RE: CRIME Gator

From: Jere Retzer (retzerj@private)
Date: Thu Jul 18 2002 - 10:47:01 PDT

  • Next message: Toby: "Re: CRIME Kerberos summation."

    Support.com has a similar problem to the one you describe -- establishes a channel back to the site to maintain your systems.  I'm wondering about the ability to legally download trojans (that could be activated later, illegally of course) and spyware that could then report back things like credit card numbers, traffic patterns, sites accessed, usage, etc
    
    >>> "Dorning, Kevin E - DI-2" <kedorning@private> 07/18/02 10:02AM >>>
    
    We have banned the use of Gator and have blocked the Gator sites.  The problem with the Gator approach is that it allows anyone to create an open connection into an otherwise protected network.  The opening is not protected since it uses an http connection that is established and kept open by the internal client system.  The client (Or someone at Gator) may then use this connection for just about anything that they want.
    
    
    K.D>
    -----Original Message-----
    From: Jere Retzer [mailto:retzerj@private]
    Sent: Thursday, July 18, 2002 9:32 AM
    To: crime@private
    Subject: CRIME Gator
    
    
    Am I the only one that sees some security concerns with the Gator approach? Do current laws prevent this approach for downloading a trojan? Reporting back information such as credit card numbers? See the following article:
    
    
    Fool.com: Peeved Over Pop-ups [Fool on the Hill] July 17, 2002
    (http://www.fool.com/news/foth/2002/foth020717.htm)
    FOOL ON THE HILL
    Peeved Over Pop-ups
    
    The Washington Post Co. and The New York Times Co. are among those suing
    pop-up king Gator Corp. The companies say Gator is a parasite that siphons
    away advertising revenue and drives away customers.
    
    Email this pageFormat for printingBecome a Fool!Receive via
    HandheldReuse/ReprintRelated Links
    
    cexx.org
    
    ThiefWare.comDiscussion Boards
    
    Fool on the Hill
    
    Webmaster's Corner
    
    ByRex Moore (TMF Orangeblood)
    July 17, 2002
    
    
    
    The next time you see a pop-up ad while surfing the Net, know that some
    media companies are waging a battle to limit the number you'll see in the
    future. The Washington Post Co. (NYSE: WPO), The New York Times Co. (NYSE:
    NYT), and Gannett-owned (NYSE: GCI) USA Today are suing the much-despised
    Gator Corp., a pop-up company based in California. The story is an
    interesting mix of questionable business practices, uncharted legal
    questions, and privacy issues.
    
    Got Gator?
    Gator makes software that helps users fill in forms on the Internet. It
    remembers what you've typed before and automatically fills in things like
    your name and address. But this is no more than a front for its real
    business -- serving up pop-up ads for its clients. You see, when you
    install its software, Gator can also install an additional "spyware"
    application, sometimes through subtle methods. This program will monitor
    your surfing habits and display pop-up ads when you visit certain sites.
    The company claims some 400 advertisers.
    
    The spyware can also install on your computer in ways you might not
    imagine. Sometimes freeware and shareware downloaded from sites like CNET
    have a small "install stub" attached, called Trickler. Trickler is a
    program that will silently load whenever you start your computer, and will
    slowly download the rest of the spyware. All this happens unbeknownst to
    the user, completely separate from the program they really wanted.
    According to cexx.org, a website dedicated to keeping the world up to date
    on various types of questionable software, "It is suggested that this
    'trickling' activity is intended to slip under the user's radar, the
    steady, low usage of bandwidth going unnoticed."
    
    Finally, Gator and other spyware companies have a new tactic called
    "drive-by downloads." A user may visit a site and receive a pop-up asking,
    "Do you accept this download?" Many, of course, will click "yes" because
    they think it's part of a browser plug-in, or some other "normal" computer
    operation. Instead, they receive spyware that remains on their computer,
    running in the background, forever (well, for the life of the computer,
    anyway).
    
    Legality
    Aside from the ethical questions involving such programs, there are legal
    ones as well. And the issue goes straight to the bottom line of companies
    you may be invested in.
    
    First, this software displays unauthorized pop-up ads on websites. The
    program is a sort of parasite, feasting on traffic drawn to various sites.
    Now, marketing types presumably have some idea of how many pop-ups a user
    can tolerate (OK, maybe not). If a third party piles on a few more, then
    the owners of the site have lost control of the user experience and may
    lose visitors in droves. What's worse, in many cases the ads are for the
    website's competition!
    
    While at first blush this may seem illegal, it's really a gray area. For
    example, what if the user wants to see hundreds of pop-ups? Presumably,
    some people willingly download the software, even though they may not know
    exactly what it does. Is a pop-up ad in a separate window any different
    than other applications that bring up windows, like instant-messaging
    programs? As you can see, it's a tricky legal issue.
    
    Incredibly, however, some of the ads served by the Gator software actually
    display over existing ads on a website. "They look and feel like the
    site's real banners, but place ads for things the actual Web site never
    intended," says cexx.com, "including ads for competitors' products and
    possibly even adult material." Not only that, the site loses money because
    the legitimate ads are covered and therefore not seen or clicked. Is that
    theft or a legitimate business tactic?
    
    Lawsuit
    If all this is making you a bit queasy, well, it means you're human. And,
    understandably, the websites Gator and others prey upon are up in arms.
    Yesterday, a judge in Virginia issued a preliminary injunction against
    Gator, prohibiting the company from "popping up" on the media sites
    mentioned before, as well as nine others.
    
    Gator may or may not appeal, but the Associated Press says the company is
    "confident it will win the case at trial." A Gator attorney is quoted as
    saying, "We believe strongly that the facts and the law are on our side."
    
    Let's hope our law doesn't allow a company to distribute software that, in
    many cases, works its way onto a user's computer without his knowledge,
    deteriorates his Web-surfing experience by displaying pop-up ads without
    his consent, and -- if he's a shareholder of an online media company --
    takes money out of his wallet in the form of a lower stock price for that
    company.
    
    If you're curious whether you're one of the 22 million with Gator on your
    computer, you can find out. The company says the software can be detected
    and uninstalled using the Add/Remove Programs menu in the Microsoft
    Windows control panel. A better suggestion is to use a program like
    Lavasoft's Ad-Aware, a free utility that scans your entire computer for
    Gator and other spyware software and removes them, if you wish.
    
    We'd love to hear what you think about this issue. Our own Richard
    Dressner (TMF Twitty) writes, "It's an unfair advantage for competitors to
    have the ability to counter what is, essentially, a private dialog between
    a consumer and a business." Please join us on the Webmaster's Corner
    discussion board and have your say!
    
    Rex Moore studiously avoided using the terms "thiefware," "scumware," and
    "hijackware" in this column. The Motley Fool is investors writing for
    investors.
    
    
    The Motley Fool is dedicated to Educating, Amusing, and Enriching
    all visitors to their website at
    http://www.fool.com/index.htm?ref=Yo.
    



    This archive was generated by hypermail 2b30 : Thu Jul 18 2002 - 11:55:41 PDT