[...] In a note on its website, Orca lamented at length the "outrageous" behavior of PAN, as well as posting a copy of the lawyer's letter for world-plus-dog to read. That letter claimed Orca infringed PAN's trademarks by using its name and logo in the review as well as breaching non-review clauses in the End-User License Agreement (EULA) of PAN's product.
[...] "It's outrageous that the world's largest cybersecurity vendor, its products being used by over 65,000 organizations according to its website, believes that its users aren't entitled to share any benchmark or performance comparison of its products," said Orca.
[...] Orca's boss believes a law in PAN's home state of California makes it impossible to prohibit the publishing of reviews, and also cited a case in New York where prosecutors sued McAfee, under its short-lived corporate name of Network Associates Inc, for banning reviews in its EULAs.
When asked what he thought the outcome of this latest battle would be, (Orca chief exec Avi) Shua said he hoped PAN would "simply remove these clauses from the EULA," insisting "so many people from the industry" don't support bans on reviews. He also added, in another shot across PAN's bows, that if formal legal action ensues, "it'll cost us a lot of money but it won't break Orca. I'm not going to be bullied into not doing something because someone else has deeper pockets."
Palo Alto's cease and desist letter (pdf).
(Score: 3, Informative) by Anonymous Coward on Sunday October 25 2020, @01:21PM (3 children)
A clickwrap license is not real legal document, and a click is not a signature. Courts have erred numerous times by recognizing these fake contracts.
(Score: 3, Informative) by EvilSS on Sunday October 25 2020, @09:18PM (2 children)
(Score: 0) by Anonymous Coward on Sunday October 25 2020, @11:47PM (1 child)
Tell that to my 10 year old so that installs all my software. I don't even know what an EULA is. I certainly have never seen one.
(Score: 2) by EvilSS on Monday October 26 2020, @03:57PM
(Score: 5, Insightful) by Anonymous Coward on Sunday October 25 2020, @01:27PM (5 children)
If they're so afraid of a negative review, it's pretty obvious that Palo Alto Networks security isn't up to snuff and should not be trusted in any way, shape, or form. This is aside from their reprehensible behavior - if they need that to protect their technology, it's safe to assume it's garbage, and possibly more of a threat than what it's trying to protect against.
(Score: 5, Funny) by BsAtHome on Sunday October 25 2020, @01:42PM (2 children)
PAN knows that the best security principle in software is to create a program that never ever is executed. Then no problem can become an issue, ever. To ensure this, they have embedded in the EULA a small-print clause that prohibits any and all execution of their software on any platform. Therefore, doing a comparison and publishing the result is a gross violation of the EULA.
I stand with PAN on this issue; PAN's software is never ever to be used as directed by PAN's EULA.
Problem solved :-)
(Score: 4, Funny) by bzipitidoo on Sunday October 25 2020, @04:26PM (1 child)
> never ever is executed.
The death penalty is too good for them!
(Score: 4, Funny) by Joe Desertrat on Sunday October 25 2020, @05:05PM
They should be forced to listen to a Vogon poetry reading!
(Score: 2, Informative) by Anonymous Coward on Sunday October 25 2020, @11:17PM (1 child)
Palo Alto sells bossware. It is a giant pile of spyware to surreptitiously spy on employees. The official VPN client is straight up malware. They strongly push folks to MiM TLS connections to spy on users, and brag about how they have agents that integrate into various radius servers by scraping radius logs, and things like MS AD, so they can produce reports of every URL visited by a user with the username and a timestamp. When they came to sell my work, the management were creaming their pants while the rest of us were screaming run away!
The technical evaluation results recommended against Palo Alto (its features beyond a basic firewall all require MiM, and it costs a lot for the basic features; their roaming client VPN is ipsec based, so unlikely to work just about anywhere; the list of CVEs for Palo Alto vs. competitors is also impressive [in a bad way]). But, management overruled, and we now are deploying Palo Alto, and management is claiming that they just wanted to buy the licenses for spying as part of one order for simplicity, but probably won't enable it ($500,000 in license costs, so they damn well will be spying on folks-- will be fun when someone connects a byod to a network for company owned machines [no 802.1x on wired], and discovers the spying from the invalid cert warnings).
(Score: 0) by Anonymous Coward on Monday October 26 2020, @08:30PM
They could be spying, but if they want to provide anything more than a blacklist of sites and basic allowed outbound/inbound ports and IP addresses/DNS names, then they have to do this.
Years ago, I used to be "the firewall guy" (ie the one who reviewed and approved the policies) for a large company. My opinion was "if you use company equipment on our business network, then we should have the right to make sure the traffic is inspected." This is/was my personal opinion and the law (esp in EU) doesn't often agree with this stance anymore, but it really should. For big companies, it is VERY hard to protect all your systems from the legions of well-funded and informed cyber criminals out there (for goodness sake, they have had HELPDESKS for some of the malware tool vendors for years now!!!) and you need all the tools you can get.
If you really want privacy, why don't you just use your cell phone or bring your own laptop and use a hotspot? For large companies that can have billions of dollars in assets and IP, you need a different set of rules for their internal operations networks vs the rules aimed at allowing your employees to conduct their personal business and entertaignment.
(Score: 0) by Anonymous Coward on Sunday October 25 2020, @05:13PM
It may be expensive but the publicity would make Barbara Streisand jealous.