funsec mailing list archives
Sears.com: Join the Community Get Spyware
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Thu, 20 Dec 2007 17:28:39 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via The CA Security Advisor Research Blog. [snip] While Christmas shopping online this season, be careful what you are signing up for. Visiting Sears.com (and Kmart.com) a few weeks ago, I was offered a chance to join My SHC Community, for free, but what I received was, from a privacy perspective, very costly. Sears.com is distributing spyware that tracks all your Internet usage - including banking logins, email, and all other forms of Internet usage - all in the name of "community participation." Every website visitor that joins the Sears community installs software that acts as a proxy to every web transaction made on the compromised computer. In other words, if you have installed Sears software ("the proxy") on your system, all data transmitted to and from your system will be intercepted. This extreme level of user tracking is done with little and inconspicuous notice about the true nature of the software. [snip] Much more here: http://community.ca.com/blogs/securityadvisor/archive/2007/12/20/sears-com- join-the-community-get-spyware.aspx - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHaqZHq1pz9mNUZTMRAkgZAKDIe+AiAkY6MIJae9hpcea4aXOgLgCfSGYS nzIvJkB2sEX6/hK+xWokBRU= =y8ad -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Sears.com: Join the Community Get Spyware Paul Ferguson (Dec 20)
- Re: Sears.com: Join the Community Get Spyware scott (Dec 20)