Educause Security Discussion mailing list archives
Re: Marketscore and Higher Ed
From: Joel Rosenblatt <joel () COLUMBIA EDU>
Date: Wed, 22 Dec 2004 16:45:27 -0500
Hi, They can take issue all they like, they are still acting as a proxy between the users machine and the target system .. be it a bank, medical records or our University. They are decoding everything the user types and processing it. If I were a bad guy, I would have a job application in at Marketscore right now. I agree that they disclose all of the information about what they are doing, but I am know that someone like my father will sign up for anything and he never reads the EULA .. especially when it's over 6 pages long. These are of course my opinions. (but we are one of the 2 universities mentioned by name in this article) Thanks, Joel Rosenblatt Joel Rosenblatt, Senior Security Officer & Windows Specialist, AcIS Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033 http://www.columbia.edu/~joel --On Wednesday, December 22, 2004 2:54 PM -0600 Steve Brukbacher <sab2 () UWM EDU> wrote:
Hello, This is an interesting article about Marketscore. The VP of marketscore is apparently taking issue with higher education. http://news.com.com/ComScore+Spyware+or+researchware+-+page+3/2100-1032_3-5494004-3.html?tag=st.next or http://tinyurl.com/6vj54 Particularly, see this part on the first page "There's a small group of people in universities who've taken it upon themselves to take an issue with our software," said Dan Hess, senior vice president of industry analysis at ComScore. "We're trying to make them fully aware of the nature of our (products and services). It's a completely voluntary program." And then this excellent rebuttal from Steven Schuster from Cornell on pages 2 and 3...... "They may be upfront up about it, and you can put the pieces together, but it requires a full understanding of network security and of legalese," said Steven Jay Schuster, security director at Cornell University, which recently warned students of potential spyware dangers in Marketscore. From my vantage point, their claim of speeding up your internet experience is flimsy at best, at worst fraudulent. Their website is doing exactly what malware always does; claims to do one thing while its true intent is something entirely different. http://www.marketscore.com/Home.aspx The article also claims that Marketscore does the following: "To compile data, Marketscore redirects Internet traffic through its own servers and decrypts secure data transfers between a PC user and a Web site using Secure Sockets Layer (SSL), the de facto security standard for e-commerce transactions. Doing so, it can collect highly personal information, including bank passwords, health data and credit card numbers." -- -- Steve Brukbacher University of Wisconsin Milwaukee Information Security Coordinator UWM Computer Security Web Site www.security.uwm.edu ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Joel Rosenblatt, Senior Security Officer & Windows Specialist, AcIS Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033 http://www.columbia.edu/~joel ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Marketscore and Higher Ed Steve Brukbacher (Dec 22)
- <Possible follow-ups>
- Re: Marketscore and Higher Ed Joel Rosenblatt (Dec 22)
- Re: Marketscore and Higher Ed Mike Iglesias (Dec 22)
- Re: Marketscore and Higher Ed James H Moore (Dec 22)
- Re: Marketscore and Higher Ed Jere Retzer (Dec 22)
- Re: Marketscore and Higher Ed Jeff Kell (Dec 23)
- Re: Marketscore and Higher Ed Gary Dobbins (Dec 23)
- Re: Marketscore and Higher Ed Joel Rosenblatt (Dec 23)
- Re: Marketscore and Higher Ed Joe St Sauver (Dec 23)
- Re: Marketscore and Higher Ed Mark Poepping (Dec 23)
- Re: Marketscore and Higher Ed David L. Wasley (Dec 23)