Feeds

FTC spanks Sony BMG, porn operator

Spyware and x-rated spam

Combat fraud and increase customer satisfaction

It's been a good day for the Federal Trade Commission, which has spanked Sony BMG for its surreptitious installation of nasty-ware and an adult Web site that - gasp - was responsible for the sending of x-rated spam.

Sony BMG agreed to pay up to $150 for each computer damaged in its secret scheme to load spyware-laced DRM software on its customers' machines. Not only did the software (a) load with no warning (b) report users' listening habits to a Sony BMG-controlled server, (c) prevent copying that may be protected under the fair use doctrine and (d) open a gaping hole that could have allowed online criminals to completely own the machine, but Sony also (e) rained down salt in customers' wounds by suggesting their complaints over the practice were trivial.

The settlement could represent a bitter dose for Sony if enough infected users - estimated by one researcher to range from 100,000 to 1m - claim their stake. The record label has already settled state claims in California and Texas, which call for Sony to pay up to $175 to CD buyers who were stung.

Sony's remorse is a far cry from defenses erected in late 2005 when one exec famously remarked: "Most people, I think, don't even know what a rootkit is, so why should they care about it?"

Also crying uncle was TJ Web Productions, which agreed to pay $465,000 to settle charges that the spam campaign it initiated failed to comply with an FTC rule requiring sexually explicit spam to be marked as such and the CAN-Spam act, which dictates spam must display a physical address. ®

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.