The Spyware Weekly Newsletter is distributed every week to 20,000 subscribers and read online by hundreds of thousands of visitors. Click here to subscribe. Please read our Terms of Use for quoting guidelines.This edition of the Spyware Weekly Newsletter is archived permanently at http://www.spywareinfo.net/aug29,2006.

Wherever the term "adware" is used, it is referring to a category of software, not to any particular company or product.

The contents of this newsletter is all commentary.

Permalink | Top

• Kiwi Movie Downloaders Under Surveillance
• PCTools - Spyware Doctor
• Bad McAfee! Be Nice To The Other Kids!
• Missing: US Constitution - Last Seen In Nebraska Courtroom
• AOL Has Gone Right Off The Rails
• Setting The Speed Limit
• Data Brokers Throwing More Money At Congress

Permalink | Top

The New Zealand Federation against Copyright Theft has announced a new tool to find movie pirates. They claim that this tool lets them spy on people searching the internet for unauthorized copies of movies to download.

This announcement has led to quite a bit of confusion. The New Zealand Herald seems to be under the impression that the tool is a spyware program which has access to people's personal computers and can watch them as they search on Google. The Herald reporter stirred up quite a hornet's nest for his article.

The Herald article has statements from the EFF and the New Zealand Privacy Commissioner which say using the software is a serious invasion of privacy. Several government officials are quoted as saying they believe the tool could be illegal. Two New Zealand internet service providers say they would not cooperate with the antipiracy group without a court order.

You know, I feel really dirty coming to the defense of an organization such as this one. However, I think the Herald's reporter badly misinterpreted the press release.

The way I read the press statement, it looks like the tool will connect to various peer-to-peer networks and keep watch for people searching for copies of movies. If someone searches for a copyrighted movie title, the software will note the IP address of the person searching for it. It also notes whether or not the person was successful in finding and downloading the movie.

None of that would require spyware to be installed on anyone's computer. On many P2P networks, you can see the keywords for which people are searching, as well as their IP addresses. Most networks also allow someone to search the shared folders on any specific machine connected to the network. So, if this software spotted someone searching for Talladega Nights, it could search the shared folders on that IP address twenty minutes later to see if they found a copy and downloaded it.

That may not be exactly how it works, but I'm probably not far off. None of that requires any spyware. You probably could do the same thing yourself with many Gnutella network clients, although it would take a bit of effort.

Now, if I'm wrong and they really are installing spyware to do all this, I'll be the loudest voice calling for them to be burned at the stake. What they are doing is intrusive but I don't believe it involves installing spyware on anyone's computer.

Permalink | Top

Program: Spyware Doctor
Author: PC Tools
Platform: Windows XP, Me, 98 and 2000

Purchase Spyware Doctor: $19.95 (Normally $29.95. Discount applied automatically until Sep 5, 2006.) http://www.pctools.com/spyware-doctor/purchase/?ref=afl_spywareinfo

Purchase Registry Mechanic: $19.95 (Normally $29.95. Discount applied automatically until Sep 5, 2006.) http://www.pctools.com/registry-mechanic/purchase/?ref=afl_spywareinfo

Purchase Privacy Guardian: $19.95 (Normally $29.95. Discount applied automatically until Sep 5, 2006.) http://www.pctools.com/privacy-guardian/purchase/?ref=afl_spywareinfo

Read my review of Privacy Guardian or Registry Mechanic for more information about those programs.

I test drive all of the software that is featured here. I was very impressed with Spyware Doctor. I consider it to be one of the top antispyware programs. On a scale from 1 to 10, I would give this program a 9 1/2.

Spyware Doctor is a very nice and very polished antispyware protection program. The interface is uncluttered and easy to navigate. A system scan is initiated with the click of a single button. The same goes for updating the program. You could give a copy of this program to your grandmother for her first computer and she would have no trouble running it, with the default settings.

On an infected test computer, Spyware Doctor found and removed a staggering 2,400+ infection items, kicked several processes out of memory and blocked 19 malicious start up entries.

Every item found was organized by the name of the malware and included a short description, as well as a detailed listing of every file and registry entry that it believed to be associated with it. Every item is labeled with a "threat level", showing how serious PC Tools considers that particular piece of malware to be.

OnGuard, the real-time protection module, protects against several methods used by browser hijackers and other malware. All of these components optionally will pop up an alert if something is detected. If a piece of malware exploits a browser flaw and tries to install itself, you will know about it immediately.

This is an excellent program. Spyware Doctor has my recommendation - it is that good.

PCTools is offering a $10.00 discount on each of their top three programs, until Sep 5, 2006: Spyware Doctor, Registry Mechanic and Privacy Guardian. The discounts should be applied automatically when using the links above. You will see the discount applied on the last page of the checkout process.

If you have any problems with the ordering page, please email Catherine: http://www.spywareinfo.com/email2.php. Anyone buying as a corporate customer and needing many copies of this program, please contact Catherine.

Permalink | Top

I have received emails from people recently about some odd behavior with certain McAfee products. It seems that if a person uses certain antispyware programs, when they install or update McAfee Virusscan 11 or Internet Security 7, McAfee's installer insists that the other program first be removed. Until the person does this, the McAfee product will not finish installing.

I have seen reports of this in relation to Lavasoft Ad-Aware, PC Tools Spyware Doctor and software from ZoneLabs (not sure which program(s)). A number of Ad-Aware users even posted some screenshots of it on the Lavasoft support forums.

I first heard of this two weeks ago. After searching around a bit, I found scores of people complaining about this on various message boards. I sent an email to McAfee's press address and asked if they wanted to explain what was going on. No reply has been received.

I couldn't find any notices or support documents on McAfee's web site that had any mention of this. I did find several customers complaining (loudly) on McAfee's support forum. As far as I can find, they have no explanation for their installer's insistence that other programs be removed.

I managed to find a few mentions of antispyware programs that interfere with McAfee being installed or with the online update process. If this is the reason for the odd installation behavior, then it is a dramatic overreaction. When two pieces of software conflict like that, responsible companies contact each other to work out the incompatibility.

Then again, that doesn't explain why users of the free version of Ad-Aware also see this behavior. The free version of Ad-Aware is a scanner only, with no real-time modules of any sort and no pop-up blocker. It is incapable of interfering with McAfee, at least when it is not running.

Not to be outdone, Lavasoft's response to all this was to partner with antivirus maker Norman and offer a 25% discount for all Norman security products to Ad-Aware users.

I cannot find a reasonable explanation for this behavior. All I have found are numerous reports that, when McAfee's installer/updater spots software from at least three of their competitors, it tells the user to delete it before it will continue.

Of course, I have drawn a few conclusions of my own, but I will keep those to myself for the moment. Whatever their reasons are for this behavior, I think McAfee owes an explanation to their customers. Software from one company should not demand the removal of software from a competitor without a very good reason. McAfee customers around the world, no doubt, would like to hear that explanation.

McAfee, anything to say for yourself?

Permalink | Top

I struggled for two days with this one. Every time I tried to write about it, I realized that I had created an enormous ramble and had to restart.

I am profoundly disturbed by the entire concept of asset forfeiture laws. As far as I'm concerned, asset forfeiture violates the letter and spirit of the fourth, fifth, sixth, seventh and eighth amendments to the US Constitution. How these laws have survived scrutiny by the US Supreme Court is something I will never understand. You can read all about asset forfeiture laws at the Mackinac Center for Public Policy.

To avoid writing another long-winded rant, I will just state what happened to Emiliano Gonzolez.

Gonzolez flew to Chicago with $124,700 in cash, to purchase a delivery truck for his produce business. Unfortunately, the truck was sold to someone else before he arrived. When it was pointed out to him that flying with that much cash was a bad idea, he decided to drive home in a rental car.

While driving through Nebraska, Gonzolez was pulled over for speeding. The police found the money in a cooler sitting on the rear floorboard. The state troopers called for a K-9 unit and had a drug sniffer dog go over the car. The dog immediately began barking at the money.

Quick Fact:
80% of all United States currency is coated with a very small amount of cocaine. This is not an urban legend. It has been proven in countless tests. If a drug sniffer dog fails to smell cocaine on 1,200 $100 bills packed into a cooler, take that dog to the vet; something is wrong.

Using the barking dog as "evidence", the Nebraska State Police declared that Gonzolez was a drug trafficker and seized the money. They did not, however, charge him with anything (as far as I can tell). They also have failed to produce a single shred of evidence linking Gonzolez to any drug-related crime.

Another Quick Fact:
Under asset forfeiture laws, law enforcement agencies do not need to prove that you have committed a crime, before taking your property. You have to prove, in court, that your property was not used or obtained in connection with a crime.

Gonzolez, along with his business associates, contested the seizure of their money. Amazingly, they won the case. I say "amazingly" because it is highly unusual for a property owner to challenge an asset forfeiture successfully. The police appealed the verdict and it went to the US 8th Circuit Court of Appeals.

Unfortunately, the appeals court reversed the verdict by coming to an astounding conclusion. According to the US 8th Circuit Court of Appeals, simply driving around with a large amount of cash in the car is evidence of drug trafficking and the cash is subject to police confiscation. No other evidence is required. Apparently, that is how it works in this country.

That makes you want to wave the flag and bake an apple pie, doesn't it? God bless Amerika.

Permalink | Top

What in the world is going on at AOL these days? Is there something funny in the water there at AOL HQ?

1) AOL paid people to harass users, when they attempted to cancel their account. New York sued them for it and they promised to stop. Well….. they didn’t (Link to YouTube video) [1].

2) AOL, in violation of their own privacy policy, published the search engine usage logs of 658,000 of their users. Woops?

3) AOL released an antivirus program, the license for which grants AOL the right to track how people use it and allows AOL and affiliates to send them spam. Stopbadware.org promised to flag it as spyware, if it did any such thing.

Coincidently (or perhaps not?), the AOL 9 internet service software already is on Stopbadware's "watch list". The software is extraordinarily rude. It behaves almost exactly like many of the malicious adware programs that I have seen.

All of this has occurred in just the last couple of months. Good lord, time to check the water filters in the building for tampering perhaps? This is sort of like watching someone who is catastrophically inebriated lurch across a busy street. It is amusing and horrifying, all at the same time.

[1] - In all fairness, AOL claims that particular customer service rep was violating policy and was canned for it.

Permalink | Top

I'm having one of those slap-my-forehead-why-didn't-I-think-of-that moments.

I've always been on the fence about those devices parents can use that track their teenager's cars. If you have never heard of them, these devices keep track of a car's GPS coordinates. If the car is going too fast, the device can report that. Some of them can even send an alert to a parent's cell phone.

I've aged past 30, so my teenage years are a bit hazy now. I'll be shouting at the kids to "Get off my lawn!" pretty soon. I do remember a few things, however. To a teenager, there is far more terror involved in showing the parents the speeding ticket than there is of the cop writing it.

Certainly anything that makes a teenager think twice about dropping the pedal to the floor is a good idea. I remember being the terror of I-95 when I was a teenager. I even had a race one night that started on Tybee Island, Georgia and lasted nearly to Pooler. If I had known doing that might cause a phone to ring automatically....

On the other hand, the idea of being able to plug in a device that records every meter the car travels... Just the thought of it makes me cringe like the sound of fingernails on a chalkboard. That is the worst sort of Orwellian overkill imaginable.

A high school student has found a reasonable compromise. He has invented a device which keeps track of the vehicle's speed, only his device has a twist. His device, which he calls Speed Demon, will begin recording only if and when the vehicle exceeds a predetermined speed. If the vehicle never speeds, no data can be retrieved from it.

This is where we all slap our foreheads. The idea is so obvious, yet no other device does this, at least as far as I know.

When the Speed Demon is installed, parents can set a speed limit and then password protect it. If the car exceeds that speed, a light flashes. Plugging the device into a laptop's USB port will reveal all the dirty details of why the light is flashing.

There are no details on the web site about how the device works. It looks like it has settings for residential areas and for highways.

I can think of one possible misuse of the device. If the speed limit is set ridiculously low, say 10 miles per hour, then it basically tracks all movement of the car. One way to avoid that would be to have the device reject any speed setting below 35MPH for residential and 55MPH for highway as invalid.

That would be important for safety reasons, as well as privacy. Driving slower than 55 on a freeway is more dangerous than speeding, especially on very busy freeways. An overzealous parent might set the limit too low and end up putting their kids in unecessary danger.

The Speed Demon is expected to hit the market this Fall and can be purchased from http://www.speed-demon.org/ .

Permalink | Top

As most of you know by now, there are companies in the US whose sole reason to exist is to spy on every person in the country. Everything there is to know about someone is saved to a file and updated constantly. Social Security number, credit card use, credit history, criminal/civil court records, public records, telephone number, address - it's all there. The FBI and the CIA only wish they had information this complete on the people they investigate.

That data is lost and/or stolen on a regular basis. The people who steal the data use it to open lines of credit in other people's names. When that happened in the past, the companies would keep it quiet. It makes them look bad. No company wants a reputation for making idiotic mistakes. Plus, they didn't want to be held responsible for causing identity theft, so they just said nothing and hoped that nobody noticed.

Then one day, California passed a law requiring that these companies inform the people whose information they had misplaced. Suddenly, everywhere you turned, there was a new headline about some company losing data on hundreds of thousands of people. People developed a new pastime - checking their credit reports once a month to watch for signs of fraud.

The financial and credit industries did not like this. They were forced to reveal their industry's dirty little secret. They were forced to admit that they could be responsible for staggering amounts of identity fraud. They wanted things to be like they were, when they could hush up these embarrassing little incidents. So they did what they have always done, when a state passes an inconvenient law - they went to Congress. And they brought their checkbooks with them.

I wrote about this a few weeks ago. There are two significant bills in the House House of Representatives which address this issue.

HR 3997 nullifies state laws that are modeled on California's disclosure law and gives these companies numerous ways to avoid telling anyone that they have misplaced data. HR 4127, on the other hand, requires these data brokering companies tell people immediately, when data about them has been lost or stolen.

Incidently, those members of congress who have signed on as cosponsors of HR 3997 have received about 8 to 10 times as much money in campaign contributions from the financial industry as those members who are cosponsors of HR 4127.

The reason I bring all this up again, just four weeks after the last time, is that now the US Senate is involved as well. Senator Robert Bennett of Utah is sponsoring S.3568, the Data Security Act of 2006.

S.3568 is remarkably similar to HR 3997. In fact, if I didn't know better, I would say the people who wrote the two bills were working off the same set of notes. Look for yourself: HR 3997 HR 3568.

Both bills leave it up the company involved to decide whether or not lost data is likely to be used for identity fraud. Both bills lets the companies weasel out of telling anyone, if they decide the information is not going to be misused or is protected by some form of security (encryption or passwords). If they decide that they must bother themselves to report the data loss/theft at all, the actual victims (the people whose identities are now floating around the underworld) are notified LAST. Both bills specifically forbid the existence of state laws which address the same issue.

There was only one real difference that I could see between the two bills. HR 3997 at least allows a state attorney-general to sue in federal court any company that violates the act. S.3568 specifically prohibits that. It also forbids any private lawsuits against a company responsible for causing identity theft.

 Sec. 5
  (c) No Private Right of Action-

   (1) IN GENERAL- This Act, and the regulations prescribed 
under this Act, may not be construed to provide a private 
right of action, including a class action with respect to 
any act or practice regulated under this Act.

   (2) CIVIL AND CRIMINAL ACTIONS- No civil or criminal 
action relating to any act or practice governed under this 
Act, or the regulations prescribed under this Act, shall be 
commenced or maintained in any State court or under State law, 
including a pendent State claim to an action under Federal law.

Like HR 3997, this is a bill written to protect information brokers and the financial industry, not the people they cause to become victims. The people sponsoring HR 3997 took in a truckload of money from those industries. Gee, I wonder...

Four senators are named as sponsors/cosponsors of S.3568. Just for kicks, let's see how much money the financial industry has contributed to their reelection campaigns recently...

Sen. Robert Bennett: $123,000
Sen. Tom Carper: $430,067
Sen. Mike Crapo: $80,000
Sen. Tim Johnson: $244,424

Wow, I'm in the wrong business. Maybe I should run for Congress?

But wait, there's more! This is from the the Salt Lake Tribune:

[Senator] Bennett also has ties with lobbyist John Harmer, whom the Utah senator said he has known since high school and has been hired by ChoicePoint and the credit reporting agency Equifax to work on data-security issues. Harmer is treasurer of the Hatch/Bennett Political Action Committee, a fundraising body created last year that raised $43,834 for Bennett and Utah Sen. Orrin Hatch.

*cough*

Okay, so we have three bills that address the same problem. Let's see how the loss of certain sensitive information might effect you, depending on which of these three bills becomes law.

Hypothetical Situation:

NoPrivacy4U Inc. maintains a database of every person who has purchased a personal computer with a credit card. The database contains names, addresses, phone numbers, social security numbers and credit card numbers. They sell this information to companies which use it to send you junk mail.

One night, someone breaks into their office and steals the computer server where that database is stored.

What happens next?

Scenario A:
HR 3997 or S.3568 has become law.
The company decides that, since access to the database requires a passphrase, there is no risk of identity theft. They restore a backup copy of the database to a new server and tell no one what happened.

Two months later, your credit card bill includes a $3,000 charge for electronics that you did not buy from a store you've never heard of. You spend the next three years trying to convince numerous collection agencies that your identity has been stolen.

Scenario B:
HR 4127 has become law.
Having no option to do otherwise, the company contacts you to explain what happened. After swearing profusely and conjuring up a nasty voodoo curse for the company's CEO, you cancel your existing credit cards and order a freeze on your credit.

Two months later, an intern from the US Attorney's office contacts you to say that a man has been arrested, after trying to buy $3,000 worth of electronics with your canceled credit card number.

If you prefer that second scenario, it is going to require more action from you beyond the normal nitpicking of my grammar. You have to talk to your Congressperson and both Senators about this. Write them letters, include your phone number and tell them you want to talk to someone about this. If they haven't called a week later, call them.

I know, "write to your Senator" is something that other people do. Even if this is the only time you do it, for this one issue, you need to pick up the phone. Identity theft is not something you can avoid by being careful. It can be caused by a company you have never heard of losing data that you didn't know existed.

The companies that would be regulated by this legislation are contributing an exorbitant amount of money to the people who are writing these laws. If these lawmakers do not hear from the people who decide if they keep their job in the next election, they very likely will vote for one of the industry-friendly bills.

You can find your Senator here and your Congressperson here.

Permalink | Top

Check out FlyingHamster.com for the latest news headlines relevant to spyware, privacy and safely using the computer.

There is a saying that "all politics are local". It seems that this also applies to the internet. It is a close community in that problems can spread from anywhere. If you see a local story that you think deserves attention, please let us know. Use this mail form, tell us some details and we will follow the story.

FlyingHamster is updated every day - and several times during the day and night. It is updated continually, even on the weekends. We hope it will keep you informed on a daily basis - and keep your internet time a bit safer. As soon as I can get around to it, I will add FlyingHamster's RSS feed to SpywareInfo.

FlyingHamster belongs to my partner, Catherine. It is a free service, supported in the same way as SpywareInfo, by offering high-quality software at a discount. This week, FlyingHamster has a discount on Firetrust Mailwasher. Go check it out.

Running SpywareInfo has become an expensive thing to do. We are using three separate servers to display the site and to protect it from denial of service attacks. This is not a cheap web site to host.

If you would like to help with the costs, there are two options. There is PayPal for those who have a Paypal account or don't mind signing up for one (it is free).

Thank you very much for your contributions.

You can also purchase t-shirts, hats, bumper stickers and other items from our CafePress storefront.