So which was it?
Months of Google poisoning or just day(s)?
It wasn't "months". I think that confusion came from a subsequent blog post we made where we talked about having tracked _comment spam_ bots for months. This attack was only a matter of days. A number of the domains involved, for example, were registered on the 24th or 25th of November.
Alex Eckelberry
Sunbelt
This case is so wrong on so many levels. Julie Amero is looking at 40 YEARS in prison. For a spyware infestation.
Every available piece of evidence known to the public indicates that that Ms. Amero is innocent of the charges.
The defense contends this was a case of spyware on the school machine -- a barrage of popups. And from what we know of the case, it certainly looks like it was (if you want to see what a porn spyware infestation actually looks like, Ben Edelman shows it here: http://www.benedelman.org/news/062206-1.html -- it's quite a real problem).
According to one article, "Computer expert W. Herbert Horner, who performed a forensic examination of the computer for the defense, said Amero may have been redirected to the sexually-oriented sites through a hairstyling site accessed from the computer. He said the site allowed spyware to be downloaded onto the computer which allowed the pop-ups."
The detective in the investigation "admitted there was no search made for adware, which can generate pop-up advertisements". It's incredible that they never even _checked_ for spyware.
The court actions of the case were flawed as well. For example, one source reports that the Trial Judge, Hillary Strackbein, "was seen falling asleep during proceedings and made comments to the jury that she wanted the case over by the end of the week. It was also reported that Judge Strackbein attempted to pressure the defense into an unwanted plea deal, in place of a trial. The defense attorney for Amero, moved for a mistrial shortly before closing arguments Friday, based on reports that jurors had discussed the case at a local restaurant."
Finally, note that the school didn't even have active content filtering in place (not that it would have probably made a difference).
The fact that there were pornographic images on the computer means nothing, because whenever a popup launches, the images in the popup are stored on the computer. The fact that the logs indicated that she "visited" the sites also means nothing, since when the porn popups come through, they get logged as well.
The fact that the machine was never scanned for spyware by the investigating authorities is outrageous. In fact, this alone should have resulted in the case being dismissed, as the defense found a major spyware infection by their expert forensic evidence.
Was justice done here? A bad spyware infestation can splatter a machine full of porn popups and it's more than a bit unnerving to think that a teacher could get hard prison time for something that was innocent.
Death threats? Oh dear.
We already largely do what you're discussing -- we detect the program and provide information on it, but the default action is not to remove it -- the user actually has to tell the program to remove your software. If the program is actually wanted, I can't fathom why a user would remove it. We're just telling them it's on the system and giving them the choice to remove.
Alex Eckelberry
Having been on the manufacturers side, redemption is the major problem for vendors. Net-zero rebates (where you get the full amount of the purchase paid) actually result in redemption rates in excess of 90%.
You can do the math. Let's say you have a $29.95 (street price) piece of software. It costs, at the most, $1.50 to produce. You sell it to Navarre or Ingram for about 35% off list, about $19. Count in your back-end rebates to Comp, Best Buy, etc., you might get about $18. Deduct your cost of $1.50 and you have a gross profit of roughly $16.
If you run a net-to-zero rebate, and if you get a 90% redemption rate, you're paying out $29.95 on 90% of your sales, and you only actually make about $16 per unit.
The redemption dynamics vary depending on the amount of money. I don't recall the stats (they are well known on the vendor side), but the amount of redemption varies depending on how much you're paying. Guess at, say, a 40% redemption for a $10 rebate, a 50% redemption for $20 rebate, etc.
The vendor game used to be to try to make it as difficult as possible to get the lowest possible redemption rates. It seems to be getting a bit better. Threat of legal action seems to have helped.
This guy actually has the right idea. Turn the rebate experience into something positive.
Slashdot Mirror
So which was it? Months of Google poisoning or just day(s)? It wasn't "months". I think that confusion came from a subsequent blog post we made where we talked about having tracked _comment spam_ bots for months. This attack was only a matter of days. A number of the domains involved, for example, were registered on the 24th or 25th of November. Alex Eckelberry Sunbelt
This is clearly a grave miscarriage of justice.
This case is so wrong on so many levels. Julie Amero is looking at 40 YEARS in prison. For a spyware infestation.
Every available piece of evidence known to the public indicates that that Ms. Amero is innocent of the charges.
The defense contends this was a case of spyware on the school machine -- a barrage of popups. And from what we know of the case, it certainly looks like it was (if you want to see what a porn spyware infestation actually looks like, Ben Edelman shows it here: http://www.benedelman.org/news/062206-1.html -- it's quite a real problem).
According to one article, "Computer expert W. Herbert Horner, who performed a forensic examination of the computer for the defense, said Amero may have been redirected to the sexually-oriented sites through a hairstyling site accessed from the computer. He said the site allowed spyware to be downloaded onto the computer which allowed the pop-ups."
The detective in the investigation "admitted there was no search made for adware, which can generate pop-up advertisements". It's incredible that they never even _checked_ for spyware.
The court actions of the case were flawed as well. For example, one source reports that the Trial Judge, Hillary Strackbein, "was seen falling asleep during proceedings and made comments to the jury that she wanted the case over by the end of the week. It was also reported that Judge Strackbein attempted to pressure the defense into an unwanted plea deal, in place of a trial. The defense attorney for Amero, moved for a mistrial shortly before closing arguments Friday, based on reports that jurors had discussed the case at a local restaurant."
Finally, note that the school didn't even have active content filtering in place (not that it would have probably made a difference).
The fact that there were pornographic images on the computer means nothing, because whenever a popup launches, the images in the popup are stored on the computer. The fact that the logs indicated that she "visited" the sites also means nothing, since when the porn popups come through, they get logged as well.
The fact that the machine was never scanned for spyware by the investigating authorities is outrageous. In fact, this alone should have resulted in the case being dismissed, as the defense found a major spyware infection by their expert forensic evidence.
Was justice done here? A bad spyware infestation can splatter a machine full of porn popups and it's more than a bit unnerving to think that a teacher could get hard prison time for something that was innocent.
Did the users actually sign on as 'presenters' and how would this crash Live Meeting?
No, it meant that everyone had control of the meeting, so the slides kept flipping back and forth as anyone was able to control the meeting.
Alex Eckelberry
No worries, no intention of caving in. I was only clarifying the technicality ;-)
Death threats? Oh dear. We already largely do what you're discussing -- we detect the program and provide information on it, but the default action is not to remove it -- the user actually has to tell the program to remove your software. If the program is actually wanted, I can't fathom why a user would remove it. We're just telling them it's on the system and giving them the choice to remove. Alex Eckelberry
Just to clarify -- we are not being sued. We received a demand to remove their product from our database. I've blogged about it here http://sunbeltblog.blogspot.com/2005/11/retrocoder .html
Alex Eckelberry
Sunbelt
These are the dudes mentioned in Paperghost's research
Check it out
http://www.marketingmetrixgroup.com/
You can do the math. Let's say you have a $29.95 (street price) piece of software. It costs, at the most, $1.50 to produce. You sell it to Navarre or Ingram for about 35% off list, about $19. Count in your back-end rebates to Comp, Best Buy, etc., you might get about $18. Deduct your cost of $1.50 and you have a gross profit of roughly $16.
If you run a net-to-zero rebate, and if you get a 90% redemption rate, you're paying out $29.95 on 90% of your sales, and you only actually make about $16 per unit.
The redemption dynamics vary depending on the amount of money. I don't recall the stats (they are well known on the vendor side), but the amount of redemption varies depending on how much you're paying. Guess at, say, a 40% redemption for a $10 rebate, a 50% redemption for $20 rebate, etc.
The vendor game used to be to try to make it as difficult as possible to get the lowest possible redemption rates. It seems to be getting a bit better. Threat of legal action seems to have helped.
This guy actually has the right idea. Turn the rebate experience into something positive.
Don't hold your breath.