Here's some news guaranteed to brighten your day from Jeremy Reimer at Ars Technica:
In the seemingly never-ending war against spyware and other intrusive and harmful software, the Federal Trade Commission has struck a blow against Sanford Wallace, known as the “Spam King,” for his habit of sending mass e-mails. A judge in the District Court of New Hampshire has ruled in favor of the FTC, forcing Wallace and his company, Smartbot.net, to give up over US$4 million.
The company was charged with deceptively installing spyware without users’ consent, changing their browser settings, and barraging them with pop-up ads. The spyware also caused users’ computers to slow down and in some cases even destroyed user data. Some web sites featuring the software were incredibly deceptive, using a simple system call to open the CD drive and then displaying a message saying “If your CD-ROM drive is open…You desperately need to rid your system of spyware pop-ups immediately.” Ironically, clicking on the link to “rid your system of spyware popups” installed the harmful software.
“We got what we believe is a judgment for the full amount of disgorgementâ€”the amount of money we believe he took in through the unfair distribution of spyware,” Rick Quarefima, the assistant director in the FTC's division of advertising practices, said in an interview.”
The FTC also won a smaller judgement of US$277,000 against Optintrade, a company headed by Jared Lansky that placed advertisements for the Smartbot.net software.
Wallace had initially put up his own defense in this case, arguing that “there is nothing we're involved with that cannot be avoided by a consumer choosing to turn off downloads on their computers or by blocking pop-ups” but ultimately abandoned this argument in the face of withering criticism. The final judgement was passed in his absence, although the FTC believes they will be able to track him down and retrieve the money, which will go to the US Treasury.
Hopefully this judgement will help curb the nefarious activities of companies like Smartbot.net. However, lawsuits against spyware companies are just one prong of the attack against malicious software. The problem can also be attacked with software, such as Microsoft's free Windows AntiSpyware program and anti-phishing technology integrated into most new web browsers, and by user education, which teaches people how to practice skeptical computing.
I brought you the arstechnica logo because my right-brain really liked the connection between their tagline and what they do.
The bit about reaching into your house and opening your CD drive is particularly creepy. But it's also a signpost with respect to what is to come.
As our environment becomes intelligent and wired, the connection between physical and digital intrusion will become increasingly closer. Today Wallace takes over our CD drives; his progeny will go for our windows and doors. All, to me, more proof that a strong identity metasystem is not just a nice-to-have, but an inevitability. Through its ubiquity and commoditization it can bring secure wireless devices to the price-point where intelligent enviroments can become reality.