- This topic is empty.
-
Posts
-
From my mailbox:
Greetings, and thanks for asking for updates on my research.
I have just released a new article at the intersection of spyware, search engines, whois, and copyright. The details —
Many of you already know about WhenU, a company that makes software that monitors’ users web browsing and that shows targeted pop-up ads. But you probably didn’t know that for at least six months, and perhaps considerably longer, WhenU has been running a network of bogus “cloaking” web sites that
alter search engine rankings and promote news clips favorable to WhenU.Some of these cloaking sites do offer information about WhenU, but their genuine information is interspersed with a mix of gibberish as well as with articles copied, without attribution of any kind, from the New York Times, c|net, and others. Meanwhile, most or all of the sites were registered with invalid whois data — most registered on the same day through the same
registrar, but to five different names with five different gibberish email addresses in four states.Sound too weird to be true? It turns out these behaviors are part of a practice called “search engine cloaking” — designed to make search engines think a site is about one subject, when in fact the site redirects most visitors to totally different content.
The situation is complicated, and the easiest way to understand it is to read my article, complete with HTTP transmission logs and annotated HTML code. I’ve done what I can to make this clear, but as always I look forward to your feedback and questions. Email preferred.
Meanwhile, Google’s response was swift: I notified Google of the cloaking infractions on Sunday, and WhenU’s sites were removed from Google by Wednesday. Try a Google search for “whenu” and see for yourself: You get critics’ sites and news coverage, but not http://www.whenu.com.
My article is now available:
“WhenU Spams Google, Breaks Google ‘No Cloaking’ Rules”
<http://www.benedelman.org/spyware/whenu-spam>WhenU’s software is often called “spyware,” and for good reason: As my March comments to the FTC revealed, WhenU consistently violates its own privacy policy by sending its servers information about the web sites users visit, even though WhenU’s privacy policy exactly promises not to do this (“URLs
visited … are not transmitted to whenu.com or any third party server”).For details, see:
“Methods and Effects of Spyware”
<http://www.benedelman.org/spyware/ftc-031904.pdf#whenu-privacy>.I’ll be releasing more articles in this series in the coming months, because I have lots more spyware research in the pipeline. Two items high on my agenda: 1) Videos showing major spyware programs getting installed on users’ PCs without users even having an opportunity to see the programs’ license agreements. 2) Serious security vulnerabilities in at least one major spyware program currently installed on, literally, tens of millions of computers.
Meanwhile, I’ll also keep my web site updated as to WhenU v. Utah, WhenU’s challenge to Utah’s Spyware Control Act that would prohibit at least some of WhenU’s current business practices. The hearing on WhenU’s motion for preliminary injunction is now scheduled for early June.
WhenU v. The State of Utah
<http://www.benedelman.org/spyware/whenu-utah>Benjamin Edelman
<http://www.benedelman.org>
