Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

IP: More potential spyware...

From: David Farber <dfarber () earthlink net>
Date: Fri, 28 Jun 2002 13:02:08 -0400

-----Original Message-----
From: Art Wolinsky <awolinsky () oii org>
Date: Fri, 28 Jun 2002 11:47:37 
To: dave () farber net
Subject: More potential spyware...

For IP if approriate...

Ever since my experience with Comcast and BroadJump Client and Comcast 
Support software, I've been reading the licensing agreements of software I 
install, which is about as much fun as having root canal without Novocain. 
Today I came across an agreement that might be of interest to anyone who is 
using Trellix Web Express.

Trellix Web Express is a piece of free software that is supplied by some 
large ISPs their customers who want to build web pages without knowing 
html.  It's not a bad piece of software for the technically challenged, 
EXCEPT that the price of the "free" software is the installation of spyware.

I wanted to evaluate the software for a friend who was considering using 
it.  As I installed it, the first thing I noticed is that it immediately 
went out to the Internet, somehow bypassing detection by 
ZoneAlarm.  Hmmm...  Red flag #1.

At the licensing agreement, but I read nothing that raised any more red 
flags.  Maybe I was just being paranoid.  I accepted the agreement and the 
installation continued.  It then stopped at a screen requesting personal 
information (Name, email, age).  On the screen was a button for their 
privacy statement.  I clicked on it and was taken to 
http://www.trellix.com/company/privacy.asp  where were an abundance of red 
flags waving.

The opening paragraph began, "As part of helping you build and maintain a 
great Web site, Trellix Web Express software collects basic usage 
information and communicates that information to Trellix Corporation. The 
main use of that information is in general statistical analysis. We do not 
require that you give us any personal information at all to use the 
product, however use of our products is governed by the policies put in 
place by the partners that offer them."

I just love the phrase, "however use of our products is governed by the 
policies put in place by the partners that offer them."

English translation...
Our software collects information about you that we don't abuse, but that 
may not be the case of the people who gave it to you.

I'll score one small point for Trellix, because the installation software 
lets you continue even if you don't enter any information in the support 
registration screen, however the information is still linked to your IP, 
hence the very small point.

After installing the software, I fired it up and was give a number of 
options including a 20 minute tutorial.  I clicked on the tutorial and was 
told that in order to use it I would have to download and install Trellix 
Support Software.  After the nightmares caused by Comcast Support Software, 
I opted to live without the tutorial and recommended that my friend live 
without Trellix Web Express.

I don't suggest that Trellix is undertaking any dubious practices, but the 
software certainly seems capable of lending itself to abuse by third 
parties who provide their software. This seemingly growing trend of the 
installation of monitoring software that piggybacks on other software is 
something that concerns me.  With with every installation security is 
compromised.

I don't know what else I can do except to continue to read those 
entertaining licensing agreements, privacy policies, and remember that 
there ain't no such thing as a free lunch.


******************************************************************
  Art Wolinsky
  OII Technology Director      Big6 Associate
  http://oii.org                     http://www.big6.com
  awolinsky () oii org             Web-and-Flow Team
  (609) 597-9481 ext 
337      http://www.web-and-flow.com 

******************************************************************
I am perfectly capable of learning from my mistakes.
I will surely learn a great deal today.
******************************************************************


For archives see:
http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: