The Spyware Weekly Newsletter is distributed every week to 20,000 subscribers and read online by hundreds of thousands of visitors. Click here to subscribe. Please read our Terms of Use for quoting guidelines.This edition of the Spyware Weekly Newsletter is archived permanently at http://www.spywareinfo.net/oct13,2005.

Wherever the term "adware" is used, it is referring to a category of software, not to any particular company or product.

The contents of this newsletter is commentary. It should not be mistaken for unbiased, objective journalism.

Permalink | Top

• Class Action Lawsuit Against Adware Company
• Spycop Antispyware and Evidence Terminator
• New.net Bins Rogue Distributor
• Hostile Toolbar Developer Writes Sunbelt
• More on Dell/Myway Issue
• The Other Side of Privacy
• Headlines

Permalink | Top

eXact Advertising has been served with a class action lawsuit in the Southern District of New York. The complaint includes a large number of charges made against the company. These charges include:

• eXact has unlawfully used and damaged the plaintiff's right to use and enjoy his personal property (his computer)
• eXact infected the plaintiff's computer with harmful and offensive spyware programs without authorization
• These harmful programs invaded the plaintiff's privacy by secretly tracking his internet use
• eXact used the information gathered about the plaintiff's internet use to bombard him with intrusive advertisements
• eXact's unwanted spyware illicitly caused the plaintiff's computer to slow down, consumed excessive internet bandwidth, monopolized computer resources, and disabled or destroyed software installed by the plaintiff.
• eXact fails to provide an uninstall utility to remove their software, or provides one which does not work properly
• Trespass to Chattels
• Deceptive Acts and Practices
• False Advertising
• Negligence
• Unjust Enrichment

The people eligible to be a member of this "class action" lawsuit are defined as "All United States residents who, during the period from September 30, 2002 to the present, had spyware or adware put onto their computers by eXact Advertising.". It is estimated that 20 million people would be eligible for this class.

The complaint asks for injunctive relief enjoining eXact Advertising from continuing to occupy and adversely affect computers owned by members of the class. It asks for an injunction against the deceptive and misleading marketing practices, the sending of advertisements and the continuing damage being caused to class members' computers.

eXact software includes such programs as Cashback, Bargain Buddy, eXactSearch and Navisearch.

I have been waiting for years for this to happen. Let's hope that the jury is packed full of people who have had to deal with some sort of spyware infection on their own computers. I will be watching this case to see what happens and rooting for the plaintiffs.

Permalink | Top

Program: Spycop Antispyware
Price: $49.95 $39.96 [20% off until Oct 20, 2005]
Purchase Spycop [Use coupon code SPYC-4XL4-INFO]

Spycop + ET Bundle: $79.90 $69.93
Purchase Spycop + ET Bundle [Discount is applied automatically]

There is the sort of spyware that comes from installing programs like Kazaa and Imesh. This kind of spyware will track your web usage to produce more relevant pop-up ads. This is an annoying and unfair invasion of privacy. However, other than the aggravation of dealing with pop-up ads and spam, this kind of spyware usually is not dangerous (well, except to your blood pressure). These usually can be cleaned up with products such as Ad-aware and Spybot.

More dangerous are the surveillance and monitoring programs. These programs are used to steal passwords to bank and credit card accounts. A business rival can bribe an employee to install spyware on the company network. Or the company itself might install spyware to watch you while you work. These programs cost money to buy for testing and not all antispyware companies can afford to keep up with each new version.

SpyCop is the leading solution for finding computer monitoring spy programs, keyloggers, and commercially available software designed specifically to record your screen, email and passwords. SpyCop will detect the spy, tell you when it was installed, and disable it. SpyCop claims to have the largest database of surveillance spyware.

SpyCop also makes Evidence Terminator, a program that cleans out the traces of computer usage that Windows leaves lying around. This includes browser cache, temp files and recently opened documents among other things. You should shred paper documents at home and in the office, if you don't want people reading them. The same goes for your PC.

More information about Spycop http://www.spywareinfo.com/downloads/spycop/
More information about Evidence Terminator http://www.spywareinfo.com/downloads/spycop/eterminate.php

Don't forget, even if you catch all the spyware on your computer, someone can still sneak up behind you and peek over your shoulder. Spycop won't help with that, so you might think about buying yourself one of these monitors. ;-)

If you have any problems with the ordering page or with the coupon code for SpyCop (SPYC-4XL4-INFO), please email Catherine http://www.spywareinfo.com/email2.php.

Permalink | Top

New.net has terminated its relationship with an affiliate, after learning that their software was being installed, entirely without disclosure, through a security flaw. The affiliate must stop distributing new.net software and also has been ordered to return all commissions paid to them by new.net in exchange for installing their software. New.net believes that the rogue distribution was active from October 1 through October 5.

The rogue distribution turned up during testing performed by Ben Edelman. In a video recording which accompanies an article describing the installations, several different adwares and browser hijackers can be seen installing themselves. These driveby installations happen despite the fact that Edelman clearly declines several ActiveX security prompts. The rogue software appears seemingly out of nowhere. Among the software being installed is new.net's client software.

New.net is a company which sells web site domains with alternate "Top Level Domains" (TLDs). These TLDs are not approved by ICANN and will not load without special software. New.net's software modifies Windows networking protocols so that the domains they sell will load in a browser like any other web site.

New.net's software is disliked greatly by many people. To start a debate about new.net on an internet message board is similar to throwing a can of gasoline into a fireplace - it invariably causes fireworks. People actually have received death threats just for saying that the software is not spyware.

The software regularly ends up being targeted by various antispyware products. It is not spyware - or even adware - but it does come bundled with other products. The disclosure of the bundled installer seems to not be prominent enough for some of the antispyware vendors.

Besides new.net, Edelman's testing resulted in a large number of unwanted programs installing themselves. Software from 180Solutions, ConsumerAlertSystem, ContextPlus, eXact Advertising, Integrated Search Technologies, MediaAccess, Pacimedia, Powerscan, SearchAccuracy, ShopAtHomeSelect, Sidefind, SurfSidekick, and YourSiteBar all showed up on his test computer. This occurred despite the fact that he declined every single ActiveX security dialog that appeared while surfing a certain web site.

Right now, it may or may not be illegal for these software programs to install in this manner. The answer to that question depends on the person being asked. Hopefully, the US Congress will outlaw that type of installation explicitly in its much-anticipated antispyware bill. An antispyware bill is expected to be drafted, voted upon and sent to the president's desk later this year.

Permalink | Top

I had a good chuckle at this. Someone claiming to be from effectivebrand.com used Sunbelt's "Vendor Dispute" email form to say "LISTEN A**HOLES! EB IS NOT SPYWARE!!!!!!!!!!! FACK SUNBELT!"

Tip: When writing to someone to dispute something they say or do, swearing in capital letters is not the best way to go about it.

Effectivebrands.com seems to be a company that provides a toolbar kit. Publishers use EB's software to build their own toolbar. Among other "nifty" features, it gives publishers "remote control" over the toolbar and lets them "keep in touch" with users. According to Sunbelt, it is used by UCmore.

Permalink | Top

As the number of readers of this newsletter has grown, I have tried to be more careful of what I write. Not only could I find myself on the wrong end of a lawsuit for saying the wrong thing, I can damage the reputation of just about any company I put into my sights.

I am not a reporter. A columnist or a commentator, yes, but not a reporter. I put a disclaimer at the top of each newsletter now just to clear that up. I also have a tendency to become very angry about certain things. Something outrageous happens, then I hear about it, and it is all I can do to restrain myself from declaring holy war.

For instance, New London, Connecticut not only stole land from some of their citizens to hand it over to a land developer, but they also sent them huge bills for back rent for the time they spent in court fighting the theft. To avoid being arrested for making terrorist threats, I won't repeat the first thing I said when I learned about that. Besides, I would hate to cause any sailors reading this to blush at the language.

When I write something for this newsletter or elsewhere on SpywareInfo, I would like for it to be accurate. Nobody will want to read this newsletter if it is nothing but rumors, gossip and falsehoods. If I am going to rant, I want to be ranting about something that actually is happening.

For that reason, I tip-toed very carefully around a rumor that has been spreading about Dell computers. The rumor is that Dell deliberately makes it difficult to remove a piece of software from myway.com. This software, a Dell-branded browser search extension, is preinstalled on most new Dell computers these days.

On message boards all over the internet, people were complaining that, if they tried to remove the Myway software from Add/Remove, it remained anyway. According to those postings, the Add/Remove entry would have a disabled "uninstall" button.

In an effort to find out what was going on, I asked for people with brand new Dell computers to write to me. I exchanged emails with literally hundreds of people. As far as I could determine, the issue seemed to be caused by a misconfigured installer program. It seems that the software actually is removed but leaves behind a disabled entry in Add/Remove. From what I could tell, that was the source of the confusion and the rumors.

That was the best explanation that I could make of the various conversations I have had with people. However, the issue is still in question. My theory of a screwed up installer could be completely wrong. It is even possible that I sabotaged my attempt to gather accurate information by asking people to write only if their Dell PC was less than a month old.

Without laying my hands on a new Dell computer, I really have no way to see for myself what is happening. Certainly I am not going to go out and buy a computer that I don't need.

I want to apologize to Steve Wechsler for badly misinterpreting the letters we exchanged. He explained to me how and why the installer program leaves a dead Add/Remove entry after it is used. I thought that he was saying to me that the entire debate was simply confusion over that orphaned entry. Apparently that is not what he meant to imply. He believes that the problem with the installer is deliberate, not a bug. Sorry Steve.

A person known online as negster22, who was very active in one of the message board debates about the Myway software, has some interesting evidence. Without looking at her computer, I don't know what to make of it. Certainly, It is strange and does not look good for Dell. The following is a letter that she sent to me after my article came out.

Hi Mike,

I have been conducting some additional research on the Dell My Way and have discovered something interesting on the Dell system which I purchased in late February and conducted my testing on. I now have some pretty compelling, hard evidence that AFTER My Way was uninstalled via A/R, it continued to hijack the IE start and default home pages to the Dell My Way portal like so:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway

It also set the default Internet Explorer search engine to My Way R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html

If you put the first link in your browser and set the default Internet Explorer search engine to that of the above link, you will be able to simulate a surfing experience completely defined by "My Way". This happened despite my resetting of IE's home and search pages to google.

I say my evidence is pretty compelling, because I located all the HJT backup files on the system I cleaned and there are over thirty of them showing that Dell My Way persistently reset all the above pages in the registry during five month period following its 'removal' via A/R programs. This behavior did not cease, until I uninstalled the app by tracking down the My Way msi.

Obviously, some element of Dell My Way remained after it was 'removed' from the ARP in the Control Panel. Otherwise, using HJT to remove the offending registry keys would have offered a permanent solution, and it did not. All the homepage, and search engine redirects were subsequently and repeatedly reinstalled, after each and every HJT deletion. I have seen HJT posters complain of this, too...

This is about as far as I can go with this story without physically putting myself in front of a Dell computer to see for myself.

If there is someone out there within 200 miles driving distance of Vidalia, GA that 1) has a Dell computer that was bought between November 2004 and September 2005, 2) has a "restore" CD from Dell to put their computer back into the state in which it was shipped and 3) is willing to let me come to their house to reformat and play with their computer, please let me know. This story is starting to drive me bonkers and I want to find out, once and for all, what the deal is.

Permalink | Top

The Debate

There are at least two sides to any great debate. Otherwise, it would be a consensus, not a debate. This is true of the debate for and against privacy.

On one side, you have a Supreme Court justice who said famously that the right to privacy is "the right to be let alone". Anyone who has read the book "1984", by George Orwell, seen the movie "Minority Report" or lived in the former East Germany has a pretty good idea of how terrible life would be without some privacy.

On the other side, you have people who believe that individuals who want privacy have something to hide. Too much privacy could lead to people doing things they never would do if it were going to become public knowledge.

I come down squarely on the side of privacy rights. Anyone who doesn't know that must be reading this newsletter for the very first time. It is my belief that stripping people of their right to privacy will do far more harm to society than anything they could do to it out of public view.

I strongly disagree that people should give up freedom for safety. Anyone who feels that way should live in Singapore for a while, in order to understand truly the implications of their opinion.

Singapore is a nice, safe and clean place to live. That safety comes from the fact that Singapore is a police state, with laws and regulations to micromanage every aspect of a person's life strictly. For instance, chewing bubble gum without a permit will land you in prison for up to a year. It may be safe but I certainly would not want to live there.

Enough of that. I make no claims of being objective or balanced, but I do try to be fair when possible. I have railed about privacy abuses many times. Let's talk about the other side of the debate this time.

Perverts

Someone wrote recently to point to a fine example of someone abusing his right to privacy. That someone is a pedophile who writes a blog, anonymously, about being a pedophile. This person uses a blogging service called Invisiblog to hide his identity.

In certain countries (including Singapore), you will go to prison for writing the wrongs things in your blog. The purpose of Invisiblog is to give people in those countries a way to publish to the world without risking prison. Invisiblog will never reveal the author of a blog. Not because they will refuse but because it is not possible for them to have that information.

They use a mixture of anonymous email remailers, encryption and other methods to make sure that nothing can be done to identify the author of a blog hosted on their site. As they say on their site, even if someone pointed a gun at their heads, they would not be able to identify one of their users.

I didn't read very much of the blog, so I don't know how much detail this person goes into when he writes. The idea of reading a pedophile's blog is disgusting. I looked just long enough to confirm that he seems to be writing about being a pedophile. By using this service, he can do that with total anonymity.

Liars

In another incident, a blogger has leveled scathing accusations against the mayor of Smyrna, Delaware. According to the mayor, the accusations are false. He intends to file a lawsuit against the author for libel. The problem is that he has to find out who the author is first. The blogger's identity is never identified on the web site.

The mayor set about trying to discover the author's name. He got as far as learning the blogger's IP address before running into a brick wall. He sent a letter to Comcast demanding the identity of the customer using that IP address. Comcast informed the customer of the inquiry. That person promptly filed for a protective order with the court to prevent Comcast from turning over his identity.

Last week, the Delaware Supreme Court ruled that Comcast cannot be forced to reveal the identify of the blogger. The court based its decision on the fact that the mayor has not proven that the anonymous blogger has committed libel.

As nice as it is to see the court protecting a person's privacy, I can't bring myself to be excited about this particular case. It seems to introduce a vicious circle for people who have been libeled. You can't sue the person libeling you without knowing their identity. But you can't identify the person without proving libel. And you can't prove libel without suing the person. Rinse, lather, repeat.

Cowards

Let us not forget everybody's favorite example: Terrorists. Some people swear that Al Quaeda communicated using encrypted email to plan the 2001 attacks. The fact that it is not true, according to none other than the FBI, seems to have no effect on their opinion.

On the other hand, there have been reports that some terrorists have been using steganography to pass messages over web sites. Steganography is the hiding of information within innocent-looking files. While a document that has been encrypted will draw suspicion, that same document might go unnoticed if it were hidden within a picture file.

According to some sources, terrorists have been doing exactly that. As far back as 2001, law enforcement agencies have been warning that terrorists are encrypting messages, hiding them inside of picture files, then posting them to "adult" web sites. A picture of a movie poster could be hiding plans to blow up an ice cream shop.

Louis Freeh, while Director of the FBI, tried his best to have consumer encryption banned or crippled in the United States. His personal opinion seems to be that average citizens should be forbidden to use encryption. His very grudging compromise, outlined in his testimony before Congress back in 1997, was to have the key for every consumer encryption program deposited with a government-certified company. If law enforcement needed it, they could subpoena the key and decode an encrypted document.

Final Word

Privacy is a hot debate. There are two very good arguments for both sides of the issue. Most likely the debate never will be solved. Any sensible compromise merely would leave the advocates on both sides with a sense of mutual dissatisfaction.

If a government can barge into your home at any moment, tap your phones, read your mail and keep you under never-ending surveillance, there is no doubt that they could do an outstanding job of protecting you from criminals and terrorists. You would be safe from most crimes being planned in advance.

I, personally, would not want to live in that country. I don't believe that a true democracy could exist for very long in a country where there is no respect for the right to privacy. Just one bad political leader could abuse his government's power to quell dissent and what would be left would not be a democracy.

I will end this on a cautionary note. The trend of all governments is to become more and more intrusive, directly at the expense of citizens' rights. Once a government grants itself a certain power, it never wants to relinquish that power. When a right has been rescinded, it is nearly impossible ever to regain that right.

Some people want certain rights to be suspended "for the common good". Be careful what you wish for. You may not like it when that wish is granted.

Permalink | Top

SpywareInfo has a new(ish) feature, listing news headlines relevant to spyware, privacy and safely using the computer. There is a saying that "all politics are local". It seems that this also applies to the internet. It is a close community in that problems can spread from anywhere. If you see a local story that you think deserves attention, please let us know. Use this mail form, tell us some details and we will follow the story.

This Spywareinfo News Section is updated every day - and several times during the day. It is a section of Spywareinfo that we hope will keep you informed on a daily basis - and keep your internet time a bit safer. Go have a look.