Researcher says Sears downloads spyware

["Richard M. Smith" <rms () computerbytesman com>]

http://www.infoworld.com/archives/emailPrint.jsp?R=printThis
<http://www.infoworld.com/archives/emailPrint.jsp?R=printThis&A=/article/07/
12/31/Researcher-says-Sears-downloads-spyware_1.html>
&A=/article/07/12/31/Researcher-says-Sears-downloads-spyware_1.html
 

Researcher says Sears downloads spyware 


Sears and Kmart customers who sign up for the My SHC marketing program
could, in essence, be stuck with spyware without notification, a Harvard
professor says


By Robert McMillan, IDG News Service

December 31, 2007 



Sears and Kmart customers who sign up for a new marketing program may be
giving up more private information than they'd bargained for, a prominent
anti-spyware researcher claims.


&ltA
HREF="http://ad.doubleclick.net/jump/idg.us.info.print_this/printThis;pos=im
u;pkey=application_development;pkey=applications;pkey=business;pkey=data_man
agement;pkey=networking;pkey=hardware;pkey=platforms;pkey=professional_servi
ces;pkey=security;pkey=web_services;pkey=standards;pkey=storage;pkey=securit
y;pkey=telecom;pkey=wireless;skey=application_servers;tile=4;sz=336x280;abr=
!ie4;abr=!ie5;abr=!ie6;ord=7935984517633593?">&ltIMG
SRC="http://ad.doubleclick.net/ad/idg.us.info.print_this/printThis;pos=imu;p
key=application_development;pkey=applications;pkey=business;pkey=data_manage
ment;pkey=networking;pkey=hardware;pkey=platforms;pkey=professional_services
;pkey=security;pkey=web_services;pkey=standards;pkey=storage;pkey=security;p
key=telecom;pkey=wireless;skey=application_servers;tile=4;sz=336x280;abr=!ie
4;abr=!ie5;abr=!ie6;ord=7935984517633593?" WIDTH="336" HEIGHT="280" BORDER=0
ALT=""></A>

 
<http://ad.doubleclick.net/jump/idg.us.info.general/noscript;pos=imu;tile=6;
sz=336x280;ord=123456789?>  

According to Harvard Business School Assistant Professor Ben Edelman, Sears
Holdings' My SHC Community program falls short of U.S. Federal Trade
Commission (FTC) standards by failing to notify users exactly what happens
when they download the company's marketing software.

And given the invasive nature of the product, Sears has an obligation to
make its behavior clearer to users. "The software is not something you'd
want on your computer or the computer of anyone you care about," Edelman
said in an interview. "It tracks every site you go to, every search you
make, every product you buy, and every product you look at but don't buy.
It's just spooky."

Edelman has written up an analysis
<http://www.benedelman.org/news/010108-1.html>  of Sears's software, set to
be made public on Tuesday.

Problems with the retailer's My SHC Community program were first brought to
light in late December, when CA senior engineer Benjamin Googins, wrote
<http://community.ca.com/blogs/securityadvisor/archive/2007/12/20/sears-com-
join-the-community-get-spyware.aspx> a blog entry criticizing the software,
which was written by VoiceFive <http://www.voicefive.com/> , a subsidiary of
Internet measurement firm ComScore <http://www.comscore.com/> .

...

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.