade, (since a certain percentage do not bother to read the help file, even if an install process forces them to open it) and providing support for a modification that would not benefit the user in relation to the scope of the software, producing reports and performing analysis of the firewall logs.

The modification would only be there for the benefit and edification of one person. Steve Gibson, as such, I have offered to make the modifications for approximately $20,000.

Conservatively, the cost of this would be approximately an additional $6,000 to $9,000 dollars. This brings the total cost of the modification to somewhere between $18,000 and $21,000 dollars.

Since we are a 2 person company (my wife and I) living in a predominantly agricultural town of 16,000 people (Dinuba, CA, the no-tech capital of California) you can certainly understand my need to charge for the modifications Mr. Gibson is demanding by virtue of his threats.

I have offered him more than one reasonable solution to his problem. I have also taken all of the initiative in effecting the solutions by informing my users and updating the Online Help. Mr. Gibson has yet to do ANYTHING in terms of resolving his differences with me. I have always been more than willing to assist him, however, I will not be bullied into making a change to my software that would compromise the integrity of the security logs it was designed to report.

Mr. Gibson is being totally unrealistic with regard to the solution to his problem. This is most assuredly a user education problem and not a problem with my software. He has already been very successful in terms of making the various personal firewall software development companies modify their programs due to the Leaktest debacle... He has also been successful in 'convincing' the creator of ZoneLog Analyzer in completely filtering his IP addresses from the ZoneAlarm attack logs when they are processed by his package. The integrity of the contents of the firewall logs and their accurate reporting to the user for proper analysis is the real issue here.

I applaud Mr. Gibson's altruistic actions of giving away his software for free. I would love to be able to afford to do that as well. As a matter of fact, when I first wrote ClearICE I did give it away for free. Then, reality set in and I realized that I had to meet my financial obligations responsibly, just as most of you do.

It is very clear from statements on the Shields Up web site that Mr. Gibson is creating a technology that could EASILY be used to do very nefarious, and difficult to detect, intrusions to millions of computers. I am not saying that he would, I am saying that he COULD. What protection would people have if they had no way of analyzing the security data created by their firewall logs in order to determine the threat level to their computing resources?

In my opinion, his promise of FREE software could be the very vehicle that would widely distribute this technology to the masses, enabling him, in a very short time, to collect massive amounts of private information from the computers of companies and individuals alike. I would certainly hope that this is not the motive for his creating the 'Nano-Probe' technology. However, "trust nothing that you read and only half of what you see", and you might have a reasonable chance at being successful in terms of the security of your systems.

I, in no way, profess to be an expert with regard to any particular subject. I have not seen any particular evidence of Mr. Gibson's expertise in terms of certifications. What I have seen is pages and pages of Mr. Gibson's web site that are full of self-promotion and ego.

I am a Microsoft Certified Professional in Windows NT, a Certified Clarion Developer, a former Novell CNE and I am currently studying for my certification as a Network Protocol Analyst. I do these things to show my customers, current and potential, that I am serious about providing quality software, and sound advice, when it comes to offering solutions to their business computing problems.

Quite frankly, I would rather be out with my camera taking pictures of wildlife, but once again, being a programmer for 30 years has been the way I make my living.

Ben E. Brady
Brady & Associates, LLC.

rhaverly
join:2000-03-30
Indianapolis, IN

rhaverly

Member

Hmmmmm............

Modify and test 3 applications for proper operation $9,000
Installation program generated, help files edited, etc. $3,000.00
Generate e-mail, PR, etc. $9,000.00

.......................Cost of doing what it takes to make a quality logging program.............Priceless

Wildcatboy
Invisible
Mod
join:2000-10-30
Toronto, ON

Wildcatboy to Ben E Brady

Mod

to Ben E Brady

I'm very glad Mr. Brady that you decided to participate in this discussion. I and others in this thread have mentioned that we would like to see a happy conclusion to this situation and I'm sure participation of you and Mr. Gibson will bring you one step closer to that conclusion. So as the host of this Security forum let me welcome you here.

I agree that there are certain costs to any modifications to a software however most software in the market are upgraded gradually and constantly. ZLA being an example of this. Granted, changes are not usually drastic but they are steps toward making the software better. That by itself should be considered an investment in your product and not necessarily a cost.

I'm not saying that you should make some changes solely based on a request by one individual namely Mr. Gibson, however wouldn't you agree that any improvement to your software in the direction of educating your customers should be considered a welcomed move? Would it be possible for you to add an option such as IP resolution to your main page. This way your customers can see the domain names for the IPs. This by itself can benefit everyone including Mr. Gibson and also can bring you a few satisfied customers. After all you wouldn't be singling out GRC's IPs but you provide a tool for your clients to recognize any familiar name they may come across.

I'm sure some ways can be found that won't cost you as much and at the same time improve your software. After all in the long run your clients will not listen to me or 2kmaro or Mr Gibson and not even you. They will choose a software that serves them better.

Again thank you for your participation and we look forward to your further suggestions.

wheelert$93
T L C

join:2000-06-01
Lynden, ON

wheelert$93 to Ben E Brady

to Ben E Brady
said by Ben E Brady:
Those of you that have postulated that you could do it in a half hour in VB6 obviously do not know what the software development process actually entails. Anyone can whack out code and claim that it works, I test my code thoroughly to make sure that it does.
Before making comments about others, I would make darn sure I knew what I was talking about. The knowledge base on this site could probably rival that of any large software corporation.
said by Ben E Brady:
The modification would only be there for the benefit and edification of one person. Steve Gibson, as such, I have offered to make the modifications for approximately $20,000.
Not necessarily. ANY site that provides security testing would benifit from changes to the program. If you would take time to read this entire thread, point and click reactions from a user is far too easy. With users swamping ISPs with bogus 'attack claims', they're creating an atmosphere where ALL probe complaints will soon be ignored.
said by Ben E Brady:
I have offered him more than one reasonable solution to his problem.
Let's hear 'em.
said by Ben E Brady:
Mr. Gibson is being totally unrealistic with regard to the solution to his problem. This is most assuredly a user education problem and not a problem with my software.
Actually, a little of both. You COULD educate your users as they use your product. To put it out there and then say it's a 'user problem' does nothing to fix the current problem. And it just isn't Steve Gibson. It's ANY security site that does security testing.
said by Ben E Brady:
It is very clear from statements on the Shields Up web site that Mr. Gibson is creating a technology that could EASILY be used to do very nefarious, and difficult to detect, intrusions to millions of computers. I am not saying that he would, I am saying that he COULD. What protection would people have if they had no way of analyzing the security data created by their firewall logs in order to determine the threat level to their computing resources?
Off topic.. That really isn't the issue here. What IS an issue is the way these programs report those attempts.
said by Ben E Brady:
I, in no way, profess to be an expert with regard to any particular subject. I have not seen any particular evidence of Mr. Gibson's expertise in terms of certifications. What I have seen is pages and pages of Mr. Gibson's web site that are full of self-promotion and ego.

I am a Microsoft Certified Professional in Windows NT, a Certified Clarion Developer, a former Novell CNE and I am currently studying for my certification as a Network Protocol Analyst. I do these things to show my customers, current and potential, that I am serious about providing quality software, and sound advice, when it comes to offering solutions to their business computing problems.
And what we just saw here wasn't self-promotion and ego?

It seems to me we have two individuals here who are so set in their ways, they can't see the forest for the trees. There are valid points in both camps, but it isn't helping anyone.

I for one would be mortified if I released a software product that was resulting in a lot of 'false reports', and I'd be sure to be making changes to future versions that took steps to correct this issue.

This whole issue should have remained private and been worked out 'behind the scenes'.

JYoung
G L 2814
join:2000-06-13
Sherman Oaks, CA

JYoung to Wildcatboy

Member

to Wildcatboy
said by Wildcatboy:

....? Would it be possible for you to add an option such as IP resolution to your main page. This way your customers can see the domain names for the IPs. This by itself can benefit everyone including Mr. Gibson and also can bring you a few satisfied customers. After all you wouldn't be singling out GRC's IPs but you provide a tool for your clients to recognize any familiar name they may come across.......

Agreed... Since Mr. Brady's product tries to automate the process of reporting "attacks", not having any kind of reverse DNS lookup of the offending IP would appear to be a significant oversight, especially since it already appears to retrieve the ISP's abuse Email address.

bradleyd
I can't spel
Premium Member
join:2000-10-15
Up yours!

bradleyd to wheelert$93

Premium Member

to wheelert$93
said by wheelert:

This whole issue should have remained private and been worked out 'behind the scenes'.

I have to agree with that statement.

kingsbard
join:2000-11-28
Orlando, FL

kingsbard to Ben E Brady

Member

to Ben E Brady
"So ... ALL I'm asking Ben to do is to pop-up a little dialog and ask the user if they INTEND to complain about the ShieldsUP Internet security testing facility. It's using automation the way it should be used."

I can't see how this is an unacceptable request. Based on what I have seen here and on the GRC board and in Usenet and Ben having clear knowledge of Steve's site and others like it, a simple pop up suggested above should have been implemented from the start. There are alot of people out there new to the internet and even newer to the need for security, if I were new and I saw Intruder and Victim, my first thought would be, Oh shit and my second would be to fire off the auto e-mail. However, if a lil ol pop up box came up prompting me what to do and I saw GRC or something of that sort, you'd know it was steves site and a service you subscribed to and could ignore it. Or maybe make the pop up say something like so and so yada yada yada what would you like to do? Report? or "Accept and don't ask me again." giving the user more "educated control" over what what goes on.
////
Now, someone mentioned Steve should contact his attorney. I had my father in law, who is an attorney dealing in both Civil and Federal cases, go over the press release posted here and the only person paying anyone any money at all would be Ben.
Slander
Defamation of Character
Extortion (sp) (This is the big one here)
Liabel
And one other I can't remember off the top of my head because it was too much for me to take in at once to be honest. The only thing Ben's attorney would say is "Ben...I suggest you try and settle out of court."
///
I may be off base on the first section of this post as I am not a programmer and don't know what goes into it all but my father in law said anything over 800 dollars for the requested changes is "absurd".
///
Yeah, I know lotsa people are going to disagree with me and maybe gimme a few flames but that's okay. Those who know me know I don't post unless I am damned sure about something because otherwise it becomes a very embarassing situation and you run the risk of losing friends as well. I can handle embarassment...I can't however handle losing the friends and family I have made here. Laters.

Kings Bard
pchelp7
join:2001-03-05
Manson, WA

pchelp7 to JYoung

Member

to JYoung
said by JYoung:
Since Mr. Brady's product tries to automate the process of reporting "attacks", not having any kind of reverse DNS lookup of the offending IP would appear to be a significant oversight, especially since it already appears to retrieve the ISP's abuse Email address.
Seconded.

Reverse DNS lookups can produce bogus and forged names. The process should include a forward lookup of the name, and notification if the name is false or non-valid.

Also, a valid-but-deceptive name is a possibility. If the bad guy has his own DNS server the possibilities are endless. F'rinstance: shieldsup.grc.flibbet.com might serve to deflect a valid report.

Some means of configuring the thing to recognize normally-friendly (or known hostile for that matter) IPs/ranges still makes sense.

pchelp

pgm18
Fishing Forever
Premium Member
join:2001-01-19
Destin, FL

pgm18 to Ben E Brady

Premium Member

to Ben E Brady
Hello,
WHEN CAN I FILL OUT AN APPLICATION. At a buck an a half an hour I would take care of everything. All you have to do is sit back and spend the money. I dont care what this threads about. Just pay me and I'll handle it!! Isn't this what business is about! Anyone out there in mngm. knows what I'm talking about. I'm surprised that Ben has not blamed this whole situation on some mng. in his co. And now to keep face has to respond reluctantly on his own! Whining wealthy people dont hit home with me! The only reason I see responses from these people is to protect their income. Who cares!! 10 years from now there will be another Steve and another Ben! And another whining problem! So let there be light. Thanks

PK39
Premium Member
join:2000-11-14
Center Line, MI

PK39 to Ben E Brady

Premium Member

to Ben E Brady
Having followed this thread from its near inception, I can't sit on my hands anymore.
said by Ben E. Brady:

He has also been successful in 'convincing' the creator of ZoneLog Analyzer in completely filtering his IP addresses from the ZoneAlarm attack logs when they are processed by his package.
I don't think this is true. I can still do the shields up test and the port test at the grc site and I am still able to get a source and host name to an incoming probe. This clearly states that it is coming from shieldsup.grc.com. I just came from there and did just that. It sounded to me in this thread that the first contact with either (GRC & zonelog.co) was today. I don't see any filter, or am I missing something?

I think this thread has been very informative from the onset. Although, the propaganda that initiated it might have been a bit hasty. I am certainly glad that the opposing viewpoints were brought to light.

I think the education of users is the best solution. I don't see where one party of this is exempt from that. It should be a collaboration of both parties. I also think a less "predatory" word association would be in order.
BlitzenZeus
Burnt Out Cynic
Premium Member
join:2000-01-13

BlitzenZeus to Ben E Brady

Premium Member

to Ben E Brady

A reply to Mr. Brady

Mr. Brady

I have done programming, and some features like 'do you want to report sheildsup.grc.com in a popup windows wouldn't be that hard to add into your program Mr. Brady, as a service to your customers, and to the isp's who have to wade through tons of complaints that have no merit for even being sent out as an attack.

The task of adding a list of ip's for whatever task in your program would effect would be a task since you have choosen to have your program run from 3 different independant programs. I might be something that you would like to add since if people use your service on a lan networks.

What it all comes down to is, in your next releases of your product just add a prompt if they want to report the site that scanned them. If not allow them to simply report from the logs so they are not bothered every time they are scanned, or an inbound from a newly installed program comes in. They could pick the ones they want to report from their logs also since they just might report their friend who they were just playing a online game with they shutdown first.... Did you think about that instance?

Its your time, its your customers. Please don't make abuse reports of this nature become the first ones to hit the bit bin.

OzarkMan$
join:2000-12-22
Ozark Mtns.

OzarkMan$ to PK39

Member

to PK39

Re: Steve Gibson - All Bent out of Shape??

PK....you may or may not be aware...but Matt just the other day released the Current beta version
V0.45 (04-03-01), expires 1st April 2001
I'm thinking that will be in the next Soon to be released version...maybe

BTW Justin Sir ....when will we be expecting those NEW servers that will probably be needed when Mr. Gibson sends e-mail to his half a million users, detailing some of what has been discussed. Surely somewhere in all of his comments to his users, one of the best sites on the Internet will be mentioned.

Also...as was mentioned earlier by a member...thanks to all that keep this place going....Moderators,Hosts, Sir Justin AND the Members and the New members Mr. Gibson and Mr. Brady that will visit from time to time hopefully !

Be Secure AND Paranoid

OZ

[text was edited by author 2001-03-05 18:44:43]

PK39
Premium Member
join:2000-11-14
Center Line, MI

PK39

Premium Member

said by OzarkMan:
PK....you may or may not be aware...but Matt just the other day released the Current beta version
V0.45 (04-03-01), expires 1st April 2001
I'm thinking that will be in the next Soon to be released version...maybe
May be aware. Thanks for the heads up. But, I'd have to have the new version installed and running at this point. All the other versions will no longer work. That is one thing I make certain of, updates. I like to keep abreast of them. I do a lot of reading here in the Security forum. And protect myself as best as I know how.

RayJ9
join:2000-08-01
San Antonio, TX

RayJ9 to kingsbard

Member

to kingsbard
said by kingsbard:

I can't see how this is an unacceptable request. Based on what I have seen here and on the GRC board and in Usenet and Ben having clear knowledge of Steve's site and others like it, a simple pop up suggested above should have been implemented from the start. There are alot of people out there new to the internet and even newer to the need for security, if I were new and I saw Intruder and Victim, my first thought would be, Oh shit and my second would be to fire off the auto e-mail. However, if a lil ol pop up box came up prompting me what to do and I saw GRC or something of that sort, you'd know it was steves site and a service you subscribed to and could ignore it. Or maybe make the pop up say something like so and so yada yada yada what would you like to do? Report? or "Accept and don't ask me again." giving the user more "educated control" over what what goes on.

IMO, you have hit the proverbial nail on the head. Firewalls and their use are still new to many people. They (wrongly) assume that every, or at least a majority of, the alerts are actual attacks.

When any program feeds this panic by not trying to at least present the possibility that the user was not under attack, that program needs to be modified.

There are more than enough people out there attempting to take advantage of the FUD in order to promote a product. What we need are more who are helping to educate users on the real issues.

Ray