SpywareInfo Home
Spyware Weekly Newsletter > May 13, 2003

New.Net sues Lavasoft

New.Net has filed a lawsuit in Los Angeles County against Lavasoft and Nicolas Stark Computing AB for libel and false advertising.

Lavasoft is the distributor of Ad-aware spyware remover. Ad-aware is one of the most popular and widely used spyware/hijackware removal programs in the world. It comes in three flavors, the free Standard version and the $26.95 Plus version for home users, as well as the $39.95 Professional version for business users. Nicolas Stark is the lead developer of Ad-aware and one of the owners of Nicolas Stark Computing AB, which publishes the software.

New.net is a company that sells third and fourth level subdomains as "top level domains". For example, the domain http://www.book.shop actually resolves to http://www.book.shop.new.net if you are a New.Net user. These domains are unofficial and won't resolve without a software plug-in unless you receive your internet access from an ISP which has modified its customer's name servers to use new.net domains. There is a list of these ISPs at http://www.new.net/about_us_partners.tp#ISP. New.net estimates that they have over 186 million users worldwide.

The complaint filed by New.Net is as follows. "Complaint for false advertising, trade libel. Defendant falsely targets plaintiff as a 'Data Miner,' and prompts the computer user to remove the New.net's client software." In fact, Ad-aware does no such thing. Ad-aware lists components of the targets in its database, then waits for the user to decide what to do. Ad-aware removes nothing unless the user instructs it to do so.

Lavasoft denies that New.Net's software is listed as a "data miner" and states that it is actually listed as "miscellaneous". I have downloaded a component of New.Net to have Ad-aware scan it, and sure enough it is listed as "Misc" and not "data miner".

New.Net Object recognized!
  Type               : File
  Data               : uninstall4_80.exe
  Category         : Misc
  Comment         :
  Object            : C:\Program Files\NewDotNet\

Lavasoft does not confirm that there is a lawsuit, and New.Net does not deny it. "While we are aware of the complaint, and have responded to their inquires (sic), we have not yet received a reply" is what Lavasoft spokesman Michael Wood said of the situation.

Both companies are being very quiet about the issue. No doubt both companies wish to avoid the sort of flame war that tends to break out whenever New.Net and Ad-aware are both mentioned in the same breath. New.Net's CEO Dan Sheehy has promised to answer some questions that I have sent to him. I'll have those questions and answers for you when they are returned to me.


http://www.lavasoft.de/ Lavasoft's web site
http://www.new.net/ New.Net's web site
http://www.new.net/about_us_partners.tp#ISP List of New.Net-enabled ISPs

Featured Software

Permlink | Top

Title: Ghostsurf Pro
Author: Tenebril
License: $39.95 $29.95 with coupon code SPYWAREINFO3

Surf the internet in privacy!

Remember when the internet was anonymous? Nowadays, being truly anonymous is extremely difficult. Advertisers track you with cookies and web bugs. Web sites use software that can trace your computer's internet address and locate the city you live in. Bulletin boards record your internet address into a database with every message you post. Even your ISP could be logging where you surf in order to build marketing profiles of its users.

Ghostsurf Pro allows you to surf the net with true anonymity. It sits between your computer and the Internet and controls every piece of data going in either direction. It lets you see everything that your computer sends out, and it lets you block certain things from being sent. Commands from a web site to set a cookie can be ignored and existing cookies can be blocked before they are sent out. It will also block advertisements from selected sites and it has an excellent pop up blocker.

Most programs which perform similar functions are an "all or nothing" proposition. Either they block everything from all sites or they block nothing at all. Ghostsurf Pro allows you to fine tune each individual web site if you have particular needs. For instance, you will need to have cookies working in order to check web based email. The options give you a very thorough level of control if you require it.

Ghostsurf Pro also allows you to surf the internet without exposing your real internet address. It can even stop casual snooping and profiling by your ISP. It accomplishes this by routing web surfing traffic through any number of anonymous proxy servers. Your ISP doesn't see the web site that you are looking at. All it sees is that you have connected to a proxy server. Web sites and advertisers get the proxy server's IP address, not your's.

You can accomplish much the same thing with services such as anonymizer.com, but those services can slow down your browsing speed. Ghostsurf Pro eliminates that slowdown by routing each request through multiple proxy servers. Whichever server answers first is the one it uses and there is usually very little drop in performance.

When you surf the web, every file and image that appears in your browser is downloaded and saved temporarily into a special cache folder. Ghostsurf Pro will clean up these usage traces. Everything from temporary internet cache to the list of recently opened documents can be deleted securely. It even has a spyware scanner, though to be honest, it isn't very good.

As always, we have arranged for a special discount for our readers. Use coupon code SPYWAREINFO3 while purchasing and you will receive 25% off the regular price. This discount is a service that we provide every week. The proceeds help us pay for running SpywareInfo and to continue helping thousands of people infected with the newest advertising parasites. If you would like to suggest a product for this discount program, drop us a line and tell us your suggestion.

Purchase Ghostsurf Pro for 25% off the regular price

The class struggle continues

Permlink | Top

"The Capitalists will sell us the rope with which we will hang them"

That is what Vladimir Ilyich Lenin, the first leader of the Communist Party of The Soviet Union, once had to say about the capitalist nations that he considered to be class enemies. Although Russian Communism actually ended up hanging itself in the end, Vladimir Ilyich's statement reflected a shrewd understanding of how we capitalists do things.

We do business with anyone, regardless of who they are, and sell them anything, regardless of whether or not they should be trusted with what they are being sold. As long as there is money to be made, ethics, morality, and common sense are set aside for the pursuit of profit. As proof of this, we have the recent sale of RFID (Radio Frequency Identification) technology to the so called People's Republic of China by Texas Instruments.

RFID tags are microchip-sized radio transceivers that are designed to be tracked by larger, hand-held transceivers. The main application of these tags is inventory control. Everything from massive storage warehouses to small retail outlets will be able to track the physical location of every single object within range that has a RFID tag attached or embedded. Michelin uses the technology to allow an automobile's onboard computer to track tire pressure in realtime.

Of course, this "inventory control" technology can also be used to track people. That is exactly what the People's Republic is doing with the technology, testing their ability to track their citizens. Delegates to a recent Communist Party meeting were all required to wear a badge with an embedded RFID tag. Each tag sent back a unique ID code which allowed the Communists to track where each of their delegates were during the entire event.

A company based in the United States has no business selling such technology to a government that is the poster child of oppression and citizen-slavery. The Communist thugs who rule China with blood-soaked iron fists view the Chinese citizen as property to be used and disposed of at will. To them, this really is "inventory control".

Most Americans would be ashamed of themselves if they helped a group of tyrants such as these, even if it were by accident. Those at Texas Instruments, on the other hand, appear to be quite pleased that they are helping China to further enslave its population.

"We'd love to do a full-blown press release, case study, etc., but the Communist Party will not allow it at this time." -Bill Allen, Spokesman for Texas Instruments.

Anyone at Texas Instruments who is involved with this sale should be ashamed of themselves. The only product that I have ever purchased from Texas Instruments was a calculator several years ago. It was the last purchase from them that I will ever make. I refuse spend money with a company that provide tyrants with the technology to oppress their citizens.


Links:
http://www.spywareinfoforum.info/rd/michelinrfid/ Michelin embeds RFID tags in tires
http://news.com.com/2009-1088-984352.html?tag=fd_rndm#31 China tracks Communist Party members with RFID tags

Opt out of pre-approved credit offers

Permlink | Top

There is an email making the rounds that I thought I would mention. First, the email itself (all typos are the author's).

Just wanted to let everyone know who hasn't already heard, the four major credit bureaus in the US will be allowed, starting July 1, to release your credit info, mailing addresses, phone numbers, etc., to "anyone" who requests it. (Anyone is considered only "legitimate" business concerns -whatever that means)If you would like to 'opt out' of this release of your info, you can call 1-888-567-8688. It only takes a couple of minutes to do.

Once the message starts you'll choose option #2 (even though option #1 refers to this E-mail) and then option #3 - Be sure to listen closely, the first option is only for a two-year period. Make sure you wait until they prompt for the third option, which opts you out forever. It's still interesting to just listen to option #1, which tries to discredit an e-mail circulating the internet ! But use he option #2 and #3 sequence to actually accomplish a perminate removal.

The FTC will send a follow up letter to you at your address to confirm this Opt Out.

This email is almost right. 1-888-567-8688, or 1-800-5optout, is a shared number used by the big four credit reporting agencies. If you call it, press #2, then select the second option from the next menu, you can opt out of all future mailings for pre-approved offers of credit from the big four credit reporting agencies. It has been available to consumers since 1997 as a provision of the Fair Credit Reporting Act.

The email above mixes this up with the Gramm-Leach-Bliley Act which requires banks and financial companies to give consumers reasonable time to opt out of having their personal information sold to third parties. Banks and other financial companies legally are able to sell your information to anyone with the money to buy it. It is your responsibility to opt out of that specifically at each company with which you do business. There is no deadline for doing this, despite the date mentioned in the email.


Related information:

http://www.privacyrights.org/ar/optout_truth.htm Privacy Rights Clearinghouse page about the email
http://www.snopes.com/inboxer/pending/credit.htm Snope.com's urban legend listing

Thanks to Pieter Arntz and Grummy for the info here

I don't like spam! - Graham Chapman

Permlink | Top

Spam, we all love to hate it. Many of us would also love to do something about the spammers who send it out. Several governments around the world would like to throw them in prison. The United Kingdom has outlawed spam altogether and the European Union seems ready to follow their example.

In the absence of federal law in the US, several individual states have passed their own laws to deal with the problem. The toughest such law is the Virginia Computer Crimes Act. Under this law, spammers face felony prosecution if they forge e-mail headers or other routing information and attempt to send either 10,000 messages within a 24-hour period or 100,000 in a 30-day period through any server located in Virginia. Since half the world's internet traffic passes through Virginia, the courts there have a legitimate claim to jurisdiction.

There are also three separate pieces of legislation soon to be discussed by the US Congress. Zoe Lofgren of California would fine spammers $10.00 per spam and then provide a government bounty for those reporting them. Senators Conrad Burns and Ron Wyden have introduced a bill that requires all unsolicited marketing email to have a valid return email address so that recipients can easily ask to be removed from mass email lists.

The best proposals that I've seen have been made by Senator Charles Schumer of New York. He would make the forging of email headers and sender addresses illegal. Schumer's bill would also outlaw the practice of harvesting email addresses from web sites, chat rooms, bulletin boards, and newsgroups. Email addresses posted online are the primary source of a spammer's mailing list according to a recent experiment by the Center for Democracy and Technology.

Of course, I'm not one to rely on the government to solve all of my problems for me. While some responsible legislation would be welcome, our best bet would be to enable consumers to fight back directly. Schumer's bill comes close, but I would add to it. By all means, let's outlaw the forging of email headers. Forgery is a crime, is it not? So let's prosecute spammers for doing it.

I also very much love the idea of outlawing email harvesting. Some time ago, email addresses were harvested from the SWI Support Forums and then added to a mailing list by the spammers at allposters.com. Allposters not only spammed the addresses stolen from my site, but they also had the nerve to suggest that I sold them the addresses.

Ever since the Allposters spammers stole those email addresses from my site, I have been on a crusade to sabotage the efforts of those who harvest addresses. This incident is what prompted me to start The Harvester Project. Unfortunately, the project as it stands now takes the wrong approach in dealing with address harvesting.

The goal of the project originally was to simply poison the results returned by an address harvester bot. It does this by having several hidden pages of bogus email addresses mixed with random text. The pages normally would not be visible to people, but would be seen and followed by robots. They would scoop up the fake addresses and fill up a spammers mailing list with garbage.

I now have an new direction that I would like the project to take, one that I feel would be much more effective. The goal will change from providing a bot with faked results to blacklisting that bot's IP address from the web sites of all other members of the project.

The site owner places all email contact information into a special sub directory on his or her web site, http://www.example.com/contact/ for instance. In this same /contact/ directory would also be hidden pages with several fake addresses. Using perl, php, or asp scripting, the email addresses can be dynamically generated to include the IP number of the bot accessing the page. Some examples would be 127-0-0-1-addy1@example.com and 127-0-0-1-addy2@example.com for a bot with an IP address of 127.0.0.1.

Additionally, all IP addresses accessing these hidden pages can be logged into a text file using the same script. The /contact/ directory will have to excluded from search engines with a valid robots.txt file to keep them out of it. Legitimate search engine bots will ignore any directory listed in the robots.txt file, which means that they should never access any document in that directory.

Since all links to the hidden pages are, well, hidden, no Human should ever access them either. As a further safeguard, the very first page should have a very prominent warning to go no further and IP addresses accessing this first page would be discarded. Any IP address accessing a document further in will almost certainly be a spam bot and would be logged.

Now that we have the IP addresses of what are surely spam bots, what do we do with them? These IP addresses will be blocked from any further access to that /contact/ directory, using whichever method is most convenient for that site owner. Anyone with a blacklisted IP address will still be able to access the rest of the web site, but they will be locked out of the one directory that contains email addresses and other contact information. Those blocked IP addresses can then be included on a public blacklist and used by other members of the project.

In addition to blocking the IP addresses, site owners can also keep watch for spam being sent to any address harvested by a bot. If I used a spam bot to harvest an address from a member's web site, the email addresses I would get back would be 66-82-156-143-addy1@example.com, 66-82-156-143-addy2@example.com, 66-82-156-143-addy3@example.com, and so on. The owner of example.com would be able to tell beyond any doubt that I had harvested their site if I spammed those addresses.

If Senator Schumer makes address harvesting illegal, I could go to jail at this point. If Schumer's bill also allows for civil lawsuits against address harvesters, the owner of example.com could sue me for harvesting his site. I believe that this could reduce significantly the number of people using these email harvesters. Currently, people fear publishing their addresses because of spambots. I want to change that by making spammers fear the consequences of using a spam bot and to make it safe for all of us to give out our addresses on our web sites.

All of this scripting is beyond my abilities. I could probably blunder through a PHP script to do part of it, but not everyone has PHP installed for their web site. The new project would need a PHP script, an ASP script, and a perl script available for use. It would also need a a method of obtaining the logged IP addresses of spam bots combined into a single list. The most obvious way would be to send the list to me, but I honestly wouldn't have time to deal with it.

My new idea needs some work and it needs the assistance of some scripters. I also need to come up with a way to combine everyone's blacklist into one big, public list in a way that doesn't require a lot of time and effort. Once I come up with a way to address these issues, I'll be sure to let everyone know.

There is a way to protect your email addresses now if you have PHP installed for your web site. I've been using a form mail script put out by dbmasters.net that creates a simple form for visitors to use. Javascripts and HTML encoding are often suggested as ways to hide addresses from bots, but these methods make it difficult, but not impossible for bots to read them. This PHP form makes it impossible for anyone to read the email address the message will be sent to.

For the spam that you already are receiving, you can control it with various mail rules or with specialized filtering software. My favorite spam control program is Mailwasher Pro. Mailwasher can check any number of different email accounts and can even check your hotmail account. It's available from Firetrust for $29.95 and there is a free 30-day trial. Go check it out.


Links:
http://www.cdt.org/speech/spam/030319spamreport.pdf CDT study on email harvesting
http://www.spywareinfoforum.info/forums/index.php?act=ST&f=1&t=1098 SWI Forum thread about Allposters spammers
http://www.spywareinfoforum.info/harvest_project/ The Harvester Project
http://www.dbmasters.net/support/news.php?action=view_story&id=26 PHP Email form
http://www.spywareinfoforum.info/rd/mailwasher/ Mailwasher Pro
http://www.stone-dead.asn.au/tv-series/sketches/fc-25/spam-sketch.html Monty Python's "I don't like spam!" sketch big grin

SUBSCRIBE
TO THE
SPYWARE WEEKLY!

Email Address

Site Search
Search this web site using Google.com

Site Navigation

About SpywareInfo
Contact us
Downloads Page
Latest Virus Alerts
Links Page
Privacy Policy
Support SpywareInfo
Support Forums
The Spyware Weekly


Spyware Search

Look up spyware in Spywareguide.com's spyware database
Search powered by SpywareGuide


Support SpywareInfo with PayPal - it 's fast, free and secure!
Support SpywareInfo

news.gif
Privacy News

Member of The Harvester Project

Stop Policeware

Anti-DMCA.org

Anti-TCPA



notetab

DogReader.com

XHTML

Advertising terms of use

All material on this web site is copyrighted
© 2001- 2017
by Mike Healan. ® All rights reserved.

SpywareInfo banner designed by mockie

For my bulk mailer visitors :)