Featured Research

180solutions & Affiliate Commissions (NEW)

Advertisers Using WhenU (NEW)

WhenU Violates Own Privacy Policy (NEW)

WhenU Spams Google, Breaks "No Cloaking" Rules

Documentation of Gator Advertisements and Targeting

"Spyware": Research, Testing, Legislation, and Suits

The News, at My Site and Elsewhere

February 9, 2005


I've recently written about increasingly controversial online schemes -- from installations through security holes, to spyware companies deleting each other, to programs that set affiliate cookies to claim commissions they haven't fairly earned.

These aren't nice practices, so I suppose it comes as no surprise that someone -- perhaps some group or company that doesn't like what I'm writing -- has sought to knock my site offline. For much of Monday and Tuesday, as well as several hours last week, all of benedelman.org was unreachable. My prior web host, Globat, tells me I was the target of the biggest DDoS attack they've ever suffered -- some 600MB+/second.

The Operations, Analysis, and Research Center at the Internet Systems ConsortiumDDoS attacks continue, but I'm fortunate to be back online -- entirely thanks to incredible assistance from Paul Vixie of the Internet Systems Consortium. You may know Paul as the author of Bind or as co-founded of MAPS. (Or just see his Wikipedia entry.) But he's also just an all-around nice guy and, apparently, a glutton for punishment. Huge DDoS attack? Paul is an expert at tracking online attackers, and he's not scared. A special thanks to his Operations, Analysis, and Research Center (OARC) for hosting me. In any case, I apologize for my site's inaccessibility yesterday. I think and hope I've now taken steps sufficient to keep the site operational.

Meanwhile, there's lots of spyware news to share. I now know of fourteen different states contemplating anti-spyware legislation -- a near-overwhelming list that is partiucularly worrisome since so many bills are silent on the bad practices used by the companies harming the most computer users. (Indeed, seven of the bills are near-perfect copies of the California bill I and others have criticized as exceptionally ineffective.) At the same time, federal anti-spyware legislation continues moving forward -- but in a weak form that I fear does more harm than good.

Then there's COAST's dissolution -- to my eye, the predictable result of attempting to certify providers of unwanted software when their practices remain deceptive. It's reassuring to see Webroot standing up for consumers' control of their PCs, though surprising to see Computer Associates defend COAST's certification procedure as "valuable." Now that Webroot and CA have withdrawn from COAST, COAST seems bound to disappear -- probably better for users than a COAST that continues certifying programs that sneak onto users' PCs.

The final surprise of last week's news: Technology Crossover Ventures joined in a $108 million round of VC funding for Webroot. Wanting to own a piece of Webroot is perfectly understandable. But TCV is also an investor in Claria, a provider of advertising software that Webroot removes. (See also other investors supporting spyware.) How can TCV fund both Claria (making unwanted software) and Webroot (helping users remove such software)? TCV seems aware of the issue: They've recently removed Claria from their Companies page. But other sources -- Yahoo! Finance, Private Equity Week, Archive.org, and even the Google cache -- all confirm that the investment occurred.