Sun Java Runtime Uploads Usage Data to RedSheriff?

stereoroid writes "

It appears as if the Sun Java 2 Runtime Environment, version 1.3.1_02 and later, is reporting usage statistics to a company called RedSheriff, presumably on behalf of Sun. This was the Win32 version, but other versions probably have the same "feature". If you load up the Java Console, you see multiple messages like this:

----------- RedSheriff Measurement -----------
Privacy: http://www.redsheriff.com/privacy.htm
Record Sent

I noticed this while setting up the latest version of Compaq Insight Manager 7, which includes JRE 1.3.1_02 (but works with 1.4.0 too). I started examining what was happening using a network sniffer, and could see several http requests to a server under http://imrworldwide.com/, a domain name owned by RedSheriff. The data in the packets included details of the system environment, and I even saw a URL that I had accessed in a previous unrelated browser session. This was a partial capture only, it doesnt happen every time, but Ill keep watching to see what else goes through. If I use the JRE, must Sun know my IP address and what OS Im running, and more? This has also been quietly commented on in Sun's Java Forums too. I'm currently digging for a way around this - any ideas, besides a firewall?"

What can you do?

[kingosric]

Send back fake results to screw up their data....

Edit.

[QuodEratDemonstratum]

If you haven't got a firewall, edit the binary and alter the URL the messages are sent to. "http:www.sun.com/abuse" should send the point when they look in their server logs.

Responses from Poster

[stereoroid]

1. You think I didn't check this first? Why did I see this behaviour on 2 different systems, starting with the installation of a new Sun JRE?
2. Yes, I used a search engine, and found the same Trojan data. Yes, it's a Trojan, but who put it on my system? From the evidence, it appears that this is being done on Sun's behalf. I know it might not have come from Sun, but this behaviour started with a new JRE, and we don't go surfing the Net on a working server console.
3. By "short of a firewall", I should have said "another firewall". I don't have the privileges to modify a corporate firewall (it's a very big company). Thanks for the reminder about modifying the hosts file - last resort, I guess.
4. You assume that because I am using some Win32 systems here at work, that I am a Windoze Luser, and can thus be dismissed with a few careless swearwords. I'm not interested in getting into a pi$$ing contest with anyone, I'll just say that I know that nothing sucks like M$, yet I can deal with them and their products professionally. And you wonder why we're not all using Linux yet, with such lame attitudes?

None of the above comments go any way towards answering my question. l33t nerds - who needs 'em?

Re:Responses from Poster

[scrytch]

I was going to address your points individually, but frankly I think you've written everyone off already. I hope you're putting up an anti-Sun page right now, excoriating them for their spyware, and calling for a class-action suit or something. Would serve you right when you end up with egg on your face.

None of the above comments go any way towards answering my question.

What question? You started with an accusation. Your accusation was demolished. You weren't told what you want to hear, so you're throwing a tantrum. By all means, do pick up your ball and go home.