Cookies Are Only The Beginning

We've become acclimatized to the idea of cookies as privacy invasion. We, as a group, have come to understand that each time a website tags us with one of these persistent suckers, we may be allowing them to form an idea of our spending and viewing habits.

Some people, like myself, have taken the step of installing programs like IDcide, which prevent the kinds of cookies most often used by tracking networks like DoubleClick. I kicked back, secure in the knowledge that if I cruise around looking at "www.dccomics.com" I wasn't going to see Batman ads on every webpage and in my mailbox.

Unfortunately, it's not simply a matter of one form of privacy loss any more. A company that is now known as Radiate has taken away yet more of our rapidly receding privacy. They are the creators of an ad system that opens a hidden browser window and, without your knowledge or consent, steadily downloads a stream of ads that it stores for the 'adware' products it supports. This hidden window 'piggybacks' on your connection, which allows it to bypass your firewalls as you enter your password. There are over 400 adware programs that use Radiate (formerly Aureate). They have been blamed with everything from hacking your registry to find your real name to sending the company a list of all programs installed on your computer.

While both of those are not true, this is: When these adware applications are removed, the Radiate components continue on, hidden, stealing your bandwidth. If this was not bad enough, the ad software was created to allow them to update itself at any time. Without your knowledge, they can upload and run any executable. Even worse, with the proper spoofing mechanisms, anyone can do this as long as you have their program installed, and at least 22 million of their packages already have. In the midst of all this, they have the capability to collect very specific information about you. They deny using your IP address or any further information to target you currently, but their Privacy Statement makes no mention of what they may do in the future.

Radiate denies anything beyond basic voluntary information is being served to them.

"We do NOT alter the users' web browser. A component of our ad system is

activated when the anonymous user opens their browser. This component is

activated to deliver advertisements to a cache on the users' computer. The

software applications in our network will pull ads from this cache when they

are running. The use of this cache allows us to deliver ads to applications

which may not be run while the user is online (such as a game that is played

offline), but which the user can still receive for free or at a discounted

rate because of the advertising support. Our license agreement specifies

this and informs the user that our technology will connect to the Internet

ubiquitously in order to transfer advertising information and software

updates."

The key to this statement is the word ubiquitously. Meaning that they

will connect to their own servers from your computer on a steady, constant

basis.They do, however, admit to one charge :

"Advert.dll creates a process anytime your browser is open.

This is true. This process delivers advertisements to a cache on the users

PC which are displayed while the software is being run. This works in a

similar way to how the browser works, with content and images (including

ads) being delivered to a cache on the users PC and then are displayed in

the browser window."

This meaning that at all times your bandwidth may be reduced and, if claims

of crashing are true, your system may be less stable because of their

system, by their own admission.

Interestingly enough, there is the goofy "show me the money" statement lodged in the offending code. Radiate somehow thinks the've dodged this obvious flaw with a statement of how text strings work in a dll:

"Advert.dll contains the string "Show me the money! I want to be Mike!"

This is true. It's a text string used by the DLL. DLLs contain

many text strings which are used by the DLL itself. For example, if

a particular program displayed a window which contained the text "Hello

World", then the "Hello World" text string would be present inside that DLL."

Network Assoc. - Mcafee denies, specifically, that it is a trojan horse:

"There is no basis to substantiate the claim or accusation and is therefore

false."

Few articles mention that just because the most frightening details are false

does not mean that aureate isn't being unethical in their backchannel work. The Opt-out website, run by Steve Gibson, does

an admirably detailed job of explaining exactly why Aureate/Radiate is still a

problem.

"Aureate deserved - and continues to deserve today - the "Spyware" moniker

not (apparently) because it is sending sensitive personal data out of the

user's computer, but because it deliberately slips into the user's system

secretly, uses the user's Internet backchannel without the user's knowledge

or permission, takes pains to remain secretly installed (instructing its

hosting software to leave it installed upon the host's removal), masks its

presence by deliberately suspending its use of the backchannel in the

absence of keyboard or mouse activity and fails to disclose any of this to

the typical user who is never fully informed about what's going on.

When you add to this the fact that the Aureate software has been

conclusively found to be directly responsible for significant Windows system

and Internet browser crashes, and that it is able to secretly download and

cause Windows to execute any arbitrary program into the unsuspecting user's

computer, it is indeed difficult to cut these people much slack."

Check out, specifically, the "Code of Backchannel Compliance" chart they've

shown.

"As if that weren't sufficient cause for alarm, this Trojan Horse spyware -

for that's what it surely must be called - is trivial to "redirect" so that

instead of phoning home to one of Aureate's servers, it connects to any

other arbitrary server on the Internet. It establishes a connection between

that unknown server and your computer, sliding right through whatever

corporate or personal firewalls you or your employer may have erected

(because it functions as a browser parasite which hijacks your browser's

Internet usage permissions). Then it awaits further instructions . . . which

we now know at least include "here's an executable file, download and run it

please.""

"...any malicious hacker who wishes can trivially duplicate the work I did. And, once done, they don't even need to scan the Internet looking for Aureate Trojans . . . since any redirected Aureate Trojans WILL CALL THEM! and await instructions the next time the

unsuspecting user browses the Internet!"

Cheer up! Check out Simtel's policy, as listed on grc.com:

"Effective immediately Simtel Management Policy is that any Adware program

that continues to run when applications that use it are not running will be

banned from the collections. Authors who submit Adware must state that this

will not occur.

The Adware servers have no right to use the user's bandwidth to download ads

while they are running programs that do not use the ads. In my opinion they

are stealing the user's bandwidth when this occurs."

With the news from privacy advocate channels that RealNetworks' subsidiary Netzip has created an aptly named program called Download Demon that sends the name and location of each file you download back to the company, it is obvious that we have allowed inspiration to strike those who wish to profit on our private thoughts. Who knows how many software packages are being used this very moment that intentionally hide some kind of snooping capability? When you find a roach on your floor, you can guarantee a dozen more behind the wall.

Companies like these are making their fortune creating what is essentially malicious code. It's obvious at this point that cookies are merely the naive precursor to a much more invasive version of data mining.

Visit Opt-Out to download the Aureate/Radiate Spykiller.

Visit IDcide to download the Doublclick Network cookie blocker.
Take an active role in the preservation of your own privacy.

Be Ever Vigilant.