Tag Archives: web interface

Can We Trust Anti-Spy Software?

Who watches over the watchers? In software, it seems, it’s often the same folk.
Reading a press release for X-Cleaner, “a privacy tool suite that detects and removes installed spyware and adware components”, it sounded interesting enough for a mention. After all, it “includes tools to securely delete files, edit the registry, disable startup programs”, as well as “IE home page protection, cookie, cache and history cleaning, built-in password generator and more”. What’s more, there’s a free version with some features disabled. Not a bad tool for those folk worried about keylogging phisher trojans and whatnot.
But when I tried to find out who the company is behind it — never easy with companies working outside the U.S., I find — I saw some of the other software sold by the same company. The company is called XKee, it does not reveal where it’s based (and the WHOIS registrant information for the website contains a UK-based email address and a half-complete New York mailing address). XKee says (and I reproduce the original formatting here) “WE DO NOT MAKE ANY OF THE SOFTWARE! EACH PRODUCT IS SUBMITTED BY A SOFTWARE COMPANY OR DEVELOPER, OR IS PICKED FROM THE INTERNET BY OUR EDITORS. WHAT WE DO IS REVIEW AND RATE THE SOFTWARE, CATEGORIZE IT AND MAKE IT AVAILABLE TO YOU.”
Among those products are:
  •  iSpyNOW, “the critically acclaimed, award winning remotely deployable computer monitoring application. iSpyNOW is first of its kind – offering users the ability to remotely monitor a machine via a web interface without ever having physical access to that PC. iSpyNOW 3.0 now sets a standard in the remote monitoring and surveillance market. Read below to see why iSpyNOW 3.0 is the most powerful remote surveillance software offered anywhere!”
  • SpyBuddy,  ”the award-winning, powerful spy software and computer monitoring product for monitoring spouses, children, co-workers, or just about anyone else! SpyBuddy allows you to monitor all areas of your PC, tracking every action down the last keystroke pressed or the last file deleted! SpyBuddy comes equipped with the functionality to record all AOL/ICQ/MSN/AIM/Yahoo chat conversations, all websites visited, all windows opened and interacted with, every application executed, every document printed, every file or folder renamed and/or modified, all text and images sent to the clipboard, every keystroke pressed, every password typed, and more!”

Now, I know that software sites such as this are not unusual, and it’s also not unusual that they’re going to sell software that plays both sides of the fence — snooping, and anti-snooping — but it made me wonder: In these days of sophisticated fakery, how do we know the anti-snooping software does what it says it does? How do we know the software is not doing its own kind of snooping, like the other products on sale? If a company is happily selling snooping software, how far can we trust them to sell us something that does what it says it does?

The answer in the case of X-Cleaner is this: Despite the similar sounding names, it does not appear that X-Cleaner is related to XKee. X-Cleaner, from what I can see, is a bona fide anti-spyware program produced in Belgium by a company called Xblock. It has been reviewed in PCWorld and elsewhere, so is probably kosher. But there’s no easy way of telling any of this by visiting the websites of XKee, X-Cleaner or Xblock. I could find no useful company page, nothing to identify the folk behind it and an address or something to grab a hold of.

My feeling is this: I’m sure XKee and companies are not into anything sleazy, but nowadays I think they have got be much more upfront about who they are if they want to be credible: Especially if they’re selling potentially law-breaking software like spyware and mass-mailers. We need a physical address, some names, a corporate identity that stands up to scrutiny and customer queries. For the user, I’d say this: Be wary of any software that promises to keep your privacy unless you’ve read a review by someone you respect, and you have a pretty good idea of who’s behind it. For columnists like me, I’m going to be more careful about what software I recommend in future. End of sermon.

News: Browsers Hit A Legal Minefield

 From the This Could Change Everything Or Mean Nothing Dept come reports that Microsoft (and presumably others) may have to redesign their web browsers after a US court found that Internet Explorer infringes another company’s software patent. The BBC reports that the World Wide Web Consortium, the body responsible for web standards, also released a statement saying that Microsoft “will very soon be making changes to its Internet Explorer browser software in response to this ruling.” The patent concerned describes a way of “automatically invoking [an] external application” and “providing interaction and display of embedded objects” inside a “hypermedia document”.
It’s not easy to figure out what happens next. Like all software patents, the BBC says, it is written in a complex legalistic style which makes it hard to determine just what it covers. However there is a general consensus within the web community that it would include clicking on a link to load a Flash movie or a video player, controlling an external application through a web interface and downloading and running programs inside a web page.
This means that core web technologies, including plugins for multimedia websites, Java applets, and even Microsoft’s own ActiveX controls, will be affected. Ouch.