Spyware lawsuit was filed against 180solutions for allegedly illegal practices including deceptively distributing spyware files and preventing users from removing them, engaging in deceptive misconduct to download its spyware without users’ knowledge or consent, lying to consumers about its spyware, etc.

The counts are based on Electronic Communications Privacy Act/Wiretap Act (United States), Trespass to Personal Property/Chattels, Consumer Fraud Act, Negligence, Computer Tampering and Invasion of Privacy, (Illinois).

At the bottom of page 14, it states "180solutions intended to profit,
and did actually profit from its wrongful conduct by being able to
obtain more adverting money by virtue of being downloaded onto more
computers" and 180solutions knew that its conduct was deceptive and
misleading […]"

Lately, 180solutions has taken steps to buff its image. Just recently 180solutions introduced a new version of its software that was designed to ensure that consumers consent to the product before it’s installed on their computers. 180solutions also sued seven former distributors for allegedly installing the company’s software without first obtaining consumers’ permission; since January, the company has ended relationships with 500 distributors. Even with all this PR (or a genuine effort to reform) - 180solutions is under fire.

Does anyone have a version of the complaint so we can analyze the claims better?

[Via ZDNet -]

Reuters reports on an attempt by Senator Kyl (R-AZ) to attach language restricting Internet gambling to an annual spending
bill that must be passed this year. This is often used to "sneak" legislation in the last-minute that gets voted along with a spending bill. However, an unnamed Democrat objected to
attaching an unrelated matter to the spending measure under
consideration.

Senator Kyl vows to make this legislation a law eventually. Under the proposed bill, banks and credit card companies would be required to block payments to online Internet
gambling sites. He said some firms were already voluntarily blocking
money transfers.

Although interstate gambling laws apply to the Internet, according to the U.S. Justice Department, many Americans have turned to offshore
gambling Internet sites as an alternative. Senator Kyl’s attempt is to close this "loophole."

It is common practice for some security-conscious users to look around and make sure nobody is looking at their fingers when they enter their password into a computer. Things are changing now, with UC Berkeley researchers claiming that a password can be guessed by recording and analysing the clicking sound of keyboard when a sequence of keys are pressed.

The researchers were able to take several 10-minute sound recordings of
users typing at a keyboard, feed the audio into a computer, and use an
algorithm to recover up to 96 percent of the characters entered.

Apparently this technique is successful because each key makes a distinct sound when
hit (does it really? they all sound the same to me,) and users, who typically type about 300 characters a minute, leave
enough time between keystrokes for a computer to isolate the individual
sounds.

So what is the solution? Sweep your office from "password bugs" listening to your key entries? Playing loud music when entereing sensitive information into the computer? Using a mouse to "click-enter" sensitive information - however difficult that might be? The bad news is that "quiet" keyboards are not immune to this and that no special technology was needed - a $10 microphone was sufficient.


What is the good news then? Well, the system is not all that accurate, at least initially, but that is likely to change. The first pass is right about 60 percent of the time for characters and
20 percent of the time for entire words. The transcript is then run
through spelling and grammar checks, which increased character accuracy
to 70 percent and the word accuracy to 50 percent. The results are then fed back through the computer to refine
future results. After three feedback cycles, the accuracy rate rose to
88 percent for words and 96 percent for characters.


Enter a new computer crime - "click-hacking."

[Via News.com]

New technology could increase rather than solve the problem of identity theft and fraud, a British criminologist said Monday.

In a glum statement, Emily Finch of the University of East Anglia in England comments on  how new identify cards, chip and pin technology for credit cards would actually force fraudsters to become more creative and technologically-savvy and would make the identity theft problem even worse, rather than alleviate it.

Interesting point - although, if we accept it as true, that would mean that we don’t innovate in protection technologies, which in turn would make it easier for fraudsters to steal identities now, with their (arguably) poor technology skills, instead of having to innovate, and then breach personal data. Which one is worse - a highly skilled fraudsters in the future, or illiterate fraudsters now?

[Via CNET News.com, United States -]

Oops. Microsoft executives ought to use Microsoft software, correct? A report on how Microsoft UK’s chief security advisor Ed Gibson’s PC became infected with a rogue dialler which then dialed long-distance numbers for a bill of £450.

Rogue diallers are programs, similar to trojans, that somehow (usually via spyware or via trickery) become installed on a victim’s computer and which then use the PC’s modem to dial premium rate long-distance (or international) numbers.

"I’m so perturbed about the whole area of rogue diallers… If we don’t
make a concerted effort to make the internet more secure, it will be a
very different place in the future," said Gibson, the MS UK executive at a security conference.

How about making Windows more secure, Mr. Gibson, so that the diallers don’t end up on people’s machines at first place, that would make the Internet a more secure place?

[Via Silicon.com, UK -]

Iowa police and FBI arrested a suspect who allegedly "phished" Microsoft (MSN) customers out of their personal information. The indictment lists 75 counts of wire fraud for allegedly stealing credit card numbers and user personal information.

What is interesting in this case is that although the arrest was made by FBI, the information was supplied by Microsoft’s Internet Safety Enforcement Team who tracked down the activities and obtained the necessary information to allow the FBI to act upon it. It is a sad fact that state and federal law enforcement agencies often do not have the resources and expertise to conduct these investigations on their own, so they have to rely on ISPs’ security teams to identify and track suspects.

Often the "digital pursuit" of cyber-criminals is so quick that only an agency with large resources can afford to conduct a successful and thorough cyber-surveillance of a criminal’s activities and track him down.

"What you essentially need to do is follow the money, but the links disappear so quickly that law enforcement needs to be really jumping on it as the attack is happening," Cranton [from Microsoft's Internet Safety Enfrorcement Team] said.

[Via InternetNews.com -]

An amazing story, which I hope is true, but even if it isn’t, it makes a good anecdote.

A woman’s home was burglarized and her computer stolen. She had
subscribed to a Web-based service that transparently backed her files
up to a server, and when the thief reconnected her machine to the
network, the backup program quietly resumed operation. Since she
retained access to her account, the woman was able to log onto the
server and view the files being backed up from her (erstwhile) PC. So
she has the name and address of the thief as well as (and this blows me
away) digital pictures of him and his immediate family.

Amazing how stupid criminals can be. Unfortunately, there seems to be issue with the chain of evidence that prevents the police from being able to obtain an arrest warrant.

[Via ZDNet -]

Do people still believe the Nigerian scam? Apparently so. L.A. Times reports how a California record producer was duped into taking part of the scam and was eventually asked for the $50,000 repayment by the scammers.

Although the article notes the increased sophistication of the Nigerian
(and other) scammers, it nonetheless criticizes victims for being
"suckers."

Andrew Jaquith, a senior analyst at research firm Yankee Group, said that P.T. Barnum was slightly wrong when he said there was a sucker born every minute – there are hundreds.

[Via InternetNews.com -]

 Next entries »