Feeds

McAfee SiteAdvisor sued over 'spyware' tag

If 7Search wins, you lose

  • alert
  • submit to reddit

Security for virtualized datacentres

In a case that could tie the hands of companies trying to protect their customers from internet threats, a website owner with past ties to a notorious piece of spyware has filed a lawsuit claiming it is being unfairly maligned by warnings from McAfee that the site poses a risk to its customers.

7Search.com filed the complaint in US District Court in Illinois. It seeks unspecified monetary damages and an injunction ordering McAfee's SiteAdvisor service to designate the site as safe. SiteAdvisor, which warns users when they are about to visit a site that may pose security threats, currently displays a warning that reads: "Feedback from credible users suggests that downloads on this site may contain what some people would consider adware, spyware, or other potentially unwanted programs."

7Search.com insists there are no software downloads available whatsoever on its site and argues the warning amounts to a willful attempt to injure a legitimate business.

"Customers of 7Search who have opened accounts with 7Search.com have later terminated that business relationship as a result of seeing McAfee's false, deceptive, confusing and/or misleading statements and representations about 7Search.com," the complaint contends.

7Search was the site that once upon a time offered the much reviled 7FaSST Search Toolbar, which according to analyses such as this was a purported browser accelerator program that in some cases used ActiveX to forcibly install itself on users' PCs. Once there, it logged detailed information about user's browsing habits.

In its complaint, 7Search says that "Since at least 2003 there have been no direct downloads available on the 7Search.com site."

What the complaint doesn't say is that people who own 7Search.com have ties to browseraccelerator.com, a site that pushes a browser toolbar that "helps users improve their online experience dramatically by displaying within a browser everything an informed consumer needs to know about the web site being visited."

Eric Howes, director of malware research at security provider Sunbelt Software, installed the software on a virtual machine and quickly noticed the software was offering search results that mixed sponsored links from unsponsored links.

"What they're trying to do is sneak adversing past the user without the user recognizing the search results ... are sponsored, paid-for results," he said. He also said the software by no means represented a high risk because it didn't appear to track individual users or forcibly install itself. Still, he said: "We would probably target it because of the overwhelming presence of advertising."

Indeed, two Sunbelt products, Viper and CounterSpy, block the installation of the program.

7Search.com's owner also appears to have ties to validatedsearch.com, a site that competes with McAfee's SiteAdvisor by providing third-party certification to end users that a given website is trustworthy. The administrative contact for both sites, as well as browseraccelerator.com is listed as one Patrick Devereaux in Chicago, according to Whois search results.

The viability of lawsuits that take action against anti-malware providers for their warnings has been questioned by some legal experts. They say a provision in the Communications Decency Act (CDA) expressly protects providers of "interactive computer services" who provide services that filter pornography or other potentially unwanted content.

"An anti-spyware vendor saying, 'Don't go here, but go here instead' is exactly the kind of filtering decision that the statute was designed to protect," said Eric Goldman, a professor of law at Santa Clara University.

Indeed, a federal judge recently invoked the CDA in blocking a similar suit crudware maker Zango filed against anti-virus provider Kaspersky. The decision is now on appeal.

Additionally, Goldman says free speech guarantees likely protect vendors as well.

We sure hope so. The lawsuits' outcome will have a profound impact on the protections anti-malware providers are permitted to offer at a time when threats on the internet are skyrocketing. If they win, we all lose. ®

Update

A McAfee spokesman just issued the following company statement: "SiteAdvisor rates Web sites to make the Web safer to surf. Our methodologies provide for a repeatable and objective reasoning based on facts and the threat landscape. At times people disagree with our ratings. Those Web site owners are encouraged to work with us on such matters."

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.