Over the last couple of decades, internet safety has become as much if not more of a concern for many parents and families as physical safety. To help, many local police departments have given out free safety software to families as “the first step” to keeping their children safe online. Sounds great, right? Sure… except that “safety software” is really a keylogger that sends your family’s every word zipping unencrypted over the internet, ripe for anyone to steal. Oops.
Scammers pretending to buy ads for Suzuki tricked Gawker’s ad sales team last week into running malware-laced ads that installed spyware and crashed the browsers of some readers before they were caught and pulled.
Newsweek has an article that you should not read if you’re especially paranoid. Why? Because it says that according to a security consultant — the percentage of US cellphones that have been tapped with spyware could be as high as 3%.
In 2007 and 2008, Sears invited select customers to join the exclusive “My SHC Community,” which involved installing an app that would monitor online browsing in exchange for $10. The app was called spyware by researchers and the FTC, because the data it collected on customers included “details from their online shopping, bank statements, drug-prescription records, video rentals, library-borrowing histories, even the names and addresses of their e-mail correspondents,” as well as “data about the users’ computers, printers, and other devices.”
EA’s DRM spyware on the long-awaited game Spore turns out to have an added side-effect: if you live in a household with multiple players, you all have to share the same account. The game’s manual says otherwise, but after repeated queries on the EA forum, a company spokesperson confirmed this. That’s right—if you’re in a household with several potential Spore players, and you want each of them to have their own account, you will have to buy multiple copies of the game.
If you have an unresolved Norton/Symantec complaint and regular customer service doesn’t help you out, you might want to try giving one of the top-ranking company executives inside a call or an email. Don’t forget to be nice, polite, and professional, and remember the guidelines for contacting executive customer service. If you need help writing a solid complaint letter, here’s a template to follow. And if you want a real anti-virus program that won’t hose up your computer, try NOD32. Now here’s the complete executive contact list…
Dries Janssens, a computer repair shop owner in Allen, Texas, is worried that a 2007 law passed by the state legislature requires computer repair technicians to have private investigator licenses to perform “simple computer repairs such as malware removal.” We’re not sure if the law was just badly written or written on purpose at the urging of the state’s private investigator lobby (which Janssens suggests), but it certainly seems like a bad idea. Update: according to this article sent by our weekend editor Carey, it’s just badly written (“It needs some tightening up,” says one lawmaker) and should only apply to the private security industry.
Not content with having some of retail’s worst customer service, Sears has decided to wring out more dollars from its customers by jumping into the spyware game. Sears recently sent out an email inviting customers to join “My SHC Community” where they will have a chance to earn fabulous prizes and journal their online shopping experience. All you gotta do is provide your address and install a little ComScore program that monitors your every single step on the internet, from Sears to Myspace to your online banking, to your email headers.
Remember Sony’s cringe-inducing copy protection scheme a couple of years ago, where they secretly installed rootkits on millions of customers’ PCs and then pretended it was no big deal? (“Most people, I think, don’t even know what a rootkit is, so why should they care about it?” — Thomas Hesse, Sony BMG’s President of Global Digital Business.) There’s a new article (PDF) about to be published in the Berkely Technology Law Journal called “The Magnificence of the Disaster: Reconstructiong the Sony BMG Rootkit Incident.” It’s a very detailed and entertaining read that examines the conditions that led Sony BMG “toward a strategy that in retrospect appears obviously and fundamentally misguided.”
One of our readers yesterday left a couple of interesting links in the comments section of our Beacon post. They provide the names of the companies that Facebook says are participating in its poorly conceived spy program Beacon. Here they are:
Last week, Facebook made a lot of noise about how it was making its new Beacon spyware—we mean advertising initiative—less sneaky. But guess what? Over the weekend, Computer Associates reported that even after you’ve declined to have Beacon advertise your habits back to your friends, and even if you’ve logged out of Facebook, it will still surreptitiously report your actions back to Facebook’s servers. And there’s no way you can turn it off.
A new malware ad has managed to sneak its way onto Doubleclick’s DART ad publishing system, which means it’s been showing up on several legitimate websites, including Major League Baseball, The Economist, and Canada.com. It doesn’t require user interaction to be triggered—as soon as it’s loaded into the page, it initiates the redirect, closes your browser window, and starts bullying you to install “anti-virus” software. It will even attempt to download a virus-laden .exe file, naturally.
Stopbadware.org has just released its “Trends in Badware 2007” report, a free overview of all the ways you and your computer can be slipped digital roofies while you’re online looking at LOLpornography and doing your banking through Twitter. It’s written in a deliberately non-technical style, so if you’re put-off or intimidated by the Slashdot crowd, this is a great way to educate yourself or a naive loved one about the dangers of drive-by downloads, website hacking, and so on.
Ars Technica quotes a recent study by Microsoft that found that 58% of American consumers didn’t even know “online threats” existed. The study also found that of the ones that did know about said threats, 17% of them had fallen for some sort of Internet scam—and 81% of those people said it was their fault for opening suspicious emails or sending information to strange companies because they had a nice logo.
The EFF is encouraging consumers to write their Senators about a new “spyware” bill that has been, in their words, “massaged by by lobbyists for the software and adware industries.” Cory Doctorow of BoingBoing says the bill
“makes it impossible for consumer rights groups to sue DRM companies for putting spyware in their DRM (like Sony did last year, with its rootkit DRM). The irony is that spyware is already illegal, so all that this act does is immunize big media companies that sneak spyware onto your computer.”
Spyware is spyware, we think, even if it comes with a Sony/BMG logo.
The House has passed not one, but two cleverly-named measures targeting the miscreants who make and promote spyware. Though the FTC, Justice Department, and several state attorneys general are already empowered to prosecute spyware manufacturers, the two measures would extend existing laws by subjecting spyware makers to jail terms and multimillion-dollar fines.
When reached for comment, Geek Squad founder Robert Stephens said he knew nothing about 40% tech staff reduction / have-more-repairs-done-remotely-by-techs-in-India memo as described by our tipster. In fact, he said he’d like to see it if we did ever end up getting it. Anyhow, as far as staff reductions go Stephens said, “There has been restructuring since we launched within Best Buy and the most recent was back in Jan/Feb but that’s old news – and quite public.”