June 20, 2006
New Antispam Product Reviews
We've just completed a two week test of several antispam products and the hands down winner in our test was Spam Bully. This category of software has not been as popular over the past couple of years, so there has been little in the way of product improvement. Spam Bully seems to be the exception. Read our review here.
Posted at 12:17 in News | Permalink | 0 Trackbacks
June 12, 2006
How to disable Microsoft's Windows Genuine Advantage From Spying On You
1. End the process wgtray.exe from the "Processes" tab on the Task Manager Manager (press ctrl-alt-delete to bring it up.)
2. Restart Windows XP in safe mode by rebooting and pressing F8 while it's starting.
3. Delete the following files:
4. Start Windows Regsitry Editor and delete the following entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\WinlogonNotify\WGALOGON
At this point, your private data will no longer be sent to Microsoft every time you start your PC.
Posted at 10:06 in News | Permalink | 0 Trackbacks
June 09, 2006
Windows Genuine Advantage: Safety Switch or Spyware?
Editor's Note: Few in the anti-spyware industry would disagree that software which surreptitiously calls home qualifies as "spyware". However Microsoft, makers of Windows Defender, has has just been caught red-handed distributing software which does exactly this.
One of the major objections raised about Microsoft's foray into PC security is that competing interests within the company will compromise the level of security they are willing to provide. This is a particularly good example of how the company continues to trample over itself, simultaneously acting as anti-spyware provider as well as a spyware company.
It is because of this conflict-of-interest that I no longer run Microsoft's security products. No matter how good their products may seem, it is just a matter of time before some internal directive results in a massive security hole on my PC. My data is just too important to expose to the corporate whims of a company too big to act in a coordinated manner.
Rumors have been flowing around the Internet for quite a while and Microsoft was finally forced to admit on Wednesday that they were true: the latest update to Windows Genuine Advantage (WGA) phones home to the Redmond company on a daily basis.
Windows Genuine Advantage is an anti-piracy program implemented to detect illegal copies of Windows XP.
According to privacy advocate Lauren Weinstein, the WGA made a connection to Microsoft's servers even after it had validated a Windows system as genuine.
"We can argue about whether or not the tool's behavior is really spyware -- there are various definitions for spyware, and the question of whether or not you feel that the notice provided at upgrade installation time was sufficient is also directly relevant I believe that the MS officials I spoke to agree with my assertion that additional clarity and a more "in your face" aspect to these notifications in such cases would be highly desirable."
In response, Microsoft said that the feature was a "safety switch", designed to enable the company to shut down the program in case of a problem. The company added that it would provide an update for the WGA so the computers would only call home every 90 days.
Up till now the anti-piracy tool has been a success form Microsoft's point of view, as the company claims that 60% of users promoted to install WGA did so.
However, users have become concerned, as the situation brought up the an uneasy question: What else is Microsoft not telling us?
Lauren Weinstein wrote on his blog:
"I do not know what data is being sent to MS or is being received during these connections. I cannot locate any information in the MS descriptions to indicate that the tool would notify MS each time I booted a valid system. I fail to see where Microsoft has a "need to know" for this data after a system's validity has already been established, and there may clearly be organizations with security concerns regarding the communication of boot-time information."
Many fear Microsoft's idea would be embraced by other software vendors, leading to more and more restrictions the customers would have to accept in order to be able to use the product. Also, the matter of invasion of privacy arose, as such tools would eventually be allowed to send all kind of info to the developer of the software.
Posted at 10:41 in News | Permalink | 0 Trackbacks
June 08, 2006
Man pays US$2,000 after charges of Google AdWord misuse
Editor's Note: We reviewed Spyware Cleaner nearly a year ago and warned users about this ineffective product.
Robert McMillan, IDG News Service
A New Hampshire man has agreed to pay US$2,000 to settle charges that he misused Microsoft's name to trick consumers into buying ineffective antispyware products, using Google's AdWords program.
Seth Traub, of Portsmouth, New Hampshire, is the third person to settle a lawsuit filed in January by Microsoft and the Washington State Attorney General's office. The suit alleges that software vendor Secure Computer sold an antispyware product that not only fails to remove spyware as advertised, but actually makes users' computers less secure.
Traub and two others, Zhijian Chen of Portland, Oregon, and Manoj Kumar of Maharashtra, India, were charged with using inappropriate techniques to advertise Secure Computer's Spyware Cleaner software. Last April, Chen paid US$84,000 in fines after pleading guilty to violating Washington's Computer Spyware Act.
A fourth man, Gary Preston, of New York state, has paid US$7,200 after allegedly allowing his name to be used as an alias by Secure Computer.
Traub ran ads, using Google's AdWords program to create an advertising link reading "Microsoft AntiSpyware." It was displayed when users searched for terms like "Microsoft spyware cleaner," or "Microsoft antispyware," the Attorney General said in a statement Tuesday.
Traub's ads earned him 75 percent of the US$49.95 unsuspecting users would spend to purchase a copy of Spyware Cleaner.
Traub has not admitted any wrongdoing in the settlement, which was finalized Monday, but will pay US$2,000 in legal costs and attorney's fees, the Attorney General's office said.
The lawsuit against Secure Computer and its president, Paul Burke, is ongoing. It is the first to be filed under Washington's 2005 Computer Spyware Act.
Posted at 15:47 in News | Permalink | 8 Trackbacks
May 30, 2006
Tougher days looming for anti-spyware leader Webroot
Sunday, May 28, 2006
By Catherine Tsai, The Associated Press
BOULDER, Colorado -- For millions of PC users, the privacy-snatching programs known as spyware have been nothing but a headache as they swipe personal information, slow systems to a crawl and crash computers.
For Webroot Software Inc., the annoying programs have been the foundation of success. Thanks to its market-leading anti-spyware software, Spy Sweeper, sales have soared 20-fold since 2002, and last year the privately held company raised an eye-popping $108 million in venture capital.
Though there's little chance of spyware ever going away, Webroot is facing a significant challenge in the coming years: Microsoft Corp.'s upcoming Windows Vista operating system will include its own spyware-squashing tools.
Vista could put Webroot in the same shoes as RealNetworks Inc., Netscape Communications Corp. and others whose businesses have suffered after Microsoft bundled more features into its ubiquitous operating system.
Still, Webroot CEO David Moll seems unfazed.
"The taking of a second-best product in this space is akin to locking half the doors in your house," he said. "Vista will not solve the spyware problem. It may change the vector of attack, but it will not solve this problem. And I'll bet the company on it."
Some analysts say the company should broaden its focus -- and Moll, without divulging details, said that's in the plans.
"Ultimately they need to offer more than just an anti-spyware package," Yankee Group senior analyst Andrew Jaquith said. "To do that, they need access to more money, or be part of a bigger company."
Moll said he expects 20 percent revenue growth this year, while Jaquith estimates current overall annual revenue at $75 million to $110 million. Mr. Jaquith said an initial public offering is more likely than a buyout because, he estimates, it could take $500 million to acquire the company -- a sum he figured few rivals would be willing to pay.
Although an initial public offering isn't imminent, Mr. Moll said, Webroot is implementing some of the financial controls required for public companies.
Even before Vista ships to businesses later this year and to consumers in early 2007, Webroot faces formidable competition.
Anti-spyware programs from companies like Tenebril Inc., Lavasoft AB, McAfee Inc. and others all target the software that gets downloaded and installed onto PCs -- often without users' knowledge -- to monitor keystrokes or capture personal data and send it back to a third party.
Some of the rival programs are free, while others are included with broader security programs. Webroot charges $29.95 for the software and a year of updates and customer support.
Spy Sweeper, which was first released in 2003, has received strong reviews and it had 75 percent of the U.S. retail market last year for anti-spyware, besting both McAfee and Computer Associates International Inc., according to the NPD Group Inc., a market research firm.
For its part, Microsoft said customers should choose spyware protection that works best for them. In fact, Vista users will be able to turn off Windows Defender, if they choose, said Mike Chan, senior product manager for the anti-spyware program.
Many anti-spyware vendors set traps, or "honey pots," with algorithms that do the screening. Webroot's differentiator is Phileas, a computer system that actively hunts down spyware with the aim of catching new threats the day they are released.
To spark further innovation, Webroot employees who think of ideas that earn patents get bonuses of up to $2,000. Every so often, the company holds the "Spyware Smackdown," a game in which researchers act as spyware writers trying to avoid Spy Sweeper.
The company also invested $500,000 on a usability lab, in which cameras monitor volunteers as they use Webroot's software. That research then goes into improving the software's interface.
Webroot's efforts have paid off. Besides huge revenue growth helped by the release of Spy Sweeper in 2003, the company has grown from about a dozen employees to 300 in a purple-walled headquarters that look out on the Rocky Mountains. Its conference rooms are named for dead rock stars such as Jerry Garcia.
Though Vista raises a cloud around Webroot's continued success, the company is no stranger to escaping threats.
The company was launched in 1997 by Steve Thomas and then-girlfriend Kristen Talley. Thomas was a state chess champion at age 10 who landed on an FBI watch list at age 14 after he hacked into a supercomputer at the National Center for Atmospheric Research, Moll said.
After the couple's relationship soured and sales plateaued at a few million dollars, Thomas and Talley in April 2002 hired Mr. Moll, a Duke University dropout who once worked at a screw machine factory in Cleveland to pay his way through night school.
At the time, Webroot sold a program for cleaning up unnecessary files on PCs, and revenues came evenly from Internet sales, AOL's Shop Direct and retail.
Just months after Mr. Moll joined, AOL went through a management change and strategy shift and it shut down sales through Shop Direct. Moll, Thomas and Talley stopped taking paychecks, but by then Webroot was developing Spy Sweeper. The program came to market in February 2003.
Posted at 9:36 in News | Permalink | 3 Trackbacks
May 10, 2006
The third time was not a charm...
Spyware soared in the first quarter this year - infecting an estimated 87 percent of consumers' PCs, according to security firm Webroot, which released its State of Spyware report Tuesday.
That's quiet a pop from the previous two quarters, when spyware had infected an estimated 72 percent of consumer PCs, according to Gerhard Eschelbeck, Webroot chief technology officer.
Webroot's CTO pointed to three things that drove the rapid rise of spyware in the first quarter. Topping the list was the flurry of IE flaws in the quarter that didn't have a patch available at the time they were disclosed. Greater sophistication of rootkits and a resurgence in building blocks to make phishing Trojan horses also added fuel to the fire for spyware.
And don't expect things to improve anytime soon. Eschelbeck estimates the infection rate for PCs will be in the 85 percent and 90 percent range for the rest of the year.
Posted at 16:49 in News | Permalink | 0 Trackbacks
May 07, 2006
FTC Orders Spyware Operator To Pay $4 Million
Federal Trade Comission ordered Sanford Wallace to pay back more than $4 million that he made by selling a anti-spyware software that fixes imaginary problems. Wallace and his SmartBOT company were selling two purported anti-spyware programs Spy Wiper and Spy Deleter.
According to FTC, Sanford Wallace exploited an Internet Explorer vulnerability, making users to believe that their computers are infected. The real spyware included a small program that opened the CD-ROM tray and displayed the message "If your cd-rom drives open . . .You DESPERATELY NEED to rid your system of spyware pop-ups IMMEDIATELY! Spyware programmers can control your computer hardware if you failed to protect your computer right at this moment! Download Spy Wiper NOW!
The Spy Wiper and Spy Deleter were sold for $30. FTC accused Wallace for spyware operations in 2004.
The order, issued by the U.S. District Court in New Hampshire, also bars Wallace and his company from:
-- Downloading spyware and any software onto consumers computers without consent;
-- Redirecting consumers' computers to sites or servers other than those the consumers selected to visit;
-- Changing any Web browsers default home page. A settlement with defendants OptinTrade and Jared Lansky prohibits the same practices. Lansky, an ad broker who distributed ads containing Wallace's spyware, will give up $227,000 in spyware-related profits.
In the 1990s Wallace was known as "Spamford" or "Spam King" because he headed a company, Cyber Promotions, that sent as many as 30 million junk e-mails daily to consumers.
Posted at 23:20 in News | Permalink | 0 Trackbacks
Adware Report | Site Map | spyware reviews | Recommended Books...