So Long Sobig

I checked my email this morning and not a single Sobig-infected message came through.

Not one.

Just as quickly as it started, it’s over. Very odd. The only thing that makes sense is that there was only one computer infected with Sobig that had my email address on it, and when that user finally patched their computer, it stopped sending to me.

FUD Alert

There’s this site called Technofile written by some guy named Al Fasoldt that has this article that I thought was pretty FUDish. I found it because my wife sent me a link to online news source that had picked up this article. It’s about alleged spyware Hotbar, and after reviewing the article, I’ve pretty much come to the conclusion that this Al Fasoldt doesn’t know what he’s talking about.

Hotbar is apparently similar to the Google Toolbar (which I use at work, and it’s great): a browser plugin that offers information on related sites to ones you are browsing, and additionally allows you to install skins that replace the flat gray on the Internet Explorer toolbar with overlaid graphic images. Okay, no big gotchas here so far.

But to quote the article:

But it’s actually monitoring the surfing habits of all users and reporting this information back to a central site so it can be marketed to anyone who wants to buy it.

Hmmm. Sounds like any other website to me. Then the article mentions a problem with slower browsing and crashing Windows, and that there are problems with popup blockers—Hotbar still lets some popups through, apparently. Interesting, but still doesn’t really raise any red flags.

Then the article begins spouting off about some “startling admissions” about what Hotbar does, admitted by Hotbar (gasp!) on their own website.

This is funny: it’s a direct quote from the article again, itself quoting the Hotbar site:

Here are excerpts from the Hotbar site:

“For every Web page you view . . . the Hotbar software transmits and stores the following information from your computer to Hotbar: Your IP Address, which may include a domain name; the full URL of the Web page you are visiting; general information about your browser; general information about your computer’s operating system; your Hotbar cookie number . . . and the date and time the above information is logged.”

Excuse me? This is exactly what every webserver on the internet does! There’s no conspiracy here, no unethical behavior on the part of Hotbar from this excerpt, this is how the web works.

At this point I pretty much decided this Fasoldt guy has no business writing about technology. All I can see he’s doing is spreading FUD without any real knowledge of how things operate.

(Out of curiosity, I checked out Hotbar’s privacy policy. It’s pretty standard, and it’s pretty clear that any additional information they collect about you (aside from standard web log data) is something you would know about, since you have to provide it yourself in the registration forms. I know a thing or two about this type of browser application, too, and I’m pretty sure it’s not spyware any more than the Google Toolbar is.)

Hey Al—you better watch out! I’m collecting your IP address, the pages and files requested, the browser you’re running, and where you came from too! And I track the dates and times! I even track what you search for when you use the search box feature on my site!!

And oh man, you better avoid any search engine sites, like Google, because not only can they track all those things, they can also track every search term you’ve ever tried, and if they wanted to, they could track what sites you visited from the results list they gave you!!