February 23rd, 2005, 09:40 PM
rcgreen, oh they have that "covered". CYA, baby, CYA.
What if it is a minor, who "buys" an expensive item online.
iSearch does not knowingly collect personally identifiable information from children under the age of thirteen. If iSearch becomes aware that it has inadvertently received personally identifiable information and/or data from a user under the age of thirteen, iSearch will delete such past data from its records and will cease to collect any new data from that computer, including any non-personally identifiable data.
Since iSearch does not knowingly collect any personally identifiable information from children under the age of thirteen, iSearch also does not knowingly distribute such information to third parties. Further, because iSearch does not knowingly collect any personally identifiable information from children under the age of thirteen, it does not condition the participation in online activities of a child under thirteen on providing personally identifiable information.
For more information on children's privacy on-line, please visit the Kidz Privacy website, sponsored by the Federal Trade Commission at http://www.ftc.gov/bcp/conline/edcam...cy/index.html.
5. Age Limitation - You must be thirteen years of age or older to download or use the Software. By downloading the Software, you represent and warrant to iSearch and it's partners that you are thirteen years or older.
February 23rd, 2005, 09:45 PM
i'd call it "garbageware"- things that arent explicitly malicious or spyware but are installed sneakily(for example, if you dont do a custom install of aim you get stuck with weatherbug), that i dont really want installed on my system, and slow my system down because they insist on loading at startup and running in the background.
everybody start using garbageware now!
March 2nd, 2005, 12:07 PM
Well there has been an update to all this. From slashdot:
I decided to visit CastleCops and saw this:
Paul Laudanski writes "Slashdot ran an article earlier on 'iDownload Tries to Silence Spyware Critics'. Since then, the spyware critics have responded to iDownload: CastleCops, NetRN, and Sunbelt Software. InternetWeek and BroadbandReports have picked up this story as well. Brian Livingston interviewed iDownload's CEO Arlo Gilbert, who claims the letters were a success: "The majority of sites we've contacted have taken down or properly classified iSearch" and "When asked to name some of the sites that had complied, Gilbert answered, "I'm not going to share that information. It would be shooting a gift horse in the mouth."" General overview by Kye-U and Zhen-Xjell."
I'm glad to see that CastleCops isn't backing down. I think reality maybe for some is to hide their information or forums from the prying eyes of iSearch. At an Information Security and Privacy conference yesterday, it was mentioned by David Perry, Executive VP of TrendMicro, that there is a need to define what exactly and industry-wide what spyware is (amongst about 20 other vague terms).
CastleCops recently received a letter from iDownload claiming that we have incorrectly classified iDownload as Spyware and demanding that we remove them. Interestingly enough we were given a 5 day window to comply with their demand, but we didn't actually receive it until the 6th day. Brian Livingston's published an article regarding the cease and desist letters being sent out by iDownload, indicating not only did CastleCops, Spywarewarrior, Spyware Guide and SunBelt Software all receive similar letters, but the CEO of iDownload is calling the campaign a "success"?
When iDownload's CEO, Arlo Gilbert, called me, I asked which companies had received a cease-and-desist letter from iDownload's attorney. "It would not be in our best interest to share that list," Gilbert said.
He did assert that the letter was having the desired effect. "The majority of sites we've contacted have taken down or properly classified iSearch," Gilbert stated.
When asked to name some of the sites that had complied, Gilbert answered, "I'm not going to share that information. It would be shooting a gift horse in the mouth."
Gilbert added, "The people who are profiting off this information and have not reclassified the information will be sued." When asked for the names of some companies that iDownload has filed suits against, Gilbert said, "We're not going to reveal it," but added that the suits were a matter of public record that could be looked up.
CastleCops subsequently responded to iDownload but we were not the only ones. Suzi from Spywarewarrior also posted her reply publically in her blog and now Alex Eckelberry President of Sunbelt Software has also made their reply publically available.
I find myself asking the question what exactly does Mr. Gilbert consider success? Does it fall into a similar category of "acceptable loss" or "collateral damage"?
Since the threat tactics of iDownload were made public, their practice and products and choice of attorney have been under scrutiny, by the security community and public at large. There have been a number of questionable things uncovered by individual sources, like the unauthorized use of ICSA Certification published at Edbott.com
The company claims the product is certified by ICSA Labs. This is a prestigious honor and not lightly awarded. ICSA Labs is a division of CyberTrust, which was formed recently by a merger of TruSecure Corporation and BeTrusted. Its staff and management number some of the world’s foremost authorities on computer security and information technology. To earn ICSA Labs certification, a product must pass a series of stringent tests, and it can be removed if it fails the testing at any time.
When I reviewed the list of certified products at ICSA Labs’ Web site, I did not see any mention of Virus Hunter. So I fired off an e-mail to Larry Bridwell, Content Security Programs Manager for ICSA Labs. I received the following response within three minutes:
VirusHunter is NOT certified by ICSA Labs nor has it ever been submitted for testing.
We have sent a letter by post requesting that the certification claim be removed.
I don't understand how what they are doing or have been doing can be called a success. Perhaps that is because we at CastleCops measure our success in relation to Our Vision. Maybe it is because we value above all things integrity, or because we believe in doing the things we do and helping the people we do because it is the right thing to do. Our success and that of the Anti-Spyware/Security community is measured in the number of people who are freed from the applications they don't wish to be on their systems. It is measured by the people we help to educate on how to protect themselves, their systems and their families
And it's interesting to see this little gem. I dunno. I'd seriously consider that as spyware.
March 2nd, 2005, 02:45 PM
If I were a "removal" company and I'd get a letter like that.. I'd comply..
And call their stuff "CRAPWARE" instead of 'spyware' from then on
And send them a letter back (in full legalspeak) to tell them what they made you do
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio
the best station for C64 Remixes !
March 2nd, 2005, 03:54 PM
I agree that there is a problem with classification. My definitions are simple. If it causes pop-ups, or in some way targets advertising to your browsing habits, then it is adware. If it sends any information at all about your browsing habits to a third party, then it is spyware. I think in general, adware and spyware share the same bed, and in some cases, are interchangeable.
Whether or not iSearch is spyware is still something I am looking at. Interestingly enough, it seems that the popup advertising that I am getting are based on results from previous searches I have done.
iSearch represents an emerging third category, and my term for that is faciliation software. It may well be that their application in and of itself does not meet the criteria, but it installs other applications that do meet the criteria. I have been testing a variant of bubis, and as meeeeee stated in another thread, an iSearch bar that won't go away is the primary indicator of an infection. This particular strain I am testing downloads CWS and Abetterinternet (VX2). There is no question that they meet the criteria.
One of iSearch's methods of installation is a pop-up that appears to be, if one is not reading closely enough, a Real Media update. If one reads it carefully, then one can see that it is from iSearch, licensed by an outfit called....crap, I can't find the page I had it written on. At any rate, it is extremely deceptive.
If anybody is interested, I have an installer, but I guarantee you don't want it if you don't have a test box. It kills all of your security settings in the registry, and changes permissions so that it is incredibly difficult to change them back. It also attaches itself to explorer.exe, increasing the size roughly 400kb. This gets in deep.
March 2nd, 2005, 06:06 PM
Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.
March 2nd, 2005, 06:11 PM
That is an excellent response by SunBelt to the "threat" by iSearch. Very detailed. i suspect that iSearch is trying to use their EULA as protection against the claim of Spyware. Just because they say it isn't so, however, doesn't make it so.
March 2nd, 2005, 08:28 PM
I guess that's what happens when you have high paid attornies working for you...They actually make things clear for the everyday user to read.
Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.
March 2nd, 2005, 09:52 PM
Re: We're not Spyware, dammit! We're going to sue!!!!
I would have to say, from experience in the industry, any application or applet that is installed indirectly as a result from visiting a site that requires said application or applet in combination with proof that the application or applet utilizes an internet connection to 'phone home' for any reason including reporting statistics back to the mothership or even to see if updates are available. Then I would treat this applicaiton as malware/adware and it would be taken care of like a mosquito on a urinal at a Texas Roadhouse.
Originally posted here by MsMittens
Ironic that a discussion started here does bring to light the question of what exactly is spyware. It's interesting to see how much effort iSearch is putting into this. I almost want to say "They doth protest too much, me thinks". Anyways, has anyone had experience with iSearch/iDownload?
*italics added by me.
All techs know that toolbars suck resources... (even if it is minimal, I still call it "sucks")
There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.
March 2nd, 2005, 09:55 PM
If interested, additional info can be found here > Silencing the Critics: ISearch/IDownload