home sidereal designs
  


"The Desktop Global Marketer" (tm)



   A free on-line newsletter of Sidereal Designs, Inc.,

   for Internet Entrepreneurs, and those who are

   considering becoming one.

_____________________________________________________



                 September 2001



In this issue: "We are seeing the first instances 

of viruses being used for commercial gain. If you are 

the owner of a web site, what is being done is stealing 

business from you."



_____________________________________________________



   "The Desktop Global Marketer" is free, and may be 

   re-published freely with permission. We encourage 

   you to give it to your friends.



   For subscription (or un-subscription) details,

   and other information, please see the end of the 

   newsletter.



   For any other purpose, please write to:

   	jamie(at)siderealdesigns.com

   Or visit us at:

   	http://siderealdesigns.com

_____________________________________________________



I wish I had a nicer topic this month, but you need to know

about this.



Until now, viruses have been used principally to annoy or wreak

havoc in order to give their perpetrators a perverse

thrill. Now we are seeing the first instances of viruses being

used for commercial gain. If you are the owner of a web site,

what is being done is stealing business from you.



In particular, if you have paid in money, or in sweat, tears,

and blood to have links to your site out where people can find

them, the benefit of your links is being stolen from you.



Technically what is being used is a "trojan horse." That is,

an unwanted program that sneaks into a computer, piggy-backing

on some desired program that is deliberately downloaded. The

trojan horse is then free to run in the computer.



What is new is a type of trojan horse that is commercially

sponsored and deliberately added to popular programs for

a fee paid to the distributor of the program.



The initial examples of these programs, which have been dubbed

"Scumware" for obvious reasons, will alter the web browser on

an infected computer. Afterwards, whenever a page with certain

selected words in the links is viewed, the links will be

modified to send anyone clicking on them to the web site that

sponsored the virus instead of the intended web site.



There are variations which make links out of targeted words in

the text of a page (an obvious appropriation of a feature which 

Microsoft was intending to add to its new software until 

industry outcry forced them to back off.) There are also some 

versions that will track your browsing history and report it 

back to the sponsors of the trojan horse - presumably so you 

can be better targeted by spammers.



What can you do? First you need to make sure your own machine

is not infected. Beyond that, if you are the owner of a web

site you need to protect your own site to the extent that is

possible. There is one technique that can be implemented on

your site which exploits a bug in current scumware to protect

the site. Unfortunately, I don't expect it to be effective for

very long as the perpetrators improve their methods.



Fortunately there are some talented people working on the

problem and better solutions may be found.



The other thing you can do is to join the effort to stop the

practice at its source. Both the people who pay to have your

links modified to point to their own, and the providers whom

they pay to add the trojan horse to their programs are more or

less publicly identifiable. They can stay in business because

there is yet no law against this practice.  Write your

legislators.



Those of you who are list-owners need to be particularly alert

for complaints from subscribers that links to or on your site

are taking them to unintended places.



Many of the companies buying scumware links thought they were

buying legitimate referrals and have backed off when they

discovered the real source of their traffic. Others are not so

honest, and of course those launching the trojans know what

they're doing.  Join in boycotting participants and letting

them know it.



Information can be found at http://www.scumware.com 



(This site has a slightly hysterical tone, but the information

is useful. It also provides a way of checking IE browsers to

see if your own computer is infected.)



According to that site, the most egregious offenders on the

net are the providers of KaZaa Media Desktop, a free

replacement for Napster which has been downloaded by over 7

million users from one site alone.



Another, which they highlight as one of the worst

perpetrators in the "Et tu Brutus?" category is Commission

Junction, which many web site owners have used in the past.



It was a company established to serve the needs of affiliate

program operators in order to recruit new affiliate sign-ups

and was based on Commission Junction's reputation that would

insure that everyone involved would get paid and receive

value. They have fallen on hard times in the dot-com wipeout

and allegedly resorted to selling scumware-generated traffic

to their affiliate members.



To be honest, I dislike the thought of legal regulation of the

web. The legislators typically understand nothing of it; they

are likely to break things. More practically, the perpetrators

would only have to move offshore. Still, some laws would put a

crimp in their operations.



The best remedy is public awareness and recognition of the

problem and treating the perpetrators the way you would anyone

else offering you stolen goods.



I think we cannot rely on the interests of commercial web site

owners to generate a huge outpouring of public indignation,

but this technique is also capable of, and will be used for,

more nefarious purposes such as putting links to adult sites

into seemingly innocuous links that may appear in children's

browsers. The public at large will respond to this type of

abuse.



I promise I'll look for a more cheerful subject next issue!



Best,



Ernie



_____________________________________________________



To subscribe, send email to: 

	newsletter-request(at)siderealdesigns.com

and include the word   subscribe   as the only item in

the body of the letter.



To unsubscribe, send email to: 

	newsletter-request(at)siderealdesigns.com

and include the word   unsubscribe   as the only item in

the body of the letter.



If you have problems with either of these, write directly

to jamie(at)siderealdesigns.com for prompt attention from

a human.



If you would like to re-publish any of our newsletters,

at no cost, please contact jamie(at)siderealdesigns.com.



"Sidereal" is pronounced sy-DEER-ee-all, and means "of

or pertaining to the stars, the heavens, etc."



_______________________________________________________________________

Sidereal Designs, Inc.               "Putting your business on the web"

http://siderealdesigns.com    301-916-5702   info(at)siderealdesigns.com



Copyright © 1997-2002 by logo Sidereal Designs, Inc. All rights reserved.