Category: General
October 2nd, 2008
FOWA 2009: Interview with Mozilla UX chief; what's next for the web?
Shortly after having a door slam in my face and it nearly breaking my nose, I sat down with Aza Raskin, the head of user experiences at Mozilla Labs to not just discuss where Mozilla is heading in the near future but what he sees in the next-generation World Wide Web.
This interview was done over a cup of coffee in a bustling room. Everything said here is from Raskin himself, with notes taken by myself and paraphrased on occasion to make it readable.
The views from the UX guy
As the head of user experiences at Mozilla Labs, he looks at future-proofing Mozilla as an organisation, and as a result focuses mainly on the web. He assists and helps out on other non-Firefox projects but does spend the most portion of time on the browser. Even though he and his team are separate from the Firefox development team, he has a large sway of input. On the other hand, some bits he suggests go in and some do not.
Firefox 3.6 will be the next release of Mozilla’s open-source browser and will be specifically designed to have Windows users in mind. The new user interface will incorporate many of the technologies that Vista and Windows 7 have such as the Aero theme; more so with Windows 7 though as multi-touch features will be included in the browsers functionality.
The future of the web is difficult to guess or estimate in any capacity. Nevertheless, everyone desires an open web. Microsoft, Apple, and Google with their respective browsers are all aiming for the sole majority share of the marketshare. Raskin assures me that this is not Mozilla’s aim. As a not-for-profit organisation, they benefit from having a wide range of users but on the most part the userbase is the size it is through personal, hands-on experience and “Word of Mouth 2.0″. The aim is not to get 100% of the marketshare, but enough to get the shift and the space to create.
Something Raskin mentioned in the “open web” were things such as Flash and Silverlight - technologies which are plug-ins but don’t allow you to view the source. In his opinion it is important that everything you see, view and use should provide the code alongside it. Having non-view source so you don’t know what is going on is not an “open web”. There will of course be exceptions to this, but I’m sure you understand what he means.
I asked why Firefox 3.5 had slowed down, become more sluggish and more lethargic in quality and usage from personal experience. On a slight digression…
As a journalist and the son of a psychologist I have a combined set of skills, albeit not qualified, to allow me to effectively and accurately pinpoint the personality traits and pitfalls of one’s character. In this case, I see Raskin as an honest man who cares for his work, who knows he is held accountable by the end-user but also a man who takes responsibility. Alongside that, I got the impression of subtle frustration with himself, perhaps, as a highly intelligent man unlike anything I have seen before, in that his perception of the world is different to that of the average person; seeing the world in numbers and what cannot be seen by most.
So throw the psychological element in this and I believed him whole-heartedly when he said it was predominantly Adobe Flash which slowed things down. More often than not, websites hold Flash advertising which is why when you open a selection of ten random tabs, the collective memory going towards running these advertisements cause Firefox’s memory footprint to rocket. I believed him; it made perfect sense.
He told me that Firefox 3.5 was introduced to make things better. With different technologies incorporating a more user-centric set of experiences such GeoLocation, Private Browsing and SeaMonkey, these were base-level features to make the end-user more client (rather than cloud) based and provide an overall enhanced experience; not only on their own volition but to keep up with other competing browsers.
Google and Microsoft have huge research departments with thousands of people working towards making their browsers accessible but also house the potential for a wealth of features for future releases. Mozilla has “tens” of people, but as Firefox is open source, anyone from academics, students, universities, developers and ordinary consumers make the research process so much more democratic. This is what drove him to work on Mozilla Ubiquity.
Along with this and their “personas”, the customisable themes which you can see in the first image above, the browser should be yours and not be the company developing the browser to determine what it should look like. People love personalisation through their sites, bookmarks and add-ons, which is another reason as to why Firefox has done so well.
October 12th, 2006
So what about user education on security?
CNET's Joris Evers writes about one security expert who says education users on computer security in the enterprise setting is "pointless". Doctoral candidate Stefan Gorling, speaking at the Virus Bulletin Conference, said:
"I don't believe user education will solve problems with security because security will always be a secondary goal for users," Gorling said. "In order for security to work, it must be embedded in the process. It must be designed so that it does not conflict with the users' primary goal.
It can't work if it interferes."
Some of attendees agreed while others vehemently disagreed.
The trick is to know what you're talking about and to bring the information in a format people understand, said Peter Cooper, a support and education specialist at Sophos, a security company based in England.
"It is a long process, but if we admit defeat now we're just going to go to hell in a handbasket," Cooper said. "Education in every area works."
I agree with Cooper. I understand trying to educate some users is like talking to the wall, but that does not mean we shouldn't try. I do know, from working with home users on my SpywareWarrior forum, where volunteers help users get free of malware, that some will probably never change their online behaviors, even when confronted with proof that their online carelessness is what got them infected. We had one user whose ID had been stolen by a keylogger and password-stealing trojan, and his bank account had been wiped out. When told that he needed to update his Windows to Service Pack 2 and avoid file sharing, he insisted that he wouldn't change. Eventually we scared him into updating to SP 2, installing a bi-directional firewall, and scanning any downloaded files for malware before opening them. Getting him to update to SP 2 took about 2 months and literally scores of posts, but finally he did it.
There are some interesting points of view in the talkbacks to Evers' article, but the first commenter got it right.
EVERYONE, and I do mean EVERYONE, should be worrying about security. While at large corporations security is the primary concern of IT all users should be educated about it and be concerned about it.
At my forum, when we have repeat users, coming back for help a second or third time, I feel that we failed to properly educate them. It becomes frustrating at times, but we must keep working at educating users. To not do so is pure foolishness and inexcusable in my opinion.
September 18th, 2006
Should anti-spyware programs remove cookies?
Spyware expert Ben Edelman has written a great piece on anti-spyware programs and cookies. He tested eleven different anti-spyware programs against cookies from 50 advertising systems and posted detailed results including which anti-spyware programs detected which cookies and which programs detected the most cookies.
At the extreme ends of the scale, there are a few programs that don't detect cookies at all, including Microsoft's Windows Defender. PC Tools' Spyware Doctor is at the top of the list with the most cookies detected in Edelman's tests.
Why the fuss about cookies anyway? Some people insist that cookies are spyware. Walt Mossberg is one of those people. Advertisers are concerned because they say cookies are essential and necessary for online enterprise and that cookie rejection and deletion is harmful to the advertising industry and affects the bottom line. Some have accused anti-spyware vendors of fear-mongering to increase sales by labeling cookies as spyware. But when one anti-spyware vendor made cookie detection off by default, many users protested loudly.
My opinion is cookies are not spyware. They are simply small text files with no active code. But I do agree that third party cookies can be a privacy concern. I do not use anti-spyware programs to scan for and delete cookies. If the option is available to turn off cookie detection, I turn it off. But I do control cookies and delete the cookies that I see as having no value for me. I've tried several cookie management apps, and found WinPatrol to be the most convenient for my purposes.
I'd like to know readers' thoughts on cookies. Do you think cookies are spyware? Do you delete cookies, and if so, how do you manage them? Why do you delete them? If not, why not? Do you think anti-spyware programs should detect and remove cookies by default, or should it be optional, or not even part of the program?
September 6th, 2006
FTC settles with Enternet Media for $2 million
The Federal Trade Commission announced their settlement with Enternet Media for $2 million for putting spyware on users’ computers.
Under a stipulated final judgment and order, the defendants are permanently prohibited from interfering with a consumer’s computer use, including but not limited to distributing software code that tracks consumers’ Internet activity or collects other personal information, changes their preferred homepage or other browser settings, ‘Defendants also are permanently prohibited from making misleading representations.’ inserts new advertising toolbars or other frames onto their browsers, installs dialer programs, inserts advertising hyperlinks into third-party Web pages, or installs other advertising software code, file, or content on consumers’ computers.
The defendants also are permanently prohibited from making misleading representations regarding the performance, benefits, features, cost, or nature or effect of any type of software code, file, or content, including misrepresenting that the code is an Internet browser upgrade or other computer security software, music, song, lyric, or cell phone ring tone.
The order names Enternet Media Inc., Conspy & Co. Inc., Lida Rohbani, Nima Hakimi, and Baback (Babak) Hakimi, all based in California, whose software codes were “Search Miracle,” “Miracle Search,” “EM Toolbar,” “EliteBar,” and “Elite Toolbar.”
According to the FTC’s complaint, the Web sites of the defendants and their affiliates caused “installation boxes” to pop up on consumers’ computer screens. In one variation of the scheme, the boxes offered a variety of “freeware,” including music files, cell phone ring tones, photographs, wallpaper, and song lyrics. In another, the boxes warned that consumers’ Internet browsers were defective, and offered free browser upgrades or security patches. Consumers who downloaded the supposed freeware or security upgrades did not receive what they were promised; instead, their computers were infected with spyware that interferes with the functioning of the computer and is difficult for consumers to uninstall or remove.
The agency’s complaint also alleges that the defendants’ software code tracks consumers’ Internet activity, changes their home page settings, inserts new toolbars onto their browsers, inserts a large side “frame”or “window” onto browser windows that in turn displays ads, and displays pop-up ads, even when consumers’ Internet browsers are not activated.
The complaint against Enternet Media was filed last November. Case documents can be found here on the FTC website.
A description of Enternet Media’s Elitebar, also known as Elite toolbar, is here on Symantec’s site.
July 6th, 2006
Second lawsuit over WGA and Microsoft pulling WGA
From CNET’s News.com:
Microsoft has been named in a second lawsuit over its antipiracy Windows Genuine Advantage program, which plaintiffs allege acts as "spyware" on their systems.
This time a lawsuit was filed by several companies as a class action in US District Court in Seattle. Full details here. Microsoft says both lawsuits have no merit and ZDNet blogger David Berlind agrees.
Meanwhile there are a few reports that Microsoft is dropping WGA completely.
June 28th, 2006
User suing Microsoft over WGA notification, calling it spyware
From the Seattle PI:
A computer user is suing Microsoft Corp. over the company’s Windows Genuine Advantage anti-piracy tool, alleging that it violates laws against spyware.
The suit by Los Angeles resident Brian Johnson, filed this week in U.S. District Court in Seattle, seeks class-action status for claims that Microsoft didn’t adequately disclose details of the tool when it was delivered to PC users through the company’s Automatic Update system.
A Microsoft spokesman says the lawsuit is "baseless" and denies that the Windows Genuine Advantage tool is spyware. Microsoft published instructions yesterday for disabling and removing WGA notification. Apparently they are having second thoughts about it. Windows IT Pro quotes a Microsoft statement saying "Our customers have told us that they were disappointed with their WGA Notifications experience, and we have made an effort to improve that with this update," referring to an change on June 27 to WGA so it longer sends information to Microsoft on each computer boot up.
The attorney representing Johnson, Scott Kamber of Kamber & Associates LLC in New York, also was co-counsel for consumers in the lawsuit about the Sony DRM rootkit.
"The statute says that people have a right to know what’s on their computer," Kamber said. "We’re at a point in time right now where people’s rights on their own computers and technology are really at issue."
Spyware expert and attorney Ben Edelman is quoted - "The disclosure was slim to none, and it certainly isn’t what we’re looking for as a matter of public policy from a distinguished company like Microsoft."
I couldn’t agree more. I still have the WGA notification disabled as described in my blog here.
June 22nd, 2006
Spyware popping porn in all the wrong places
Ben Edelman has another revealing write up — this time on ad networks, spyware and porn pop-ups and these are not happening on adult oriented sites. It’s happening on sites where sexually-explicit content would not be anticipated. Ben explains in detail, including packet logs, video and screenshots, the chain of events demonstrating how spyware is generating unrequested, unexpected sexually-explicit pop-up ads on normal sites that you and I might visit.
Spyware/adware from Direct Revenue, ZenoTecnico, Deskwizz/SearchingBooth, Z-Quest, Look2Me, (aka Ad-w-a-r-e) interacted with several ad networks including MyGeek, Zedo (San Francisco company with the well known Esther Dyson on its advisory board), Falk AG/DoubleClick, YieldManager and others. Ben explains why, besides being annoying or downright offensive, this spyware/ad network behavior is troubling. There’s clickfraud involved, illegal domain typosquatting used to mislead web users, and sexually-explicit content likely to be shown to minors on normal sites. Ben states:
The four examples shown above are just a tiny portion of the problem of sexually-explicit images shown to users who didn’t request such materials. I have numerous additional examples on file. In one example on file, spyware on my test PC identifies the name of a fashion designer on a well-known retailer’s site, then uses that word as a trigger for an ad, ultimately showing an ad that is sexually-explicit. In another example, spyware on my test PC observes me browsing the children’s section of an online shoe store, a page mentioning "girls" in its title. The spyware then serves me a full-screen sexually-explicit pop-up. Notably, the pop-up was obtained via click fraud against a major pay-per-click search engine.
Ben’s write up is highly recommended reading. The ad networks mentioned should pay particular attention since the Direct Marketing Association just released best practices online advertising networks and affiliate marketing (PDF). And don’t miss the video, which shows 180solutions popping up full page ads and sexually-explicit full page pop-ups from Direct Revenue/Best Offers. The sexually-explicit ad in the video has been edited, but still may not be appropriate for viewing in some settings.
June 23 — correction: I was incorrect in stating that Ben’s current write up includes domain typosquatting involving the parties he wrote about. Ben links to a previous write up on illegal domain typesquatting, also recommended reading, here.
June 21st, 2006
How to disable WGA notification
Microsoft’s Windows Genuine Advantage (WGA) anti-piracy tool has angered a lot of people and rightfully so in my opinion. Fellow ZDNet bloggers have explained the details of the software along their concerns. Ed Bott wrote Microsoft presses the Stupid button and lists the stupid mistakes, starting with "it should never have been included with Critical Updates". I agree with that and all his points.
I don’t have a problem with Microsoft checking to see if the OS is legal — once. But why over and over?
David Berlind asked Does Microsoft’s new WGA disclosure fall short?. The answer to that question is a resounding Y.E.S. Berlind also is concerned, along with many others, that users are "becoming Microsoft’s guinea pigs" because the software is in a pre-release test stage. He devotes an entire blog post to the subject. He also posted a most informative image gallery of the WGA installation process.
The other huge concern with WGA is that it phones home daily, or each time you boot up the machine. In fact, some, including Lauren Weinstein, have gone so far as to question if it is spyware. Weinstein got a response from Microsoft on that one, which is posted here. It was never entirely clear to me exactly what information was being sent back to Microsoft. Microsoft responded saying
June 20th, 2006
Microsoft's predatory pricing of security software
SunbeltBLOG has posted an analysis of Microsoft’s pricing for their new security products, OneCare and Antigen, calling Microsoft on predatory pricing aimed at putting the rest of the security vendors out of business. Even though Sunbelt Software is in the security business, too, I don’t think this is sour grapes. Others have written similar pieces, but SunbeltBLOG breaks down the numbers.
No one should feel "abused" by the big AV companies because there are free alternatives.
OneCare is aimed at home users and small businesses, combining firewall, anti-virus, anti-spyware and some utilities for disk and file management. OneCare is going for $49.95 for up to 3 machines and a one year subscription. I saw some sales for OneCare at $14.95 this weekend. Antigen, acquired from Sybari last year, is an enterprise application for email, SMTP, and Exchange server protection from spam and viruses. Forefront is also in the wings, not released yet, called a "family of business security products" that includes anti-virus, anti-spyware and more, see description here. I saw a demo of Forefront running on a client machine at Tech Ed, and while it looks nice I wasn’t so impressed that it uses the same definitions as Windows Defender for adware/grayware (they did not call it spyware), and the same definitions as the Malicious Software Removal Tool for viruses, worms and trojans.
SunbeltBLOG compares the numbers, pricing for the Microsoft products to comparable products from Symantec, Trend Micro and McAfee, showing how Microsoft is undercutting
June 19th, 2006
Spyware news
My apologies for the lack of blogging recently. Here are a few good places to keep up with the spyware news, sites that I read on a daily basis, SunbeltBLOG, Vitalsecurity, SecurityFix, Ben Edelman and others listed in my blogroll on this page.
Last week I was at Tech Ed in Boston, courtesy of Sunbelt Software, who gave away a $25,000 entertainment center and I even missed seeing who won, darn it. I went to many of the breakout sessions and presentations on security, but my favorites were the two presentations by Mark Russinovich on detecting cleaning malware using the free software tools from his site SysInternals.com. If you’re not familiar with SysInternals, you might remember Mark Russinovich as the guy who broke the Sony DRM rootkit story last fall. I use several apps from SysInternals for malware research and couldn’t live without them but my favorite is Process Explorer.
At any rate, I’ll be back on track with blogging. I had a run in with Hotbar to write about and an encounter with Zango as well this weekend. Remember, Zango plus Hotbar equals Zangobar according to Paperghost, but I’ll tell you both Zango and Hotbar leave a bad taste in my mouth.
June 6th, 2006
Follow up on Circuit City's hacked forum
Last week I blogged about the hacking of Circuit City’s customer support forum. They’ve now patched the security hole that allowed the forum to be hacked with iframes leading to sites downloading the Galapoper trojan, used to send spam. I mentioned the sites in the iframe links used to distribute the trojan, as written up at SANS. In the follow up article by Brian Krebs, he quotes Eric Sites from Sunbelt Software on thegroup behind these attacks:
Eric Sites, vice president of research and development for Sunbelt Software, an anti-spyware company based in Clearwater, Fla., said the attack appears to have originated at a Russian Web site, which is believed to be part of a larger online organized-crime ring that operates out of Eastern Europe. The ring, he said, traffics in spam, fake anti-spyware programs, and invasive applications designed to steal passwords and bank account information from computers.
"Most of these guys are just trying to make a buck any way possible and don’t care how they do it," he said.
Sites’ company, which has been tracking the crime ring’s work for more than a year, believes it has used viruses to steal sensitive account information from tens of thousands of people around the globe.
This crime ring needs to be stopped.
June 6th, 2006
My computer is in serious danger...
I recently did an online scan at the site of a major antivirus vendor. Now I’ve gotten two emails like this:
Advertisement
Dear Valued Customer:
Thank You for using Active Scan.
During the process of scanning your computer, we discovered:
0 viruses found
0 files infected
This means your computer is in serious danger. You are running a risk of losing vital information or infecting other computers to which you connect. However, if you act quickly, these problems can be avoided.
To prevent these kind of risks (vendor’s name removed) offers a solution that eliminates all threats that could affect your PC.
Umm… I don’t think so.
May 30th, 2006
Spyware pushers tricks of the trade or how to trash a machine with one bundle of spyware
I often hear questions asked about why do spyware pushers trash machines with their large bundles of garbage-ware and how do they do it. Last year I wrote about Spyware Tricks, including the money trail. Nearly all of the top 10 spyware tricks of 2005 involved affiliate’s distributing spyware through illegal means without notice or consent through channels like BitTorrent, Windows Media files, AIM and IRC. We’ve recently seen more cases spyware and adware pushed through botnets — read VitalSecurity’s write up here. The answer to why? is simple. It’s always about M O N E Y.
A few days ago I blogged at SpywareWarrior about two affiliate programs that are pushing adware and spyware in large bundles, typically through exploits at unsavory sites. They are GimmyCash! and DollarRevenue. Note that GimmyCash pays well:
$0.40 per United States & Canadian install!
$0.20 in 16 other countries! United Kingdom, France, Germany, Netherlands, Ireland, Austria, Belgium, Denmark, Spain, Sweden, Switzerland, Finland, Gibraltar, Greece, Norway, Italy & $0.02 Rest of the world.
DollarRevenue isn’t far behind.
USA $ 0,30
Canada $0,20
United Kingdom $ 0,10
China $ 0,01
Other countries $ 0,02
Here’s what makes these programs particularly attractive to rogue affiliates. GimmyCash! says:
You can choose to promote GimmyCash by:
Software bundles -> combine your software with Gimmy.
Advertising our free GimmyGames concept into your site.
Advertising our free GimmySmileys concept into your site.
DollarRevenue says:
1) ActiveX This solution works well for webmasters with a content website. Once you have added our code to your page(s), an ActiveX window will pop up and prompt the surfer with the choice of installing our software. If the surfer clicks "Yes", the software will be installed and that’s how you get paid. So guess what? Since these affiliates can bundle GimmyCash and DollarRevenue with other software, they go whole hog plus the postage and make huge bundles that include downloaders for other goodies like Webhancer, Newdotnet, SurfSideKick, Command Service, Look2Me, Virtumonde, sometimes a rogue anti-spyware app or two, like SpySheriff or SpyFalcon, and more. Here’s a HijackThis log from one victim of this nonsense. Affiliates are making big $$$ from these kinds of bundles that may start with one trojan downloader, such as the one used by DollarRevenue, called DrSmartload because the files are named DrSmartload.exe and variations thereof. Sophos’ description here and McAfee’s here. Of these two, DollarRevenue and GimmyCash!, DollarRevenue seems to be the worse offender by far, but the GimmyCash! people get their licks in. Files named gimmygames.exe and gimmysmileys.exe get installed with these large bundles, too, and many vendors attribute these files to DollarRevenue. It’s odd because as many times as I’ve seen the gimmy files come down in a large infestation, I’ve yet to see the actual programs installed. When installed from the GimmyCash! website, the Gimmy apps install Zango. I have a suspicion that I can’t prove, which is that the Gimmy affiliates are perhaps cheating on their program by downloading gimmy files that never install the apps. And now you know why spyware often comes in large bundle$. You can see the screenshots of GimmyCash! and DollarRevenue’s sites and read more at SpywareWarrior.
2) Software bundle (exe) You own a software application and like to keep it for free? DollarRevenue is what you need! You can easily combine your software applications with the DollarRevenue application and make money with every install.
May 14th, 2006
Warner Bros. partners with 180solutions
This news came as a shock to me. From Media Post:
AN ONLINE COMPANY THAT HAS been asked to clean up its act, is now using a soap - and other programming - to market controversial adware software to consumers. 180solutions has quietly begun offering streams of two Warner Bros shows - the soap opera "Deception" and animated series "Medical Island" - created specifically for the Web.
180solutions is no stranger to "deception", however, having had a complaint filed against them less than four months ago by the CDT (Center for Democracy & Technology) for deceptive and unethical business practices, among other things. The Media Post article says Warner Bros. and 180 have been working together for nearly a year but the relationship had been kept "under wraps". The "Deception" episodes are available for download on 180’s Zango site and other partner sites, along with some freebie adware that will put pop-ups on user’s machines based on their web browsing. Thanks, but no thanks. What could Warner Bros. be thinking to partner with 180 and its bad reputation? I don’t know, but it certainly does nothing to elevate my view of Warner Bros.
April 27th, 2006
Crime on the internet
Does the press exaggerate the dangers of the internet? Here is one take that’s definitely worth the click. Be sure to have your speakers turned on.
"The world was a safer place before t’internet." Click here.
April 24th, 2006
RIAA and DMCA madness
The RIAA has struck again, this time suing a family that has no computer and no internet connection. The federal lawsuit was filed in Rome, Georgia against a family in Rockmart, GA. The RIAA charges that the Walls family infringed on copyrighted recordings by file sharing on the internet. When told of the lawsuit, James Walls said he was unaware of the lawsuit since he had not been served yet – he asked, "How can they sue us if we don’t even have a computer?"
Indeed. You can read the report here at KNAC.com, via Techdirt. The Techdirt article says the family did own a computer for about 2 months but it was over a year ago. Carma Walls admits to downloading a some songs. Apparently the RIAA lawsuit alleges the Walls continue to use file sharing applications, but how they manage to do that without a computer is beyond me. I’m no fan of file sharing, never used it, but I detest the RIAA’s heavy handed tactics. I’m hoping the RIAA will be their own undoing someday.
In other news, the Inquirer and CNET are reporting that a proposed law would make just *knowing how* to bypass copy protection illegal. The proposed legislation is endorsed by the RIAA, among others. I guess that should come as no surprise. Declan McCullagh’s write up at CNET has a good breakdown of the proposed legislation. Excerpt:
The 24-page bill is a far-reaching medley of different proposals cobbled together. One would, for instance, create a new federal crime of just trying to commit copyright infringement. Such willful attempts at piracy, even if they fail, could be punished by up to 10 years in prison.
Does that mean if I download a song from iTunes, burn it to a CD, then rip the CD to my computer as a WMA or MP3 file so I can load it on my Creative MP3 player I might go to prison for 10 years? Oh, wait. I don’t have to actually do it, just attempt to do it. Sheesh. How about if I just think about doing it? Can the RIAA and DMCA regulate my thoughts, too?
I think this legislation is leading down a treacherous road, and the folks at the Electronic Frontier Foundation (EFF) seem to think so, too. You might have heard about the dog that had his chain shortened one link at the time, every few days, until his chain was so short he could barely move. The dog never resisted because he was conditioned to the loss of his freedom slowly over a period of time. Are we in this country becoming like the dog?
April 3rd, 2006
Anti-Spyware Coalitition announces workshop
The Anti-Spyware Coalition (ASC) announced its second workshop today, to be held in Ottawa on May 16. Panel topics include Where Does Spyware Come From?, Harms, Shades of Gray — Can Self-Regulatory Efforts Help Bring Clarity to Advertisers, Consumers, Software Makers and Anti-Spyware Companies?, Public and Private Cooperation, Legislative Solutions, and Increasing Consumer and Enterprise Awareness, all very pertinent to the state of the spyware problem today. Speakers include names well known in the anti-spyware arena and representatives of various companies and agencies. I see two Canadians and some folks from Australia on the list. I’d love to attend this event, but unfortunately won’t be able to make it.
The Anti-Spyware Coalition also released two new documents aimed at helping consumers and corporations protect themselves from spyware and adware. The documents can be downloaded here. Both contain excellent basic information that every user and organization should know and follow.
March 31st, 2006
Criminal charges filed against spyware company Enternet Media
I just found this piece at LAVoice.org — the office of LA City Attorney, Rocky Delgadillo, has filed criminal charges against three officers of Enternet Media for distributing spyware to 18 million computers!
It is the first criminal spyware case filed in the state of California. The charges include conspiracy, 24 violations of unauthorized access to computers and four counts of false advertising. If found guilty, the penalties could include up to 25 years in prison and fines of up to $170,000.
The defendants, Lida Rohbani Hakimi, Nima Hakimi and Baback Hakimi, are charged with running companies that created spyware programs such as toolbars and fictitious “security programs,” that would insinuate themselves into a computer during the download of seemingly innocuous software, like music files. The toolbars would then track users’ Internet activity and transmit data back to Enternet.
The FTC shut down Enternet Media in November 2005 for spreading spyware by unfair and deceptive practices. I’m looking for more information on the LA City Attorney’s case and will post again when I have details.
March 31st, 2006
180solutions on the move, literally
Wayne Porter, blogging at ReveNews, is reporting on speculation that 180solutions, the infamous adware company that’s been under fire by the CDT (Center for Democracy and Technololgy) and anti-spyware groups for at least 2 years, has been cleaning house, as in moving out of their offices in Bellevue, Washington.
Wayne writes:
I just received an e-mail heads up from Pesach Lattin that 180 Solutions, the company I always loved to report on, was "cleaning house". By cleaning house I do believe that Pesach meant shutting down- we will see if this is true.
The article at Adotas says:
ADOTAS has learned that adware company 180Solutions has cleaned out its Bellevue, MA headquarters and a source close to the company tells us its other offices are to follow. The company, which as of late has lost clients like AzoogleAds and has been under fire with a formal complaint by the Center for Democracy and Technology (CDT), has, according to the source, left their offices completely empty save a maid service which the company apparently hired to “clean up their act”.
Before you get too excited, read on where an unnamed 180 executive says this might be “just a clever guerilla PR tactic”.
April Fools? Darn!
Another ReveNews blogger, Jimmy Daniels, posted an interview with a former 180 employee. The ex-employee gives some fascinating insight into the company and what it was like to work there.
SponsoredWhite Papers, Webcasts, and Downloads
- Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
- Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now
- Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now
Recent Entries
- 1083
- FOWA 2009: Interview with Mozilla UX chief; what’s next for the web?
- Zango’s continued bad practices in light of FTC’s proposed settlement terms
- Zango, the FTC, MySpace and You Tube
- Halloween sites tricking users with malware
Blogs From Our Sponsors
Top Rated
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
Archives
Favorite Links
Blogs
- a notepet
- Ben Edelman
- Bits from Bill
- Donna’s SecurityFlash
- Email Battles
- F-Secure: News from the Lab
- Mark’s Sysinternals Blog
- Microsoft MVP - Harry Waldron Security
- ReveNews Wayne Porter
- Security Fix - Brian Krebs on Computer and Internet Security
- Security Ticker
- Spam Huntress
- Spyware Hunt
- SunbeltBLOG
- Techdirt
- Technology & Marketing Law Blog
- Test Link
- The Gripe Line Weblog by Ed Foster
- Viruslist Analyst’s Diary
- VitalSecurity
Links
ZDNet Blogs
- All About Microsoft
- The Apple Core
- Between the Lines
- BriefingsDirect
- Collaboration 2.0
- Dev Connection
- Digital Cameras & Camcorders
- Ed Bott's Microsoft Report
- Emerging Tech
- Enterprise Web 2.0
- Forrester Research
- Googling Google
- GreenTech Pastures
- Hardware 2.0
- Home Theater
- iGeneration
- Irregular Enterprise
- IT Project Failures
- Laptops & Desktops
- Lawgarithms
- Linux and Open Source
- Managing L'unix
- The Mobile Gadgeteer
- On Sustainability
- Rational Rants
- The Semantic Web
- Service Oriented
- Smartphones and Cell Phones
- Social Business
- Social CRM: The Conversation
- Software & Services Safari
- Software as Services
- Storage Bits
- Team Think
- Tech Broiler
- Technology and the Global Supply Chain
- Tom Foremski: IMHO
- The ToyBox
- Virtually Speaking
- The Web Life
- ZDNet Education
- ZDNet Government
- ZDNet Healthcare
- Zero Day
White Papers, Webcasts, and Downloads
- Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now
- Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now
- VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
- Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
