Spyware or Researchware?

← Back to Stories (view on slashdot.org)

Posted by CowboyNeal on Thursday April 21, 2005 @03:23PM from the big-brother-is-logging dept.

prostoalex writes "When the story of Firefox Web site visitors being predominantly male was published, many questioned the methodology used to acquire such research data. This MSNBC article talks about another research company, ComScore Networks, using a free antivirus utility to lure the Web users into downloading a small utility to their hard drives. The catch? The software watches not only sites visited, but even locations of the mouse clicks. ComScore swears the final data does not contain any personal information, but, as the article states, anti-spyware utility manufacturers are still thinking whether to include it on their list."

12 of 244 comments (clear)

Min score:

Reason:

Sort:

Gendericator by fembots · 2005-04-21 15:25 · Score: 5, Funny

To find out the gender of a visitor, just create a site which requires visitors to hold one key while moving the mouse.

--
Rock that crushes, Paper & Scissors that don't matter.
1. Re:Gendericator by mfh · 2005-04-21 15:29 · Score: 5, Insightful
  
  To find out the gender of a visitor, just create a site which requires visitors to hold one key while moving the mouse.
  
  Or you can ask... most people are honest about their gender unless they are in a chat room. But without any social interaction nobody has a reason to lie.
  
  --
  The dangers of knowledge trigger emotional distress in human beings.
2. Re:Gendericator by eric76 · 2005-04-21 15:39 · Score: 5, Funny
  
  most people are honest about their gender unless they are in a chat room. But without any social interaction nobody has a reason to lie.
  
  On the other hand, if they had a slashdot poll asking what is your sex and the possible choices were "male", "female", "none", "both", "not applicable", and "i ate a pizza for supper last night", the "male" and "female" would probably be on the low end of the answers.
3. Re:Gendericator by Trejkaz · 2005-04-21 16:38 · Score: 5, Funny
  
  In Soviet Russia, the Cowboy Neal option forgets You!
  
  --
  Karma: It's all a bunch of tree-huggin' hippy crap!
Depends... by LewsTherinKinslayer · 2005-04-21 15:27 · Score: 5, Insightful

The difference between Spyware and Usage Statistics pretty simple: is it clearly stated to the End User and is optionable. Essentially, its not spyware if you know about it up front and have the ability to (actually,) turn it off.
1. Re:Depends... by pete6677 · 2005-04-21 15:41 · Score: 5, Insightful
  
  Most importantly, is it overly difficult to remove? If the software was either carelessly created or intentionally designed to resist uninstallation, it could cause problems for the user and should be avoided.
2. Re:Depends... by Dead+Kitty · 2005-04-21 17:07 · Score: 5, Interesting
  
  A new question is exactly which parties does the software need to be upfront with? The Marketscore software has just recently changed it's tatics, it's no long just an issue with the End User anymore. They now are actively hiding themselves from end servers. The implications?
  
  Banks with online banking services have long banned authentication attempts coming from customers using known Marketscore proxies for obvious security reasons. This is due the violation of the terms & conditions presented when setting up an online banking account. The traditional Marketscore setup had client traffic sent to their proxies which was then forwarded to the intended site. This made it easy for us to track customers with "compromised" machines (Marketscore would never admit to compromising anything).
  
  Lately (last 1 or 2 weeks), we noticed in our server logs that connection attempts from Marketscore proxies suddenly dropped to nothing (from 100's to 0). After some investigation, we learned that the new Marketscore spyware now installs its proxy locally on the user's machine. It accumulates data in a local cache which is then sent back to Marketscore for their anaylsis. Because of this, we can no longer filter compromised machines running Marketscore shitware. Of course there's the other garbage like secretly installing their own root cert on the victim's machine, harder detection by anti-spyware programs, etc.
  
  Yes, maybe the user knows the benefits (and the world of hurt) they can expect from using this software...but what about the banks (or other businesses) who are actively trying to protect its customers? We're still trying to figure out how to deal with this on our side while individually informing the affected customers.
Choice by mfh · 2005-04-21 15:27 · Score: 5, Interesting

The beef I have with spyware is that it's never given me a choice; it installs without me knowing and lurks like a drooling Rutterkin in the corner -- waiting for me to spill my drink or drop The One Ring. But this research program is optional, right?

I have no problem with optional programs that record data to be used in a study. My wife also participates in allgery studies. So?

--
The dangers of knowledge trigger emotional distress in human beings.
Antivirus software, huh? by FlyByPC · 2005-04-21 15:28 · Score: 5, Funny

Isn't that sort of app supposed to be CHECKING for trojans? Sheesh.

--
Paleotechnologist and connoisseur of pretty shiny things.
spyware (noun) by weighn · 2005-04-21 15:30 · Score: 5, Insightful

any software that covertly gathers information about a user while he/she navigates the Internet and transmits the information to an individual or company that uses it for marketing or other purposes - http://dictionary.reference.com/search?q=spyware
The software watches not only sites visited, but even locations of the mouse clicks.
add the use of the word "lure" and it makes me think that this is, indeed, spyware.

--
Mongrel News all the news that fits and froths
If you give choice, there's no research by nigham · 2005-04-21 15:32 · Score: 5, Interesting

Unfortunately, if they give the users a choice to turn it off, you can't qualify the statistics obtained from users who allow information to be logged as good - e.g. who's to say whether guys may be more inclined to turn it off than girls - or conversely, women feel more threatened about privacy... in either case your stats will be skewed.

In any case most users (myself, certainly) would turn it off - I am supremely uncomfortable with some random company knowing anything about what I do on my computer.

--
I don't want to read /. I want to go home and re-think my life.
Hostile code - forges SSL certs by Animats · 2005-04-21 18:11 · Score: 5, Informative
It's more than spyware. This thing reroutes all your browser traffic through their proxy. That's how they see what you're doing. It includes rogue SSL certificates so it can capture encrypted connections. Yes, they get to see all your credit card numbers. Major universities, including UCIC, UCLA, UC Riverside, UCSD, Texas Tech, Windsor, UNC, Old Dominion, Michigan, Iowa, McGill, Carlton, Cornell, American University, Stanford, and Columbia are blocking conections to Marketscore for this reason. If you have Marketscore installed at one of those schools, you get a warning page like this.
Some banks also block online banking sessions coming in via Marketscore's proxies.
This is the same spyware previously known as "netsetter". There's no question about this being spyware.
Here's Stanford's Information Security Office's statement on Marketscore.
- Security Alert: MarketScore Spyware
  11 Jan 2005
  MarketScore (also called NetSetter) is a spyware-like application that compromises the security of all data sent or received by your web browser, even on "secure" encrypted web sites. All external browser communications are re-routed through MarketScore's proxy servers, so they have access to any "secure" traffic/passwords/accounts that otherwise would be encrypted.
  If you have MarketScore installed on your computer and have used your browser for any services that require WebLogin, your password should be considered compromised. After you have removed MarketScore from your computer, we strongly recommend that you change your SUNet password. This advice also applies to any other secure web sites you may have visited with your browser.
  The Information Security Office is directly contacting owners of machines that appear to behave as if MarketScore is present.
  Technical Detail
  MarketScore reconfigures the browser to use a "proxy server" for all non-local connections, including HTTPS connections. A proxy server is a machine that acts as a middle-man, brokering web page requests intended for other sites. So if the browser on machine A wants to visit web sites C, D, and E it makes all those requests through the proxy server B. B then contacts C, D, and E and passes the results back to A. This is usually transparent to the user on machine A after the browser has been configured to use the proxy.
  Web proxies are typically used in a corporate environment where all web traffic must be controlled or inspected centrally, although in the case of secure HTTPS traffic there is ordinarily nothing the proxy can do except forward the connection or refuse it. In this case, the proxy servers belong to a company called ComScore where they collect and analyze the intercepted data.
  While ordinarily an HTTPS connection would simply pass through a proxy securely, in this case MarketScore also installs a new root certificate in your browser so that it can decrypt all intercepted SSL connections (a "man-in-the-middle" attack) without triggering a security warning from the browser. In normal operation, browsers would complain if a site certificate doesn't match the domain of the URL, but the new root certificate tells the browser to trust ComScore's site certificate for any URL.
This goes well beyond what Marketscore claims their program does.
That seems to settle the issue.