funsec mailing list archives
Researcher says Sears downloads spyware
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Wed, 2 Jan 2008 08:57:49 -0500
http://www.infoworld.com/archives/emailPrint.jsp?R=printThis <http://www.infoworld.com/archives/emailPrint.jsp?R=printThis&A=/article/07/ 12/31/Researcher-says-Sears-downloads-spyware_1.html> &A=/article/07/12/31/Researcher-says-Sears-downloads-spyware_1.html Researcher says Sears downloads spyware Sears and Kmart customers who sign up for the My SHC marketing program could, in essence, be stuck with spyware without notification, a Harvard professor says By Robert McMillan, IDG News Service December 31, 2007 Sears and Kmart customers who sign up for a new marketing program may be giving up more private information than they'd bargained for, a prominent anti-spyware researcher claims. <A HREF="http://ad.doubleclick.net/jump/idg.us.info.print_this/printThis;pos=im u;pkey=application_development;pkey=applications;pkey=business;pkey=data_man agement;pkey=networking;pkey=hardware;pkey=platforms;pkey=professional_servi ces;pkey=security;pkey=web_services;pkey=standards;pkey=storage;pkey=securit y;pkey=telecom;pkey=wireless;skey=application_servers;tile=4;sz=336x280;abr= !ie4;abr=!ie5;abr=!ie6;ord=7935984517633593?"><IMG SRC="http://ad.doubleclick.net/ad/idg.us.info.print_this/printThis;pos=imu;p key=application_development;pkey=applications;pkey=business;pkey=data_manage ment;pkey=networking;pkey=hardware;pkey=platforms;pkey=professional_services ;pkey=security;pkey=web_services;pkey=standards;pkey=storage;pkey=security;p key=telecom;pkey=wireless;skey=application_servers;tile=4;sz=336x280;abr=!ie 4;abr=!ie5;abr=!ie6;ord=7935984517633593?" WIDTH="336" HEIGHT="280" BORDER=0 ALT=""></A> <http://ad.doubleclick.net/jump/idg.us.info.general/noscript;pos=imu;tile=6; sz=336x280;ord=123456789?> According to Harvard Business School Assistant Professor Ben Edelman, Sears Holdings' My SHC Community program falls short of U.S. Federal Trade Commission (FTC) standards by failing to notify users exactly what happens when they download the company's marketing software. And given the invasive nature of the product, Sears has an obligation to make its behavior clearer to users. "The software is not something you'd want on your computer or the computer of anyone you care about," Edelman said in an interview. "It tracks every site you go to, every search you make, every product you buy, and every product you look at but don't buy. It's just spooky." Edelman has written up an analysis <http://www.benedelman.org/news/010108-1.html> of Sears's software, set to be made public on Tuesday. Problems with the retailer's My SHC Community program were first brought to light in late December, when CA senior engineer Benjamin Googins, wrote <http://community.ca.com/blogs/securityadvisor/archive/2007/12/20/sears-com- join-the-community-get-spyware.aspx> a blog entry criticizing the software, which was written by VoiceFive <http://www.voicefive.com/> , a subsidiary of Internet measurement firm ComScore <http://www.comscore.com/> . ...
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Researcher says Sears downloads spyware Richard M. Smith (Jan 02)
- Re: Researcher says Sears downloads spyware Florian Weimer (Jan 02)