Advertising Spyware can now read your mail || kuro5hin.org


	create account \| help/FAQ \| contact \| links \| search \| IRC \| site news

Everything

We need your support: buy an ad | premium membership

Advertising Spyware can now read your mail

By cafeman in Internet
Wed Jan 23, 2002 at 11:19:28 PM EST
Tags: Freedom (all tags)

Did you think Spyware is a problem that happens to other people? Well, there's a company out there that you may have unknowingly been sending all of your email, your bank account numbers, and anything else you've typed into an online form. The company is VX2, the product is Sputnik, and until recently, Audiogalaxy was helping them.

Interestingly, it looks like Spyware has taken a great leap forward. Here is a story about a new Spyware package, Sputnik, that has the capability to monitor not only what pages you visit and what links you click on, but also how long your mouse hovers over pictures and, frighteningly, what you enter into any online form. You thought your bank account numbers were safe because you were using SSL? Think again. You thought Microsoft was the only one to be worried about when using Hotmail? Well, these guys theoretically could have every single email you've sent since you unknowingly installed their software.

Here are the culprits, VX2, and here is their privacy policy. Three paragraphs are particularly interesting:

VX2's software also collects some information from online forms that you fill out. This information is automatically sent to VX2 in order to save you the time and trouble of submitting such information to us yourself. We have undertaken technical measures to make sure that VX2 never collects credit card numbers, account numbers or passwords. If such data data were, despite VX2's best efforts, ever inadvertently collected VX2 would immediately purge such information from its database.

VX2's software also collects the query terms entered into search engines. VX2 uses this information to help generate a more complete summary of its users' interests and general internet trends.

From time to time, VX2 may decide to update it's software in order for it to work at it's peak performance. Upgrades may include third party applications. Certain third party applications may have to be installed in order for the software to work properly. VX2 users are not responsible for these additions and/or updates, they will be done automatically in the background while you are surfing the web in order to cause the least amount of inconvenience to our users as possible.

So, you've agreed to let them potentially harvest all information you ever type into an online form. Of course, this is only their being helpful and saving you the time of sending it to them manually. Additionally, they can also capture every search you do. And, if they so desire, they can install any software they wish on your machine. All because you've agreed to this.

And where can you get this time saving package? Well, you might already have it. If you installed certain versions of Audiogalaxy, you also installed Sputnik. The second page of the article explains how you agreed to participate in this program. Here is Audiogalaxy's response. The quickest way to find out if you've been infected is to search for a file called vx2.dll. If you have it, you've consented. For those that are infected, here's, the uninstallation procedure.

Hoax? Paranoid? Overstatement of functionality? Who knows. The important thing is the intent. Yet another reason to be concerned. Remember - you're not paranoid if they're out to get you.

Sponsors

Managed Hosting
VoxCAST Content Delivery
Raw Infrastructure

Advertising Spyware can now read your mail | 72 comments (72 topical, editorial, 0 hidden)

Old Man Murray (3.33 / 3) (#1)
by johnny appleseid on Wed Jan 23, 2002 at 09:58:04 PM EST

Just as a sidenote, the article is written by Old Man Murray's Erik Wolpaw.

It is official by chet, 01/24/2002 05:06:11 AM EST (3.83 / 6)

Fine, fine by johnny appleseid, 01/24/2002 11:50:56 AM EST (3.00 / 1)

At what point does spyware become illegal? (4.85 / 14) (#2)
by greenrd on Wed Jan 23, 2002 at 10:06:17 PM EST

Just how much can these bozos get away with, legally?? If a fake p2p app that actually formatted your hard disk contained a clause in its clickthru license that said "I agree to let you format my hard disk right away", would that legitimise it and protect the author from lawsuits and/or criminal prosecution? I hope not, but IANAL.

This is not entirely hypothetical - Apple's iTunes installer actually did contain a script which accidentally formatted some users' hard disks (well, rm -rf'd the partition actually - but same effect). Of course, the key word there was accidental. I would hope that an app that tricked the user into formatting their hard disk would be treated the same as a virus that just went ahead and formatted it anyway, no questions asked.

Seeing as most people do not actually read clickthru licenses, and their legal validity is very dubious anyway, I'd say there is a strong commonsense argument that this is equivalent to selling a piece of software with a secret backdoor, and then logging in via the backdoor and logging all keystrokes. The latter would surely be actionable under "hacking" law, because you don't have the permission to log on to that system. The only difference here is (a) the clickthru and (b) the fact that it's automated - no actual person is hacking into your box, or even running a script to hack into your box, it's just some code spying on you. But the fact remains that chances are you haven't given them your informed consent to log all keystrokes (all except the "private" ones that they've managed to think of - yeah, really reassuring, that is!)

Though law != common sense, as we all know.

In the UK the main law covering hacking is the Computer Misuse Act. It's very broad. If I go up to a computer and I've haven't been given explicit permission to access it, and I press a key, I can theoretically be sent to jail. (God knows how this applies, or not, to portscanning etc., but anyway.) If I access a computer without permission to commit a crime, that's a crime in itself (therefore three crimes in total - one for the original crime, one for illegal access, and one for illegal access with intent to commit a crime). Etc. etc.

I would like to know (any lawyers here?) how bad this has to get before we can get the creators personally sent to jail under laws like the Computer Misuse Act. (Of course, the courts are probably going to treat some smarmy CEO much lighter than a poor kid who only wanted to experiment, but what can you do?) There's some spyware that already installs itself even if you say "no" (I think it was bundled with Audiogalaxy - bastards!), and some that doesn't allow you to reject it without uninstalling the app (Cydoor, part of Kazaa).

Isn't there something we can do, apart from boycotting? If they instead installed a backdoor [and who's to say some of them haven't??] and logged in to read our private conversations whenever they felt like it, there'd be an outcry. But because it's automated it seems less dangerous. If they have the ability to read private things sent over SSL by using keylogging, it doesn't really matter whether they telnet in to a backdoor to read it, or read it on their boxen. It's still outrageous.

"Capitalism is the absurd belief that the worst of men, for the worst of reasons, will somehow work for the benefit of us all." -- John Maynard Keynes

Clickthru shmickthru by Tatarigami, 01/23/2002 11:07:33 PM EST (4.25 / 4)
Data Protection Act is your friend. by pjc50, 01/24/2002 12:34:39 PM EST (5.00 / 1)

To find more spyware... (3.87 / 8) (#3)
by landryjf on Wed Jan 23, 2002 at 10:17:10 PM EST

You can use Ad-Aware to check your computer for spywares.

But a better way to keep those things out is to read before you click the "NEXT>>>" button when you install something, because "download free xyz program" frequently means "download adware xyz and get big brother over your shoulder".

Agreed by suick, 01/24/2002 04:52:07 PM EST (none / 0)
Agreed, but... by Dallan, 01/27/2002 03:55:21 AM EST (4.00 / 1)

Additional information (4.11 / 9) (#4)
by cafeman on Wed Jan 23, 2002 at 10:28:04 PM EST

Apparently Sputnik is a repackaged version of Blackstone Data Transponder. iMesh appears to be infected as well. A complete (and useful) explanation is given here. A leaked image is located here specifically refers to "data mining" and "direct mail". Be afraid, be very afraid.

As someone else has already pointed out, Ad-aware is a very useful tool for detecting these and killing them. I know what I'm going to be installing tonight.

--------------------
"No Silicon heaven? But where would all the calculators go?"

I hope the major media get to hear about this (4.54 / 11) (#5)
by greenrd on Wed Jan 23, 2002 at 10:43:33 PM EST

If there ever were a story that deserves to be on Slashdot, this is it. Although Audiogalaxy claim to have gotten rid of the VX2 software, it's still installed on countless people's machines who downloaded the earlier version. The Audiogalaxy clickthru license itself says nothing about logging filled-in forms. This is a joke.

Like the original article, I suggest contacting:

Your friends - especially anyone who uses AudioGalaxy
Slashdot
Your elected representative(s)
Any popular weblog, like Plastic.com or Metafilter - try and get something on the front page
Your local friendly tech journalist - especially ones who work for major newspapers.
Or just the major media generally. To those in the UK - I have a list of UK media contacts - I don't know how good or secret they are, but I'll email them to anyone who can convince me they can spell and are not going to make us look like zealots/fools/nutters
Or even your lawyer, if you think there might be grounds for suing

The media really can be interested in stories like this - there was a big fuss over the DoubleClick "tying online data to offline data" fiasco (although that was partly because actual lawsuits were filed).

IMPORTANT CORRECTION: One of the updates makes clear that this (apparently) has nothing to do with OnFlow. VX2 and AudioGalaxy are the guilty parties here.

You can also join a discussion on the site of the person who first broke the news (can't think of a better word - "the newsbreaker" maybe??):

"Capitalism is the absurd belief that the worst of men, for the worst of reasons, will somehow work for the benefit of us all." -- John Maynard Keynes

Slashdot by cafeman, 01/23/2002 10:52:41 PM EST (2.85 / 7)
/. rejects this story, unfortunately by quistas, 01/24/2002 04:06:57 AM EST (3.50 / 8)

If more people had emailed local tech reporters... by la princesa, 01/24/2002 06:32:02 AM EST (3.00 / 1)

Finally! by greenrd, 01/27/2002 11:23:38 AM EST (none / 0)

hahaha (4.80 / 5) (#8)
by spacejack on Wed Jan 23, 2002 at 11:17:31 PM EST

I just love this page on the VX2 site.

I'd love to fill that out... by nstenz, 01/24/2002 02:13:48 AM EST (5.00 / 1)
Have a look at the source of that page... by knarf, 01/24/2002 08:24:05 AM EST (5.00 / 2)

It's good by suick, 01/24/2002 04:59:13 PM EST (none / 0)
Contact page e-mail address by protactin, 01/25/2002 10:56:04 AM EST (none / 0)

Almost as bad as M$ by notcarlos, 01/25/2002 09:42:32 AM EST (4.00 / 1)

WHOIS Record (4.28 / 7) (#9)
by bobothy on Wed Jan 23, 2002 at 11:38:41 PM EST

The author of the article does a whois query, but didn't check the correct whois server. Here is the proper WHOIS record for VX2

Registrant:
vx2 (VX52-DOM)
po box 27103
Las Vegas, NV 89126
US

Domain Name: VX2.CC

Administrative Contact, Technical Contact, Billing Contact:
vx2 (D25000-OR) vx2org@hotmail.com
vx2
po box 27103
Las Vegas, NV 89126
US
212 255 1008 fax: 123 123 1234

Record last updated on 05-Oct-2001.
Record expires on 31-Jul-2003.
Record created on 31-Jul-2001.
Database last updated on 23-Jan-2002 11:55:00 EST.

Domain servers in listed order:

NS1.VX2.CC 207.246.124.6
NS2.VX2.CC 207.246.124.7

Why don't antivirus programs pick this up? (2.71 / 7) (#11)
by theboz on Thu Jan 24, 2002 at 12:04:40 AM EST

Since a lot of the antivirus software out there detects various trojans, I would think it should detect this as well.

I guess we all know about those whores Symantec and McAffee though. They expect you to pay for the software, then "subscribe" for it to continue working, and even then any corporately sponsored virii and trojans are allowed to wreak havoc on your computer. I wish there was a decent antivirus company out there that did their job and only made you pay for the software once.

_Stuff.

Because by their definition it isn't a "troja by Trepalium, 01/24/2002 12:36:06 AM EST (3.33 / 3)
I know this is offtopic... by Tim_F, 01/24/2002 01:03:32 AM EST (3.25 / 4)

I don't have vx2 (5.00 / 3) (#16)
by vrt3 on Thu Jan 24, 2002 at 04:14:10 AM EST

I installed Audiogalaxy more than 4 weeks ago. According to the article, that would mean VX2 is installed on my system. I checked it, and fortunately it wasn't there. Ad-aware only finds a bunch of Doubleclick-cookies. Does that mean the story is a hoax, is my version of Audiogalaxy too recent, or am I just lucky?
When a man wants to murder a tiger, it's called sport; when the tiger wants to murder him it's called ferocity. -- George Bernard Shaw

Audiogalaxy and VX2 by cafeman, 01/24/2002 04:23:09 AM EST (3.66 / 6)

Is the plugin signed? (2.66 / 3) (#19)
by imrdkl on Thu Jan 24, 2002 at 06:04:17 AM EST

You'll forgive my ignorance about this, but in order to do all this spy-stuff, doesn't this plugin have to be signed code? If so, who signed the code? Sue the bastards. If not, why did you install it?

I guess this is obvious to everyone, but why run browser plugins? I don't even enable jscript by default, unless I explicitly trust the site.

I submit that user awareness of how to play on the internet will increase logarithmically to number of netophiles.

It's not a browser plugin by Joyrider, 01/24/2002 06:25:07 AM EST (4.00 / 1)
Sue whoever signed the code? by Robert S Gormley, 01/24/2002 07:18:44 PM EST (none / 0)

Thanks, that needed clarification by imrdkl, 01/25/2002 11:15:46 AM EST (none / 0)

No it doesn't by greenrd, 01/26/2002 11:07:28 AM EST (none / 0)

Linux users aren't affected (4.00 / 2) (#20)
by Joyrider on Thu Jan 24, 2002 at 06:13:29 AM EST

The author forgot to mention that this only affects users of the Windows version of the satellite; surprisingly enough, Linux users (who are stuck with an ancient version of the code, but it works) aren't affected by this - there's no spyware included with the standard binary version.

Apologies if I sound like a Slashbot ;)

Bastards (4.20 / 5) (#22)
by sypher on Thu Jan 24, 2002 at 06:29:27 AM EST

I hope this turns out to be not as bad as it sounds in the linked POE article :(

What the hell is happening to the web these days?

If people arent careful, the whole thing will become either too invasive or too greedy and force people offline.

DOS attacks to websites are illegal, but grabbing info in this way isnt?

The user cant fight back, all he or she can do is visit lavasoft and get protection they shouldnt need in the first place.

I dont like swimming in armour, and i dont like to have to use a resource sapping personal firewall when browsing the web, or having to scan my system every other day to remove this kind of shit.

Audio Galaxy and / or whoever else is behind this should have their products boycotted, the only way we as enthusiasts will beat this shit is to vote with our wallet.

As a side note, i once worked for an OEM machine manufacturer, and mostly all second rate hardware driver cds were packed to the gills with this kind of trojan crap, imagine all the internet newbies browsing and sending all this information back to 'base'.

How are consumers protected if this software has been installed by their oem as part of the system setup routine?

Just my two.

I dreamt of it once, now I fear it dreams of me

I didn't realise. by h i r 0, 01/24/2002 11:35:44 AM EST (4.00 / 3)

Motto by dennis, 01/27/2002 10:11:17 PM EST (none / 0)

Not to be confused with- Sputnix (3.25 / 4) (#24)
by imperium on Thu Jan 24, 2002 at 06:32:53 AM EST

Sputnix is the innocent Mac OS X satellite for Audiogalaxy. At least, I presume it's innocent, having examined the package contents. Besides, who'd bother writing spyware for such a minority OS?

x.
imperium

minority os? by mandria, 01/24/2002 02:23:23 PM EST (4.00 / 2)

quiet, you by rebug, 01/24/2002 08:25:04 PM EST (none / 0)
Shhh! They might hear you! by yonasa, 01/25/2002 06:08:22 AM EST (none / 0)

I doubt it's safe by crayz, 01/25/2002 08:37:40 AM EST (none / 0)

uggh by crayz, 01/25/2002 08:33:50 AM EST (none / 0)
yes... by flummox, 01/25/2002 04:55:17 PM EST (none / 0)
5%? by imperium, 03/12/2002 01:46:43 PM EST (none / 0)

How to prevent this reliably ? (4.00 / 2) (#26)
by fhotg on Thu Jan 24, 2002 at 08:59:57 AM EST

The solutions I'm aware off (searching for known spyware) are not satisfying.

Would it be possible to have your firewall getting info from the application (browser) to dump all traffic to destinations you didn't explicitly asked for ?
_{~~~

Gitarren f�r die M�dchen -- Champagner f�r die Jungs}

Specific product... by RareHeintz, 01/24/2002 10:09:46 AM EST (4.66 / 3)

Yeah thanx by fhotg, 01/24/2002 03:30:04 PM EST (none / 0)
Doesn't work by pyramid termite, 01/27/2002 12:23:24 PM EST (5.00 / 2)

Quite difficult to block, but possible by panum, 01/24/2002 01:01:51 PM EST (5.00 / 2)

Run As... by Robert S Gormley, 01/24/2002 07:16:24 PM EST (none / 0)

Well, yes. by haflinger, 01/25/2002 10:43:06 AM EST (5.00 / 1)

Information access laws (4.00 / 3) (#27)
by CrazySteve on Thu Jan 24, 2002 at 10:06:01 AM EST

Are there any laws in the USA that allow you to go to a company and request a copy of all information that they have stored about you? Such laws exist in New Zealand and, I now believe, Australia.

Australia by Robert S Gormley, 01/24/2002 07:13:46 PM EST (none / 0)

NZ by CrazySteve, 01/25/2002 02:47:13 AM EST (none / 0)

wired has a piece on this (4.00 / 4) (#29)
by dope priest on Thu Jan 24, 2002 at 10:29:37 AM EST

there's a piece on Wired about this.

These guys are sleazy at best (5.00 / 9) (#30)
by ocelotbob on Thu Jan 24, 2002 at 10:34:05 AM EST

I did a bit of analysis of this company when this story showed up on another weblog, and I was not able to find much. About all I was able to find out was that whoever they are, they don't want to be found. Here's all the info I was able to find, in case some intrepid reporter reading this log would like to track down some leads, most of which seem to be intentional misdirection.

First off, the PO Box given in their whois record is that of a company which handles low-cost incorporations in Nevada. Okay, you say, so they decided to branch out into making spyware. Well, on top of that, the phone number given is that of a New York dot.bomb. Not good. Finally, the email address given is a hotmail account. It doesn't instill too much confidence in me. And that was just the sleaziness from analyzing the whois record.

Digging deeper, I decided to do a traceroute on the various servers the company runs. From the responses I got, they seem to be based in the midwest. If anyone's interested, here are the relevant bits of the traceroutes which deal with the last few hops:

For their webserver:

9 80 ms 90 ms 80 ms pos2-0-2488m.cr2.CHI1.gblx.net [208.49.59.254] 10 80 ms 90 ms 80 ms so1-0-0-622M.ar3.CHI1.gblx.net [208.49.59.218] 11 90 ms 90 ms 101 ms 64.211.207.174 12 101 ms 100 ms 100 ms 216.36.254.149

From this, we see that they're getting their webhosting from Global Crossing, and from the looks of the last couple server names, probably in the Chicago, IL area. This is consistent with my later findings.

The second traceroute I did was on their main spyware server, sputnik.vx2.cc. This one seems to be going through a different hosting company, one based primarily in the Kentucky area, but there is still a good chance for overlap. The results:

11 91 ms 80 ms 100 ms sl-gw34-chi-9-0.sprintlink.net [144.232.26.38] 12 120 ms 161 ms 120 ms sl-openworld-2-0-0.sprintlink.net [144.232.223.1 94] 13 100 ms 110 ms 90 ms gw8.stdio.net [199.89.192.8] 14 120 ms 120 ms 120 ms 207.246.97.190 15 80 ms 80 ms 80 ms sputnik.vx2.cc [207.246.124.132]

The bandwidth for the company's are also run by stdio.net, so I won't reprint the results here; they aren't too relevant to the issue at hand.

Finally, I ran a whois on blackstonedata.net, their old hostname, as they still have a couple servers running through there. From that info, I was able to learn that their nameservers are run by siteprotect.com, which is fully owned by hostway.com. A quick check determined that hostway is based in Chicago as well, adding to my suspicions that this corp is based in or around Chicago, IL.

Unfortunately, it doesn't give too much information as far as who these people are. However, it does lead one to see who they aren't - all too reputable. Perhaps someone from one of these companies providing bandwidth could "accidentaly" leak some information as to who these people are, maybe a street address or a phone number.

Can I be your pet? I promise not to bite (much).

Getting contact information is easy by panum, 01/24/2002 01:14:45 PM EST (4.00 / 1)
Flawed Geographical Data? by RadiantMatrix, 02/01/2002 06:25:05 PM EST (none / 0)

### THE TRUTH ### (3.00 / 3) (#32)
by fuzzcat on Thu Jan 24, 2002 at 11:49:18 AM EST

The company is VX2, the product is Sputnik...

Nancy Luft has been trying to tell those of us who read alt.conspiracy and a number of other newsgroups the truth about the Sputniks for quite some time now.

Some of my favorite Nancy Luft quotes?

"Your Sputnik Forces are the ultimate criminally insane monsters of this planet of all time, no joke!"

"Short of killing myself, I think the only way to stop the Sputnik Pigs is for me to move to some place like a remote part of southern Mexico or even further south."

"The Sputnik Pigs are anti democracy and they will freeze Siberia with abnormally cold weather and do any and everything they can to get rid of democracy."

Nancy has a fun habit of emailing a whole slew of DC politicians as well as President Putin on a regular basis about these Sputniks and other perceived evils.

So anyway, I'm sure that Nancy isn't surprised. ;)

I'm so sick of this stuff (3.00 / 1) (#45)
by 0xA on Thu Jan 24, 2002 at 11:40:26 PM EST

It is getting pretty clear to me that avoiding this stuff is almost impossible.

I really try to avoid installng much software on my machine, just the things I need, I find it mroe stable that way. The addition of these spyware programs has been noted many times as the source of crashes and all sorts of problems. Aside from all the issues around privacy and the general sucm factor associated with this (which are huge), I just don't want to deal with the potential problems.

So I develop this paranoid obession with avoiding software I don't absolutely need. I'm nearly as careful with my desktop system as my servers at work. But aparently I'm not careful enough.

I saw this story, read it and decided to update Ad Aware's reference file and do a scan. I realized I hadn't run it in a while figured better safe than sorry. Sure enough, it found a browser plugin called Alexis. I can't figure out where this fucking thing came from! I tried re-installing some of the stuff that came with my new video card, no luck. Re-installed some other stuff, still no luck. I just have no idea.

This is so frustrating, this crap is everywhere. At one point Creative even had something bundled with their drivers. I am just stunned that these companies think they can get away with this and saddend by the realization that they are.

Link for Ad Aware by erlando, 01/25/2002 04:58:23 AM EST (none / 0)
Alexa by catseye, 01/25/2002 09:17:20 AM EST (none / 0)

OMFG! by 0xA, 01/25/2002 06:51:17 PM EST (none / 0)

My God!! (4.00 / 2) (#54)
by Elendale on Fri Jan 25, 2002 at 10:54:46 AM EST

This is like cracking someone's computer and swiping stuff and then having a "privacy policy" that says (in effect) "We're only trying to help you. Trust us. Ignore the sneakily-installed software, we aren't criminals. We just want to make your life easy. Relax, don't worry. You can count on us. We won't use any of the information we copied for bad, evil things. Really." sitting on your web page.
Freaky.

-Elendale
---

When free speech is outlawed, only criminals will complain.

Something should be done... (3.00 / 1) (#57)
by sucoyant on Fri Jan 25, 2002 at 01:12:30 PM EST

I'm against black hats, and hacking just to destory or do damage, but in this case, i think it would be fun to "0wN tH0z3 f00'z!". What they are doing is just plain wrong. Anyone up for a MASS DoS, or maybe even a r00ting?! Muhaha... spyware needs to die, and it should start with this company!
-------------------------------------- "Can you download the infared?" -SCOTD

A quote from someone at AudioGalaxy (4.00 / 2) (#58)
by CodeWright on Fri Jan 25, 2002 at 03:12:06 PM EST

Found this interesting message at [infoanarchy.org]:

Yes, Audiogalaxy bundles all manner of evil crap with the win32 client. The site has lots of pop-under ads, too. This is old news. It's obnoxious, but it pays the bills.

If you don't want the bundled fuckware, all you have to do is uncheck the checkbox in the installer; it will respect your wishes. (Also, you'll probably want to delete the BonziBuddy link it puts on your desktop.)

Alternately, you could just use the Linux client, which doesn't come with fuckware.

-- Steven Hazel
work: sah@audiogalaxy.com
other: sah@thalassocracy.org

[406@k5] NON ILLIGITIMI CARBORUNDUM EST

Heel your dog. (4.00 / 1) (#60)
by jet_silver on Fri Jan 25, 2002 at 06:46:48 PM EST

Folks, it's time to stop complaining about the tricks people are playing on you to gather information.

Your computer is -out of control- if you don't know what it is doing, or if it is doing something you don't want it to. I don't care if it is working within the design intent of whomever writes software, if you don't SEIZE that sucker and MAKE IT DO WHAT YOU WANT, it's a virtual spittoon, and you can't tell who-all's spitting in it.

There are a few hints ravelled up in what I say. First: there are consequences of using software (OSs, applications, downloads) that is not designed for the user. These consequences are generally bad. Second, there is money to be made in designing software for someone else, and getting it onto your computer. Third, security is not an abstruse game, it is a serious pursuit and the results of security breaches are broadly predictable. Warnings against, for example, using Microsoft ActiveX scripts have been loudly and frequently declared, and users ignore them. Check -your- settings before you scoff. Finally, YOU are (or at least should be) responsible for what your computer does, including what it does to screw you over, or who else it annoys because you are not exercising control over it.

Read the bulletins. Apply patches. Understand what processes your computer is running. Control your computer's effluvia. If you can't do this, deal with the fact that people smarter or more determined than you are going to fuck you over with your computer, and they're going to do it for their own gain. Sure, it sucks ethically. But you can stop it, if you decide it matters to you. You do not have to be a coder to do it, all you have to do is read and understand.

It's just like training a dog, y'all. It takes effort. If you don't train your dog, your living room will be the dog's bathroom and periodically someone will be bitten and hurt. If you -do- train your dog, you have a friend who you don't resent, because the rules are known.
"What they really fear is machine-gunning politicians becoming a popular sport, like skate-boarding." -Nicolas Freeling

The Evil Reporter (none / 0) (#63)
by nodes on Sat Jan 26, 2002 at 09:10:33 PM EST

It's time to launch an internet email service called "The Evil Reporter" to report on those who choose to do these evil deeds. We may even want a "Special Prosecutor" to go after them in the courts .... government courts and the court of public opinion.

Where was it in the AG terms? (5.00 / 1) (#65)
by jesterzog on Sun Jan 27, 2002 at 04:46:32 AM EST

Here are the culprits, VX2, and here is their privacy policy. Three paragraphs are particularly interesting: [snip] So, you've agreed to let them potentially harvest all information you ever type into an online form.

Is anyone able to show me the part of the AudioGalaxy terms that said I would also need to agree to this agreement? They might well have existed at the time, but I haven't been able to find them. I'm quite interested because I was hit with VX2, which I'm presently assuming was from AG Satellite, and I'm normally very careful to read through the privacy agreements. I must have missed this one.

This is all I can find in the AG Satellite 6.08 setup that I downloaded on 29-Oct-01. There doesn't seem to be much about privacy at all, apart from this insert from Onflow:

Onflow/VX2 privacy Policy & Terms of Use

Onflow along with VX2 has created this statement in order to demonstrate our firm commitment to internet privacy. The following outlines our information gathering and dissemination practice: Our Authoring System requires authors and publishers to register on our web site. Our registration form requests that authors and publishers give us contact information (such as name and email address). We use this data to send you emails containing updates to our Authoring System and/or the availability of additional services. You may opt-out of being contacted by us; see "Choice/opt-out" below. We may publish online surveys from time to time. Data collected is used to optimize our service and to provide customer support.

Player Privacy

The following information is specific to the Onflow Player, which allows users to enjoy rich multimedia displays through your browser.

Data transmitted

Each time the Onflow Player displays images, it transmits data to our server such as the serial number of the Player, the image displayed, the web page in which it was shown and whether you moved your mouse over the image or clicked on it. This data does not identify you.

Other Disclosure

It is possible, though unlikely; that a subpoena, court order or similar cause could require us to disclose information we have concerning a particular Onflow Player or a particular registered user. Should that occur, we would have to comply with legal requirements.

Policy changes

We may change or supplement our policies as needed. We do not use personally identifiable information for any other reason that account maintenance and to notify you of special offers. If this policy changes, you will be notified via email. Our current policy can be found at our web site; please visit us at http://www.onflow.com to review our most current policy.

Security

This site has security measures in place to protect the loss, misuse and alteration of the information under our control. Onflow maintains strict internal practices that help protect the security and confidentiality of this information by limiting employee access.

Choice/Opt-Out

Our site provides users the opportunity to opt-out of receiving communications from us at the point where we request information about the visitor. For more information about opting out, click here http://www.onflow.com/about/unsubscribe-newsletter.php

Contacting the Website
If you have any questions about this privacy statement, the practices of this site, or your dealings with this web site, you can contact us at info@onflow.com The VX2 privacy Policy and terms of use is also available by clicking on http://www.vx2.cc/privacy.html

Terms and Conditions

Please read the following carefully before proceeding. This is your license to use Onflow Software and Services. The license contains warranty and liability disclaimers. By continuing with the Player installation, you are accepting the agreement and become bound by its terms. ONFLOW CORPORATION IS WILLING TO LICENSE THE SERIALIZED PLAYER SOFTWARE ("PLAYER") ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS OF THIS AGREEMENT. PLEASE READ THESE TERMS CAREFULLY. CONTINUING WITH PLAYER INSTALLATION MEANS YOU ARE ACCEPTING THE TERMS OF THIS AGREEMENT.

[...]

PLAYER SOFTWARE MODIFICATIONS

From time to time Onflow Corporation will modify the Player software. In such case Onflow will not notify you of modifications.

_je^st_er^zo_g ^{Fight the light}

Is VX2 Company President a Fraudster? (4.40 / 5) (#68)
by greenrd on Sun Jan 27, 2002 at 12:30:33 PM EST

According to a Slashdot post, based on state corporation records, the VX2 company president either is - or shares the same name with - someone who was involved in a $37m credit card fraud case: one Maurice O'Bannon.

However, the FTC press releases about the case (summarised and linked here) show that O'Bannon was the only defendant who was not found guilty of credit card fraud.

I dug a little deeper: I quote from one of the court orders, written by the judge (page 62):

O'Bannon argues that there is an absence of evidence to support the FTC's case. O'Bannon contends that the FTC's evidence shows he only temporarily acted as an officer for MJD, Discreet Bill and TAL, he had no actual authority over these companies, he resigned shortly after each corporation was formed, he did not know the other defendants and did not receive any compensation from the companies. O'Bannon motion at 2. Notably, O'Bannon does not mention the Charter Pacific merchant account agreement that indicates O'Bannon signed a legal contract on behalf of TAL in or about December 1998.
First, contrary to O'Bannon's assertion, the evidence shows that he was not always a "temporary" officer for the companies. In fact, the corporate documents indicate that he was an officer and director of Discreet Bill, at least on paper, for 13 months. [emphasis is in the original court order] [...] During the interim, O'Bannon, on behalf of Discreet Bill, signed the four fictitious business certificates. Second, it appears that O'Bannon signed the Charter Pacific merchant account agreement on behalf of TAL and he may have done so in or about Dec 1998, after he puportedly resigned from the company. The merchant account agreement enabled TAL to continue the fraudulent scheme, albeit only for about a month before the Receiver took over the company.
Nevertheless, the Court finds that O'Bannon is entitled is entitled to judgement in his favour. The FTC's case against O'Bannon is based solely on O'Bannon's role as an officer of the defendant companies. Therefore, to hold O'Bannon liable for injunctive relief, the FTC must establish that O'Bannon either participated directly in the wrongful practices at issue or had the authority to control the corporation.

In other words, there was not quite enough evidence to find O'Bannon liable, but he was clearly involved in the fraud - and he misrepresented the extent of his involvement to the court.

Again, this all assumes we are talking about the same O'Bannon here.

But who knows? Maybe VX2 is already planning to commit a crime with the information they have surreptiously gathered (that's supposing their information gathering methods aren't already criminal). There may be an opportunity here to haul them (further) into the limelight before they do some serious damage.

"Capitalism is the absurd belief that the worst of men, for the worst of reasons, will somehow work for the benefit of us all." -- John Maynard Keynes

A Shady Ring Of Companies (none / 0) (#69)
by greenrd on Sun Jan 27, 2002 at 12:37:03 PM EST

Much more information, including detailed removal instructions for VX2, at CEXX.

Many of the companies involved are linked either by being spun off by the same shady venture capital company or by actually sharing the same offices.

"Capitalism is the absurd belief that the worst of men, for the worst of reasons, will somehow work for the benefit of us all." -- John Maynard Keynes

OMG, idiots beware... (none / 0) (#72)
by BadlandZ on Sat Feb 23, 2002 at 10:25:50 PM EST

Directly from their site:

<PRE> If VX2 RespondMiter is not present: 1. Close all internet explorer browsers. 2. Search your "C" drive for xv2.dll. 3. Delete vx2.dll. </PRE> Good luck finding vx2.dll when you search for xv2!!!

Advertising Spyware can now read your mail | 72 comments (72 topical, 0 editorial, 0 hidden)

All trademarks and copyrights on this page are owned by their respective companies. The Rest � 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.