Forgot your password?
typodupeerror
Security Privacy IT

Spyware or Researchware? 244

Posted by CowboyNeal
from the big-brother-is-logging dept.
prostoalex writes "When the story of Firefox Web site visitors being predominantly male was published, many questioned the methodology used to acquire such research data. This MSNBC article talks about another research company, ComScore Networks, using a free antivirus utility to lure the Web users into downloading a small utility to their hard drives. The catch? The software watches not only sites visited, but even locations of the mouse clicks. ComScore swears the final data does not contain any personal information, but, as the article states, anti-spyware utility manufacturers are still thinking whether to include it on their list."
This discussion has been archived. No new comments can be posted.

Spyware or Researchware?

Comments Filter:
  • Choice (Score:5, Interesting)

    by mfh (56) on Thursday April 21, 2005 @11:27PM (#12310021) Journal
    The beef I have with spyware is that it's never given me a choice; it installs without me knowing and lurks like a drooling Rutterkin in the corner -- waiting for me to spill my drink or drop The One Ring. But this research program is optional, right?

    I have no problem with optional programs that record data to be used in a study. My wife also participates in allgery studies. So?
  • by GoodbyeBlueSky1 (176887) <joeXbanks@hotmai ... com minus distro> on Thursday April 21, 2005 @11:30PM (#12310051)
    as the article states, anti-spyware utility manufacturers are still thinking whether to include it on their list.
    How would this not be spyware, exactly? It's not like this "research" will cure cancer.
  • by nigham (792777) on Thursday April 21, 2005 @11:32PM (#12310064) Homepage
    Unfortunately, if they give the users a choice to turn it off, you can't qualify the statistics obtained from users who allow information to be logged as good - e.g. who's to say whether guys may be more inclined to turn it off than girls - or conversely, women feel more threatened about privacy... in either case your stats will be skewed.

    In any case most users (myself, certainly) would turn it off - I am supremely uncomfortable with some random company knowing anything about what I do on my computer.
  • So... (Score:1, Interesting)

    by Anonymous Coward on Friday April 22, 2005 @12:05AM (#12310248)
    Does this mean that more men download firefox, or more men download this spyware?
  • by rewinn (647614) on Friday April 22, 2005 @12:08AM (#12310263) Homepage

    To the extent that something forthrightly discloses what it does and offers the choice to opt-in (...and to opt-out later easily if one changes one's mind ...), the validity of the data is compromised.

    There's nothing *wrong* with giving people the choice of providing information in exchange for an incentive (... I participate in surveys & studies all the time ...) but it is not unlikely that as a result, the sample becomes non-representative (except of itself.)

    How likely is it that the genders differ in their willingnes to risk giving away personal information, such as keystrokes that may disclose physical address? I would not trust gender statistics for web usage at all, except for indicating the gender of people who don't worry much about strangers learning their meatspace location.

    It may be that some data about semi-anonymous servces such as the web is impossible to get. As Johnny Cash sings, "I don't like it, but I guess things happen that way!"

  • by Anonymous Coward on Friday April 22, 2005 @12:17AM (#12310304)
    "Security professionals say ComScore dangerously slurps up all manner of personal information, including passwords for online banking services."

    Is the single scariest thing I've read, barring the end of the world that will result from the release of Longhorn.

    And
    ComScore officials said the sensitive data is never at risk.

    "We establish two secure communications. One with you, and one with the bank," Lin said.

    Is the third sariest. Of course the data is at risk, an information research company has your internet banking password, for crying out load! No one should ever have that.
    Besides you.
    And the bank has to have an ecrypted copy to check it against.
    But that's all.
    How secure is the network of a company that sells information going to be compared to a Bank?

    Mind you most people will be using windows at home, so most banking passwords are being collected through vulnerabilities at that end anyway.

  • by assassinator42 (844848) on Friday April 22, 2005 @12:48AM (#12310464)
    It started out being marketed as a way to "speed up" web browing, much like AOL is advertising with "Top Speed" now. According to the article, they even have access to encrypted connections. It also says that your passwords and stuff are visible to them. This isn't good, and they don't really state up front that they do this. I believe marketscore has been considered spyware for a while by some people. Also, the program they give you in exchange only scans emails, or so it appears. Definentaly not worth it.
  • Re:Well, doh! (Score:5, Interesting)

    by complete loony (663508) <Jeremy.Lakeman@gm a i l . c om> on Friday April 22, 2005 @01:01AM (#12310514)
    Ah, but lots of software that clearly state in their EULA's that they collect and submit information are also considered spyware. Yes they said it on their web page, but in a PR friendly way, most people will read it and not think about the privacy implications. Remember most people will give away their identity for the chance to win a chocolate bar.
  • by Anonymous Coward on Friday April 22, 2005 @01:05AM (#12310530)
    but why is it distressing to see?

    I can't understand why you'd find it offensive, it's not you, the person reading it who has done anything wrong....

    besides, if you believe there's a God, and you believe He created the world and everything in it, and you believe that He is everywhere, but you don't think he'll see past the * in G*ddamn, then you've got problems of your own.
  • Re:Depends... (Score:5, Interesting)

    by Dead Kitty (840757) on Friday April 22, 2005 @01:07AM (#12310537)
    A new question is exactly which parties does the software need to be upfront with? The Marketscore software has just recently changed it's tatics, it's no long just an issue with the End User anymore. They now are actively hiding themselves from end servers. The implications?

    Banks with online banking services have long banned authentication attempts coming from customers using known Marketscore proxies for obvious security reasons. This is due the violation of the terms & conditions presented when setting up an online banking account. The traditional Marketscore setup had client traffic sent to their proxies which was then forwarded to the intended site. This made it easy for us to track customers with "compromised" machines (Marketscore would never admit to compromising anything).

    Lately (last 1 or 2 weeks), we noticed in our server logs that connection attempts from Marketscore proxies suddenly dropped to nothing (from 100's to 0). After some investigation, we learned that the new Marketscore spyware now installs its proxy locally on the user's machine. It accumulates data in a local cache which is then sent back to Marketscore for their anaylsis. Because of this, we can no longer filter compromised machines running Marketscore shitware. Of course there's the other garbage like secretly installing their own root cert on the victim's machine, harder detection by anti-spyware programs, etc.

    Yes, maybe the user knows the benefits (and the world of hurt) they can expect from using this software...but what about the banks (or other businesses) who are actively trying to protect its customers? We're still trying to figure out how to deal with this on our side while individually informing the affected customers.
  • by Tim C (15259) on Friday April 22, 2005 @02:38AM (#12310872)
    While I generally agree with you, I do have two comments.

    Firstly, the editors didn't use the word "lure" at all, other than in so far as CowboyNeal chose to post this. All of the words in italics are those of prostoalex (unless he speaks up to claim that CowboyNeal changed them, of course).

    Secondly, if I had mod points, you'd be going down for that opening sentence :-)
    (No danger of that though, I've not had mod points for years)
  • It's spyware (Score:5, Interesting)

    by PhotoBoy (684898) on Friday April 22, 2005 @04:31AM (#12311215)
    If it monitors what I'm doing on my computer it should be classified as spyware. I don't care if it's for research rather than commercial uses, it's still spying.

    The fact that the spying program is included with a free anti-virus program to entice people to download it says it all.
  • Re:Depends... (Score:4, Interesting)

    by Anonymous Coward on Friday April 22, 2005 @05:29AM (#12311348)
    Nice to see someone else notice.

    How much do I hate ComScore/MarketScore, let me count the ways...

    1/ I *think* they use OpenSSL without giving any credit as required by the license. Evidence: http://groups.google.com.au/groups?q=comscore+open ssl&hl=en&lr=&c2coff=1&selm=bcqfh4%24mo9%241%40Fre eBSD.csie.NCTU.edu.tw&rnum=1 [google.com.au]

    2/ They actively seek little apps to install their software with. Evidence: http://groups.google.com.au/groups?q=comscore+spyw are&hl=en&lr=&c2coff=1&selm=x%25M3d.8204%24n16.579 6%40newsread2.news.atl.earthlink.net&rnum=3 [google.com.au]

    3/ They go out of their way to hide their identity from their "Panellists". Try and find a reference to Comscore on http://www.marketscore.com/ [marketscore.com]

    4/ They do not care about the security of the information of their panellists. Do some research on how they previously "Broke" SSL sessions and effectively proxied all "SSL Protected" information up to their proxy servers.

    5/ They actively try to disguise thier immoral practices to gather information. Try to find any mention of "Marketscore" on this page which is the sales site to sell their services to Marketing companies. http://www.comscore.com/metrix/xpc.asp [comscore.com]

    6/ They got Ernst and Young (I hate that company too) to "Certify" them. Read the report. It is laughable. https://cert.webtrust.org/ViewSeal?id=383 [webtrust.org]

    7/ They ONLY stopped proxying SSL sessions about 3 days AFTER the New Zealand banks went public saying they were blocking their software. Other banks were doing it just less publically. How much would their customer base have been eroded if everyone who does internet banking stopped using their software. That is, I believe, why they changed.

    8/ Now they just copy your data to servers. Not sure what. The SSL stuff is encrypted. Noone knows what they send but them.

    9/ Their software silently updates without telling the user. That's nasty.

    10/ They have only JUST added an "Add/Remove" control panel. Previously there were no visible clues that it was installed.

    11/ They marketed themselves as an Internet Accelerator. They did this by using proxy technology. This is horribly slow from overseas.

    The conspiracy theorists I know believe they are a front for the NSA. :-) Reston Virginia known for this sort of stuff?

    I just know they are evil. :-)
  • by Mattwolf7 (633112) on Friday April 22, 2005 @10:02AM (#12312712)
    Marketscore is Spyware
    You have been redirected here because your computer attempted to contact a Marketscore proxy server. While it is undetermined whether or not you intended to sign up for the Marketscore service, you should be informed of the following:

    * Your communications through Marketscore are not secured:

    Even though your browser displays a lock or key and indicates that you are using a secure connection (the URL begins with https://), your traffic is being tunneled through a Marketscore proxy which has direct, unencrypted access to your "secure" connections. Secure connections should always be made directly to the intended target. The Marketscore site certificate could be used to masquerade as any domain, even after being uninstalled.

    * Proxying could threaten University security:
    Your confidentiality, and that of other OSU services, students, staff and faculty could potentially be compromised since usernames and passwords could be recovered from data collected by Marketscore (previously Netsetter) or its future owners or management. As a student or staff member of The Ohio State University, you are granted access through your login name and password, which could be accessed by unauthorized third-parties through your use of a proxy such as Marketscore.

    * Proxying does not improve internet connection speeds: While Marketscore or any similar service may claim to improve connection rates, this is not shown in research.

    * It can be construed as a violation of Resnet and the University's Acceptable Use Policy: "Users will not attempt to circumvent the ResNet firewall or any other established network services" [AUP, ResNet]. Proxying through a third party such as Marketscore does just that.

    * Marketscore can update itself: Marketscore software can quietly (without user notificatation/intervention) update itself. This means arbitrary code can be executed on your machine at any time.

    In order to resume normal web browser activity, you must remove Marketscore from your computer. Below is a guide for removing this Spyware. To be certain that Marketscore is fully cleaned from your system, these instructions must be completed in their entirety.

    Remove Marketscore:

    Uninstall Marketscore
    Open the Control Panel
    Click Start->Control Panel (or if Control Panel does not appear, Start->Settings->Control Panel), click Add or Remove Programs
    Find the Marketscore (OR Netsetter) item in the list, and click to Remove it.
    Note: If Marketscore/Netsetter do not appear in the Control Panel, then you are infected with a self-installing variant of the spyware which you will have to remove using a "hidden" uninstall feature:
    ResNet marketscore removal batch tool
    Download and run MSremove.bat [ohio-state.edu]

    If, after following these instructions, your machine has not been cleaned of Marketscore, please contact the ResNet Support Center at 2-HELP (2-4357).

    Equip your computer with software to protect against other Spyware and remove possible lingering elements (registry entries, etc.) of Marketscore:

    In order to assure that your computer is free of other elements that can compromise your privacy and security, ResNet highly recommends that you install software that will detect and remove Spyware.

    The two leading applications are:
    Ad Aware - The personal edition is available for free download at http://www.lavasoft.com
    Spybot Search & Destroy - This software is freely available at http://security.kolla.de
    Install one of these (installing both can cause conflicts), be sure that the spyware definitions are up to date, and scan your system periodically. Doing this, in addition to protecting your privacy and security, will help keep your computer clean and running efficiently.

    This lameness filter really sucks.... I'm not sure how i feel about OSU blocking it. I guess they do it because it hurts their network, but what if they block something else?

For every bloke who makes his mark, there's half a dozen waiting to rub it out. -- Andy Capp

Working...