Another company is caught spying on your PC. RealNetworks installs a
"Download Demon" on your PC when you download their free players. It
records every download you make from the Internet and reports it back to
RealNetwork for marketing purposes.
Why do companies think they have the right to do this? I am seeing more and
more of this!
-- Harvey Newstrom <http://HarveyNewstrom.com> IBM Certified Senior Security Consultant, Legal Hacker, Engineer, Research Scientist, Author.> ----- Original Message ----- > From: "PRIVACY Forum" <privacy@vortex.com> > To: <PRIVACY-Forum-List@vortex.com> > Sent: Thursday, May 18, 2000 9:33 PM > Subject: PRIVACY Forum Digest V09 #15 > > > > PRIVACY Forum Digest Thursday, 18 May 2000 Volume 09 : Issue 15 > > > > (http://www.vortex.com/privacy/priv.09.15) > > > > Moderated by Lauren Weinstein (lauren@vortex.com) > > Vortex Technology, Woodland Hills, CA, U.S.A. > > http://www.vortex.com > > > > ===== PRIVACY FORUM ===== > > > > ------------------------------------------------------------------- > > The PRIVACY Forum is supported in part by > > the ACM (Association for Computing Machinery) > > Committee on Computers and Public Policy, > > Cable & Wireless USA, Cisco Systems, Inc., > > and Telos Systems. > > - - - > > These organizations do not operate or control the > > PRIVACY Forum in any manner, and their support does not > > imply agreement on their part with nor responsibility > > for any materials posted on or related to the PRIVACY Forum. > > ------------------------------------------------------------------- > > > > > > CONTENTS > > RealNetworks Returns: The "Spy" in "Download Demon" > > (Lauren Weinstein; PRIVACY Forum Moderator) > > > > > > *** Please include a RELEVANT "Subject:" line on all submissions! *** > > *** Submissions without them may be ignored! *** > > > > -------------------------------------------------------------------------- > --- > > The Internet PRIVACY Forum is a moderated digest for the discussion and > > analysis of issues relating to the general topic of privacy (both personal > > and collective) in the "information age" of the 1990's and beyond. The > > moderator will choose submissions for inclusion based on their relevance > and > > content. Submissions will not be routinely acknowledged. > > > > All submissions should be addressed to "privacy@vortex.com" and must have > > RELEVANT "Subject:" lines; submissions without appropriate and relevant > > "Subject:" lines may be ignored. Excessive "signatures" on submissions > are > > subject to editing. Subscriptions are via an automatic list server > system; > > for subscription information, please send a message consisting of the word > > "help" (quotes not included) in the BODY of a message to: > > "privacy-request@vortex.com". Mailing list problems should be reported to > > "list-maint@vortex.com". > > > > All messages included in this digest represent the views of their > > individual authors and all messages submitted must be appropriate to be > > distributable without limitations. > > > > The PRIVACY Forum archive, including all issues of the digest and all > > related materials, is available via anonymous FTP from site > "ftp.vortex.com", > > in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and > > enter your e-mail address as the password. The typical "README" and > "INDEX" > > files are available to guide you through the files available for FTP > > access. PRIVACY Forum materials may also be obtained automatically via > > e-mail through the list server system. Please follow the instructions > above > > for getting the list server "help" information, which includes details > > regarding the "index" and "get" list server commands, which are used to > access > > the PRIVACY Forum archive. > > > > All PRIVACY Forum materials are available through the Internet Gopher > system > > via a gopher server on site "gopher.vortex.com". Access to PRIVACY Forum > > materials is also available through the Internet World Wide Web (WWW) via > > the Vortex Technology WWW server at the URL: "http://www.vortex.com"; > > full keyword searching of all PRIVACY Forum files is available via > > WWW access. > > -------------------------------------------------------------------------- > --- > > > > VOLUME 09, ISSUE 15 > > > > Quote for the day: > > > > "All gamblers die broke." > > > > -- Bim (Leo Gorcey) > > "Angels with Dirty Faces" (First National; 1938) > > > > ---------------------------------------------------------------------- > > > > Date: Thu, 18 May 2000 12:20 PDT > > From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) > > Subject: RealNetworks Returns: The "Spy" in "Download Demon" > > > > Greetings. You'd think they'd have learned by now. After their public > > relations snafus with the Globally Unique Identifier in their RealPlayer > > product, and concerns over information being transmitted to Real by their > > RealJukebox package, one would have hoped that they'd figured out how > folks > > feel about their activities being monitored, even when the monitoring is > > theoretically anonymous. After all, RealNetworks, Inc. > > (http://www.real.com) takes pains to mention that they're a member of the > > Online Privacy Alliance, whose stated aim is to "... create an environment > > of trust and foster the protection of individuals' privacy online." > > > > But it's hard not to mutter some choice expletives under your breath upon > > learning the details of RealNetwork's latest heavily-promoted goodie from > > their Netzip, Inc. (http://www.netzip.com) subsidiary--the "Download > Demon" > > package. Actually, Real should win the "honesty in product naming" award > for > > this one--"demon" seems to be a particularly apt description. > > > > You may already have stumbled across this little surprise on your system. > > I found it apparently bundled in with other downloads I had made from > > RealNetworks. The Download Demon attempts to automate various file > > downloading functions, to permit downloads to be interrupted and later > > resumed, plus other related functionality. It attracted my attention > since > > it had silently linked itself into my Web browsers to take over all > > downloading operations--*without* my having taken any specific actions to > > install or enable it--and my system was hanging in the course of various > > downloads! I removed it with some difficulty. Only later did I discover > > the much less obvious "feature" of the Download Demon--for all files you > > download, from *any* sites, the Demon sends details (e.g. file names and > > URLs) to RealNetworks/Netzip! Surprise! > > > > I'll give them some credit--at least this is all spelled out in their > > privacy policy (http://www.netzip.com/about/privacy.html). Of course, > this > > assumes that you thought to even bother reading a privacy policy for a > > "simple" downloading package, or had the time to plow through the entire > > lengthy document (which of course is subject to change at any time). > > A handy attorney to help you analyze the policy might also be useful. > > > > Real makes the usual "you can trust us" sorts of boilerplate statements. > > They say that they don't store your Internet IP addresses in tandem with > the > > data that they record about what you download. They claim that it's all > > "anonymous" and that they don't link in personally identifiable > > information. The stated purpose for the flow of information about your > > detailed downloading activities is to target the ads in the "free" version > > of the Download Demon software, and for (here it comes) "aggregate, > > anonymous statistical analysis" purposes. There is no suggestion that > this > > data flow ceases if a user upgrades the product by paying for registration > > (to turn off the ads). > > > > This whole area of commercial monitoring of Internet user activity in > various > > ways, both in "free" and non-free software, is a gigantic growth industry, > > largely fueled by the absence of even basic legislation to provide > consumers > > with specific rights in this regard. Such software packages may entangle > > themselves into users' systems in manners that are difficult to notice, > > understand, control, or remove. The ongoing controversy over the > technology > > used by Radiate, Inc.--formerly Aureate Media (http://www.radiate.com) to > > track various aspects of users' behavior in many popular "freeware" > software > > packages is a case in point. > > > > The "trust us, it's anonymous, you have nothing to be concerned about" > > philosophy expounded in so many complex commercial privacy policies might > > satisfy Alfred E. Neuman ("What, me worry?") of "Mad Magazine" fame, but > > seems increasingly inadequate for the rest of us. > > > > As far as the "Download Demon" is concerned, if you feel that it's > > RealNetwork's business to know the details of your file downloads from > > whatever sites you visit, by all means continue to use it. If not, you > may > > want to consider trying to remove it (in the MS Windows case, via the > Windows > > Add/Remove Programs controls), and take care that it isn't automatically > > installed again in the course of some other software installations. You > > might also wish to consider dropping a note to privacy@netzip.com letting > > them know how you feel about these issues, pro or con. > > > > To many firms, the Web has become the vehicle for all manner of invasive > > systems and policies which few of us would tolerate in the routine, > > "non-computer" aspects of our lives. It's up to you to decide whether or > > not you wish to passively play along with the salacious circus of > > software spies. > > > > --Lauren-- > > Lauren Weinstein > > lauren@pfir.org or lauren@vortex.com > > Co-Founder, PFIR: People for Internet Responsibility - http://www.pfir.org > > Moderator, PRIVACY Forum - http://www.vortex.com > > Member, ACM Committee on Computers and Public Policy > > > > ------------------------------ > > > > End of PRIVACY Forum Digest 09.15 > > ************************ > > >
This archive was generated by hypermail 2b29 : Thu Jul 27 2000 - 14:11:56 MDT