toggle.org, TOGGLE On-line Newsletter

Number 210 - November 2000

A SERIOUS New Spyware Threat
by Steve Gibson, http://grc.com
NetZip's "Download Demon" was purchased by Real Networks and renamed "Real Download"--then Netscape/AOL licensed it from Real and called it "Netscape Smart Download." By watching the "packet traffic" flowing in and out of one of my machines while downloading a file through the Internet, I verified the rumors which you may have heard regarding these programs: All of these programs immediately tag your computer with a unique ID, after which EVERY SINGLE FILE you download from ANYWHERE on the Internet (even places that might not be anyone else's business) is immediately reported back to the program's source where it is logged and recorded along with your machine's unique ID. They also have the opportunity to capture and record your machine's unique Internet IP address. This information is then compiled and used to create a detailed "profile" about who you are based upon the web sites you visit and the files you have downloaded. Perhaps you don't mind being watched and tracked as you move around the Internet ...and then having every file you download logged and cataloged and used to assemble "your profile". But the idea of this seems extremely invasive to me, and unless you have carefully read the program's license you might not be aware that this is going on or that "you agreed to it" when you accepted the terms of the license!	More than 14 Million people are already using the original NetZip Download Demon. NetZip knows the exact number, since every copy of their program "phones home" to report on what their users are doing! And I'm sure people are downloading Real Network's ReadDownload and Netscape's SmartDownload like crazy. A Class Action lawsuit was recently filed against Netscape/AOL because of this privacy invasion, so perhaps the PC industry will begin to receive the message that this sort of secret spying and profiling is not okay with the rest of us, even if it is buried within a lengthy license agreement. You decide. And, of course, the next release of my own OptOut spyware detection and removal utility WILL consider these programs to be dangerous, and warn its users of their presence in their systems. But I wanted to be sure that you knew RIGHT AWAY what was going on, and that I had independently confirmed that this invasive file download tracking really was occurring. If you have questions or comments, please see: The Newsletter Forum at news://grc.com/newsletter, or Web Discussion at http://grc.com/newsletter.htm Thank you for your time. I hope this has been useful to you.
Number 210 - November 2000