Who's Watching Me

Discussion in 'privacy technology' started by luv2bsecure, Feb 9, 2002.

Thread Status:
Not open for further replies.
  1. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Pete:

    I understand what you were saying now.

    As for tech support, we have never had to use it, so I don't know how long it takes to get an answer.

    The scan takes about a minute, maybe?

    You're right, I guess I should know how long the definitions are good for. I'll ask.

    I'm glad you agree about the "free trial" I don't care what program it is, that's a joke. But it is good to know you are getting good results.

    In our state (California) any company monitoring your computer use must have you sign a waiver acknowledging the fact you understand you are being monitored. The IT department at our friend's business had never had anybody sign anything.

    By the way, Tracy and I were just talking about this the other day when I read her a post on another forum about the computer belonging to the company so you should expect to be monitored and all that. The whole thing in California came about after privacy groups made a very good case that monitoring an email on the company computer is an invasion of privacy. They ran those "write your state senator" kind of commercials in certain key areas of the state before they voted on the waiver and made a good case. Think about this. Have you ever had a package sent to your office instead of your house since you aren't home to sign for it. Do they have the right to open the package even though it's addressed to you? Obviously, no. The government would consider that a crime. What if they had a way to secretly watch you open that package? Would that wash? The other commercial that was really good was one that argued that people have been writing letters with company pens and paper and envelopes since there have been people to do it. So what if it takes a few minutes out of the day? Nobody works every second of the work day anywhere. What about lunch hours? What is it about computers that makes them different? Why could you use company pens, whatever, during lunch without having the boss read what you're writing, but when it comes to computers, just because it's technically feasible, it's ok for them to spy on you? Word for word. An email to a spouse shouldn't be a crime inn the workplace, it's part of our culture today. Besides, you know the bosses do it all day long to whoever they want. We shouldn't look at computers as some kind of sacred property different from anything else. The bill passed and any employer spying on you while using your computer must make you aware of it. And it is YOUR computer. Again, the commercials hammered away on what's the difference. Is your desk YOUR desk or not? Computers shouldn't be treated any differently and privacy and courtesy should be respected. This was a long way of saying that a lot of people now run anti-keyloggers to detect if they are ILLEGALLY being spied upon by their companies. If I can put pictures on MY desk and decorate MY workspace I can install a program on MY computer. That's the case anyway. I wouldn't not recommend people not do that, because some places it's a workers defense to possible labor law violations.

    I like the new forum. This is really cool and the option of being notified of replies is great. Thanks for your reply pete. You seem like a pretty nice guy. Take it easy.

    John
     
  2. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    Welcome aboard John.
     
  3. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Hi, John, and welcome back!

    A full scan with SpyCop takes approx. 13 minutes on a 1.3GHz computer (that's with the 'SuperDetective Scan Mode' checked, which is recommended).

    It takes your program approx.  1 minute?

    Hmm.

    From my previous post at the old board: "Simply looking for operating system
    hooks or scanning the registry will miss spy programs which don't hook the
    operating system. This includes spy programs which record URLs visited,
    emails sent and videos of your screen.  Just because it's fast, doesn't mean
    it's effective. We are aware of a couple of new keyloggers which don't hook
    the operating system at all, but which are actually loaded as device drivers
    by the system! "

    (If anyone here knows whether that statement is incorrect, please let me know, because if it IS correct, then I'm seeing major problems with a one-minute scan).

    We obviously have vastly differing viewpoints on what's 'yours' at work, so I'll skip that (other than to add a hearty 'Amen!' to your advice to people NOT to add personal software of ANY type to your WORKs' computer) and merely point out the fact that compromising your OWN computer with new software is one thing - compromising an entire business' computer NETWORK is an entirely different matter - a terminatable and prosecutable one in most places, I might add.

    While you and I and a lot of other people may know to always scan removable media (CDR's and floppies) for virii/trojans/malware BEFORE running said media to install something, there's an incredibly high percentage of people out there who DON'T know to do this - thus leaving the entire SYSTEM wide-open to whatever Joe Blow's decided to bring in from the house or has just gotten from a buddy who said it was 'neat'.

    The same goes for d/l'ing/installing ANYTHING non-business-related AT work from the Internet - it's a screamingly dangerous pratice when you're using someone elses' system - which, BTW, is probably one of the main components involved in making sure you get a paycheck every week.

    The same, or perhaps even a greater, threat level is involved in doing personal email at work - how do you know that whoever you're corresponding with didn't just get hit with the latest (undefined) virus? Or even if you're opening an email from your friend or from the virus?

    You don't.

    (Oh, well, if we all thought alike, life would be incredibly boring, wouldn't it? :) ). Pete

    *BTW, I'm fixing to open a thread in TenForward entitled "Who's Stuff IS IT?", so let's take the OT stuff there, okay? I think it's a worthwhile separate subject on its' own, just not here.
     
  4. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Hi there Pete:

    This post is about the Who's Watching Me program, so staying on topic I'll keep this here and maybe discuss the other stiff in tenforward.

    I agree, it sounds weird as to how fast it works, but it looks for things in a way that is so unique he is dead set on patent approval. I'll repeat what I said before, it works! How it works or why it works is way over my head. But this is something that is simple to verify. Try the 90 day free trial and see how it does right along with SpyCop. I think he may even mention the patent application somewhere on the website. It's just one of those things that I don't know how, but I do know that it simply works.  This is something that either it does work or it doesn't, at whatever speed. I know the speed issue is something he says is part of what he is seeking the patent for. He is on to something that the others aren't obviously and it just works. And that's the bottom line.

    It's kind of like, can this guy really hit a ball into the upper deck of so and so stadium. We could talk all day and night about whether he really can or not. But if we show up at the stadium and we see him do it time after time, it's settled. However he does it, he does it. There's no more discussion because we have seen him do it. That's how I feel. I know it works! One minute, three minutes, fuve hours, whatever, it works! Why not just give it a try for yourself and compare the two? Or have Wilders.org perform a test. It's like the guy that can hit the upper deck, either he can or he can't and once you see he can do it, the doubts and discussion prior to seeing it is history.

    Remember, it doesn't just check the first 200 files, he is so confident in the product he gives you the whole thing for 90 days. He made clear to me he knows, without a doubt, his method which is not used by others is more effective and wants all to see how effective it is.

    Why not put it to the test and all the talk about hooks, length of scan and all that stuff will be mute. If I come up with a way to grill a steak in 2 minutes there may be a lot of questions, but if they see it done, the argument over the grilling time is over. New technology comes along all the time. This guy is serious about what he is doing. He finds humor in the fact that others haven't figured it out yet! I haven't a clue either. Why not just try it and see?

    Yes, the world would be boring if we all thought alike. In cryptography, there are more opinions than there are flys at a picnic on just about everything.

    Go see the guy slam it into the upper deck and see that it can be done. However it's done.

    I have to shuffle off and pay my electric bill now and stand in line for an hour. Fun stuff  :)

    John enjoying the day in sunny/73 San Diego!!!
     
  5. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Hi Guys:
    There was no response to the post above. It has languished for quite awhile. I think it's a really good idea and would love to see wilders.org put the two head-to-head in a test with whatever else is out there like it. Maybe Pest Patrol? I see they are now actively advertising it as an anti-snooper. Doesn't wilders do some testing? I think this one would be a good test and also help a lot of us because this area of security is so new!

    John
     
  6. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi John,

    We consider your request; for the moment it's on our "to do list" - hope you don't mind.

    regards.

    paul
     
  7. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    I'm willing to try some testing of WWM - but not a comparison with SC since I don't use it.

    What would be a good test procedure?   :-*
     
  8. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    That's the problem - while a lot of the KL'ing programs out there are free to d/l (although there's a concern involved with where you might get them, insofar as having to be very careful where you get them), most of the more technically-sophisticated ones are not free.

    Paul and his testers had, I believe, 50 such programs. I have no idea whether they were all free ones, or a mixture of the free/pay ones.

    At any rate, short of having him send us (via email) the programs that were used (which they probably can't do if some of them were registered programs), I have no idea how to go about running a comparison test from amongst the different vendors - I'd rather let Paul and his testers handle it, whenever they get the chance to do so.

    Just my .02 Pete
     
  9. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    I take it back.  I am not touching these people with a bargepole! Apart from their "legal" terms and conditions, their site is amateurish beyond credibilty (you have to read their agreement BEFORE accessing their site!) and their "press" statements are so pathetic they can't even be considered a joke.

    NO THANKS!
     
  10. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Checkout,

    Good arguments. Testing is no longer on the "to do list" over here.

    regards.

    paul
     
  11. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Wait, wait -- TIME OUT!

    Checkout and Paul, The agreement says that about access to the site, but did you have to do anything to access the site? I didn't and never have from any computer. What they mean is accessing the site as in they want you to know things (being honest and upfront before you access (or get around) the site. They don't actually BLOCK physical usage.

    As for the legal bit, that's basic stuff! There's not a single commercial site out there that doesn't run a "WebTrends" program or another freebie to see where their customers are coming from, etc. That's all that says! You'll see that exact same language at many, many sites. It's just a WebTrends or HitBox like thing or the web hosts own stats program. There's nothing wrong with that at all! Any commercial site that says they don't run a stats program with all that info is lying!  As for the reacting to a subpeona and other times when that company would turn over information, so would wilders.org! They only put all that in writing! I find that a PLUS not a negative. They would have no choice.

    As for the press coverage, what were you looking at? I saw three links: one to a Salt Lake newspaper that ran an AP story on the program, a link to TechTV where they ran a segment on the story, and a TV station that ran a story. What's wrong with any of that?

    I just went to the site and the press section that has the listing of all the snooping software and links is very helpful!
    http://www.trapware.com/PressBigBrother.html
    Good to know the enemy!

    The website is amateur? That's subjective. I don't think so at all. On the front page it told me exactly what snoopers have been added to the program on February 10th. The navigation seems pretty simple. I think the web site is FAR from "amateur" and that's very subjective. What's good to me, might be awful to you and vice versa.

    The biggest thing seems to be the use of a webtrends, hitbox-like analyzer. That just shows exactly what it says in their disclaimer which they are honest enough to put up. Really, what commercial company doesn't use one of those free programs or simply the web hosts own stats program to see who is visiting the siteo_O There's just not a thing in the world wrong with it!

    Checkout, I honestly believe you overreacted to things that are basic to any commercial site. The "legal" stuff is just exactly what ANY site should put on their privacy statements because thats the reality in America. The cops can knock at the door - and you have to hand it over if there was a warrant issued or a court order of any kind. Their site simply states that.

    Paul, don't let that deter you from testing their software! I don't think those were good points at all. Checkout wasn't seeing it for what it was, which is simply an attempt to disclose everything upfront in their dealings. Especially when it comes to stats logging that every web host provides.

    I really want to see a good test and for something like that mentioned by checkout to stop you, you would NEVER be testing anything!

    Please think about it from a different perspective, as being honest and upfront, and reconsider. And look at the website. For what it is, with the whole "Inspector" look and "snooping" I think it's fine. Which goes to show right there how subjective that is. Not fair at all to count them out for any of the points raised bt checkout. Nothing personal checkout, but I think you overreacted.

    Back to work!

    John
     
  12. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    I'll give a more considered, expanded reply in the morning.  But to say I overreacted to a site which admits to tracking my web behaviour when they espouse the cause of privacy in some nebulous claim of wishing to know blah-blah about my preferences, isn't fair comment.  I don't want to be tracked and nobody has the right to presume my compliance, especially when I can't find out until after the event.

    For now, let it be known as a self-admitted fact:  Trapware tracks users.
     
  13. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    If you don't want to be logged, don't go to any websites. You have been logged at every single website you have ever been to. If not by the site owner, then by the ISP for sure. www.security-pro.co.uk , just logged you making that post. If you don't believe me, email them and ask them. There are after all a security company; it would seem kind of silly if they didn't. How does someone know how many hits he gets without a stats program logging visits? ISPs have to know how much to charge for bandwidth.

    here is some webalizer sample stats (webalizer is used to collect data about this site too)

    http://www.mrunix.net/webalizer/sample/usage_199904.html

    Did you not notice the little "logged" icon beside every post? Guess what it does.....
     
  14. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Checkout and ALL:  HOURS of research this afternoon has gone into what you'll find below. Checkout, It's really not bad. There is hardly a commercial site on the web that doesn't do exactly what Trapware does. At least Trapware tells you. Most others do as well, but I'm sure plenty of sites take the same stats and look at them and never mention it. Most all sites have a Privacy Policy these days. My wife and I have done some research and I think it clearly shows Trapware is no different than anyone else. Any web host provider gives all this info in a stats program, and many web sites use third party stats tools, it is common practice. Here's what we found in "Privacy Statements" from various companies and sites around the web. These are all direct quotes from the statements. Nothing added or taken away.

    McAfee

    Log Files
    McAfee.com maintains log files of the traffic that visits the McAfee.com site. We do not link any information gathered in these log files to personally identifying information. Log files are used to manage traffic loads and information technology requirements for providing reliable service. Information collected includes IP addresses and browser types.

    Symantec-Norton

    Web Site Traffic
    We may track domain names, IP addresses, and browser types from people who visit our site. We use this information to track aggregate traffic patterns throughout the Symantec Web site. Such information is not correlated with any personal information.

    Kaspersky

    Has NO privacy policy posted. We looked everywhere, used the search and found none. But, we did find this:
    Aureate Media plug-in modules do not collect and transfer any information from a user's computer except as previously stated in the License Agreement
    Aureate Media does not violate the user's privacy
    Because of the aforementioned, Kaspersky Lab considers that Aureate Media software poses no threat to its users.

    About.com

    Additionally, usage information may be analyzed so that we can judge our system's performance or execute your customized features.....Cookies assist us in tracking which of our features you like best. And when you re-visit our GuideSitesTM, cookies can enable us to customize our content according to your preferences. However, cookies tell us nothing about you personally unless you specifically give us additional information.....some advanced features use cookies to assist in keeping track of your location within the About.com Web site in order to provide navigational trails and similar navigational features. These cookies are not used to personally identify your surfing patterns, and are merely used to provide navigation links.

    ESET Software's NOD32

    NO PRIVACY POLICY FOUND

    Trend Micro PC-CILLIN

    Trend Micro also logs IP addresses, Web browser information, referral information, and pages visited for the purposes of improving both the navigation and marketing of the Web site.

    TDS - Diamondcs

    NO PRIVACY POLICY FOUND

    Privacy Software - BoClean, etc.

    Privacy Software Corporation does not obtain any personally-identifying information from visitors to our sites.
    We found this at several sites. We really don't know what they do with "site tracking stats" because the key phrase in this statement is "personally-identifying" information

    Pest Patrol

    Cookies
    PestPatrol, Inc currently uses cookies only to track the number of visitors coming into the site at different entry points. Cookies are not used to store personal information that you may provide at its web site.

    Log Files
    We use IP addresses to analyze trends, administer the site, track user's movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

    Tauscan

    NO SITE PRIVACY POLICY

    TrojanHunter

    NO SITE PRIVACY POLICY

    MooSoft - The Cleaner

    Cookies
    Some of our business partners use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies. Moosoft uses Burstnet banners which include information gathering.

    Log Files
    We use IP addresses to analyze trends, administer the site, track user’s movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

    SpyCop

    Who's Watching Me's Competitor

    We collect only the domain name, but not the e-mail address of visitors to our Web page, aggregate information on what pages consumers access or visit, information volunteered by the consumer such as survey information and/or site registrations and information from customers who purchase our software...

    Not implying that this was phrased this way on purpose, but you have to read that one VERY carefully, as two commas make the difference. Simply remove the phrase, "but not the e-mail address of visitors to our Web page," Obviously one could read that and think they DON'T do all the other. They do. The sentence wouldn't make sense about the information volunteered, etc. otherwise. So, they collect the same information as "Who's Watching me." They also include the following, which contains an "opt-out" option. In other words, if you don't keep checking their privacy page or email them about it upfront, the following applies:

    ...From time to time, we may use customer information for new, unanticipated uses not previously disclosed in our privacy notice

    Internet Content Rating Association ICRA

    Banner Advertising
    This site uses the services of Engage for the serving and/or targeting of ads, promotions and other marketing messages. To do this, Engage collects anonymous data typically through the use of cookies.
    You CAN go to the Engage site and opt-out, but otherwise, they're collecting user movements and data while on the site

    Yahoo

    Information Collection and Use Practices
    Yahoo! receives IP addresses from all users because this information is automatically reported by your browser each time you view a web page.
    Your IP address is also stored in our user registration databases when you register with Yahoo!.
    IP addresses may be used for various purposes, including to:
    Diagnose service or technology problems reported by our users or engineers that are associated with the IP addresses controlled by a specific web company or ISP.
    Send the most appropriate advertising based on geographic area or information derived from your IP address. Many IP addresses are commonly associated with Internet service providers, universities, or major corporations in specific regions or localities. This is interesting:Aggregate information derived from IP addresses may also be reported to advertisers.
    Estimate the total number of users visiting Yahoo! from specific countries or regions of the world.
    Assist merchants in Yahoo! Stores and Yahoo! Shopping to track visits to and business at their stores.
    When a Yahoo! web page is requested and viewed, that request is logged on our servers with information including the IP address of the computer that requested the page.



    CERT  (CERT/CC) is a center of Internet security expertise

    MONITORING NOTICE
    The use of this system may be monitored for computer security purposes.

    I think I will rest my case there. If CERT can monitor site usage with personally unidentifiable information, so can Who's Watching Me, SpyCop and anybody else. I would NEVER support a true privacy invasion as I am a pro-privacy advocate. Some would call me a hardline pro-privacy advocate. What Checkout said about WWM was not fair as they simply collect site usage stats like everyone else.

    Thanks again to my wife, Tracy (who had a day off!), who took a few hours along with me to do this research. The post from Unicron above said it very well. But these are the "Privacy Statements" in black and white.

    I hope Paul will reconsider a test using WWM. I think there was a misunderstanding with Checkout not realizing what the Trapware policy was actually saying. And that's okay. But I hope the above will help clear up any confusion about Trapware doing things others don't.

    John and Tracy in San Diego, CA
     
  15. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    That second comma makes all the difference in the world grammatically!!! One comma here would mean

    "but not the e-mail address of visitors to our Web page"

    was an  Essential Modifier, but the second comma makes the stuff inside the commas a non essential modifier (also called a nonrestricive modifier), and not essential to the meaning of the sentence.

    So you can read it like this:

    We collect only the domain name, aggregate information on what pages consumers access or visit, information volunteered by the consumer such as survey information and/or site registrations and information from customers who purchase our software [...] But not the e-mail address of visitors to our Web page.

    That's english grammer for you, sneaky eh? A lawyer must have defined that rule.

    Now I wonder if this was intentional?
     
  16. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Unicron:   To be honest I had some real questions about SpyCop's privacy statement and the way it was phrased. I just wanted to post them as they were and let everyone see that it's a common practice to collect the information. It was fascinating seeing how the various sites chose to phrase things. I find it ironic that the one that raised the eyebrows with me, as far as phrasing, was the competitor to WWM. My guess is that a quick read would make a huge percentage of people think they only record the domain name and that they DON'T collect any of the other. You are 100% correct about the non essential modifier. I wonder, as you do, but then again it could be perfectly innocent. Convenient, but innocent. The irony again is that Trapware and WWM was blasted for being TOO open and NOT pulling any punches, telling it just like it is. That's too bad. I've read enough of checkout though to know he will realize all of this and be fair.

    John
     
  17. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    'Tis a bright Dublin mornin' to be sure, to be sure, and coffee cup in my hand, I'm off to revisit Trapware.  I hope to discover something about WWM and find really good reasons for evaluating it.

    Home page:  a menu of sub pages
    • Products
      Well, product.  Detector, download, order, link to press pages, and link to FAQ.
      Detector:  what a detector (any detector) is (this one's Patent Pending, for some unexplained reason)
      Download:  well...
      Order:  as above...
      FAQ:  What it can't guarantee (virtually everything)
      Support page: User manual:  Says nothing about how the program works or why it might be better than its competitors.  It can be read in two minutes or less, because it only took me a minute - 60 seconds!
    • Press
      Trapware press, snooping programs, snooping articles, privacy links
      Trapware press: three articles. 1) interview with a trapware founder.  A quote from him.  No info about the product. 2) a link to a telecast magazine.  No mention of trapware.  What, I have to go grubbing about searching this site for Trapware mentions?  Not hardly.  3) Wes Austin says there are a lot of snoopers and he's got a program.  Wow.
      Excuse me, this is Press?
      Snooping programs:  a big list
      Snooping articles:  vague stuff about snooping
      Links:  reputable websites
    • Company
      Two vague paragraphs.  They want to be big names in privacy and security.  They aren't sure when their product development started, apparently
    • Legal
      They track visitors because they need to know something or other which they can give to third parties with some unstated restrictions.  Like, yeah, it's important to know that I['m interested in security, and By Jove, I came from Wilders!  Or from SFF.NET!  Pardon me?
    The upshot is, I know NOTHING WHATSOEVER about their product, and I've read EVERYTHING they have on their site.  I didn't find what I was looking for, which was a good reason to download their product.

    Yes, I've been sarcastic (and justifiably, IMHO) but I've not been unfair.  I particularly despise the fact that they're willing to pass profiling information to third parties.

    What?  What?

    Strange, SpyCop doesn't give info to third parties, authorised, restricted, or whatever.

    Why?  Bad day at the office, let's cancel all our users' licenses?  Yeah!  Make 'em pay again!  How much?  Good question - you can only find out by going to their "Order" page (handled by another company)!

    Back to the office - I've had enough of these crass amateurs.  No sale.
     
  18. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Checkout:   Again, all that you said can be said of any "Privacy Statement".

    As for some info going to third parties, again, they're just being honest. They use a third party to process credit cards as do many online software vendors. It is very thorough, responsible and honest. If a company uses third party order processing, it is impossible for them to not come into contact with your information.

    License termination? I have always had a big beef with this whole "licensing" business with software. But, some brain decided one day that commercial software wasn't actually SOLD to you, but merely LICENSED. I don't like it. In fact, I HATE it. However, to say WWM is doing something any different than anyone else here is false, they are not.

    As for the web site, I don't know what to say. As I said in an earlier post, judging web sites is so subjective. I've receive great software from one of my favorite sites Tiny Apps ( www.tinyapps.org ) a lot of it is just links to tiny app software, but I think all would agree that as for design, it leaves a lot to be desired. I don't think that has anything to do with whether or not a product is valuable.

    As for looking for reasons to download the program, you said a couple yourself. It seeks out and finds snooping programs. They even link to "the enemy" by having a page of links to those who market snooping software sites. It also told you how fast it works. From what I was told in an email, that is exactly the part that this guy wants a patent extended to him for. As for why it's a "patent pending" that's called bureaucracy in the United States Government. Your patent is "pending" until extented to you, which sometimes takes years (no kidding!) If you were looking for a reason to download, how about the claim that it finds snooping software and does it fast and gives you a 90-day free trial?  :)

    I saved this for last. As for the SpyCop Privacy statement. I already pointed out, and Unicron explained the grammatical rules used in a rather interesting way when phrasing their policy on collecting information. Well, it wasn't limited to just that, obviously. Because the SpyCop privacy agreement confused you as well on another point. Your quote below is wrong.

    Let's look at that SpyCop Privacy Agreement. It says, The information we collect is used to improve the content of our Web page and to notify consumers about updates to our Web site.  Information is not shared with other organizations for commercial purposes and information obtained from registered customers is only used to send information regarding product updates.

    Checkout, read that carefully and you will see your statement is wrong. The key word in this paragraph from SpyCop is commercial. I went to the SpyCop order page and see that they use RegNow for their order processing. ( http://www.regnow.com/  ) There is NO WAY to process your order for SpyCop and for this third party to NOT know personal information given when ordering the software from the SpyCop page. Again, who was honest and upfront? You got it, Trapware and WWM.

    Yes, SpyCop has received the bulk of the press attention. Do you know why? It's called Marketing and Public Relations. SpyCop obviously does it better. But are you going to fault Trapware and their product for lacking the same intensive marketing skills and/or dollars?

    Look at the trial versions you can download. Who only lets you check the first 200 files for snoopware? (like there's going to be snoopware in the first 200 files!) SpyCop. To call that an evaluation of how the software will perform is dubious at best. Who gives you a FULLY-FUNCTIONAL copy of their software for NINETY DAYS? Yep, Trapware and WWM. To me, that says more than any web page could ever say. WWM obviously has no concerns about your fully testing the program to see if it works. All you get with SpyCop. basically, is an opportunity to see the interface. SpyCop may work fine. I hear it's a good program. But I can assure you, as that is what this thread was originally about, WWM is just as good and does it incredibly faster. How? I don't know, but it does.

    Comparing the two pieces of software based on their Privacy Statements and their Trials, I think it is ironic that it is WWM that caught your wrath.

    Don't get me wrong, I think this has been a fascinating thread by getting off the original topic on to Privacy Statements. It's too bad it wasn't a thread of its own and possibly received more attention. It's something we all need to pay more attention to, that's for sure. However, I think it's now time to pick up where we left off with discussion of testing the two products.

    This whole snooping stuff is so relatively new to most consumers that a test of these products would be beneficial. I hope Paul decides that such a test deserves to be back on the wilders to-do list.


    From sunny San Diego, where my my cheapo thermometer says it's a beautiful 65 degrees already at 10:00. Just rubbing it in! (We love it here.)

    John
     
  19. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    John, I made no comparison between the products at all, nor could I, since I haven't tried either.  I have no wrath, either.  What I am saying is that I wouldn't comtemplate even trying a product from a company which makes three contradictory statements in a single, small paragraph, and generally leaves its terms and conditions so wide open they may make of them any interpretation they choose.  In other words, I have grave doubts their product can be worthwhile when they can't even make a halfway good job of their marketing.  I take this stance with many companies, in all walks of life.

    On the plus side for Trapware (as opposed to SpyCop) they appear to offer an unrestricted-use trial (SpyCopy limits to 200 randomly-chosen files).  On the negative side, SpyCop examines files, and TrapWare clearly doesn't (you can't examine thousands of files in 5 - 15 seconds).  That also factored in my decision not to trial Trapware.

    That's all.  No animosity - except to the extent I think they've insulted the intelligence of potential customers.
     
  20. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    https://grc.com/x/news.exe?cmd=article&group=grc.privacy&item=18713&utag= . Pete
     
  21. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Also this: https://grc.com/x/news.exe?cmd=article&group=grc.spyware&item=11068&utag= . Pete
     
  22. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Thanks, Pete.  An interesting - critical - point to note.
     
  23. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Hey, can we slow down the train? This isn't an US vs THEM kind of thing. Why "thank" Pete because he posted something critical of WWMo_O??  This isn't a Checkout Vs. John thing.  It is about something that can be settled with a TEST! We can go back and forth on this and I still would like to see a good, controlled test by wilders. Checkout, it's like you have a vendetta against WWM. I think SpyCop is a good program, but what if, JUST WHAT IF, another is better?

    Also, linking to critical statements at the GRC board doesn't do a thing. I will repeat, this is something that can be TESTED, why argue and insist and link to the point where we are thanking people for linking to posts that are critical of WWM? That seems silly to me.

    The link at GRC said SpyCop wrote and said that they  do "not go by filename. "  Nobody knows how WWM does its thing, but it works. I don't know if they go by filename or not and it doesn't matter. It can be tested.

    OK. I stopped writing this post for an hour and came back to it because I just did a few random tests. I just went to  http://www.keylogger.org/  where they rate keylogging programs. I downloaded PC Activity Monitor pro, Ghost Keylogger, and a couple of others from other sites, WinGuardian and Stealth 007. I installed them all, rebooted, and started the WWM program (with the new updates) and it found ALL OF THEM in exactly 3 minutes and 24 seconds. Not only found them, it told me the manufacturer and what it all it was monitoring with a LINK to the snoopware website! Now, Pete and checkout, don't ask ME how it could do it that fast. I simply haven't a clue.  But that's the result of my mini-mini test.

    I am going to leave this thread with this post. I think having defended the Trapware Privacy Statement in proving it's standard fare at all security web sites, and showing it's even BETTER than the cleverly worded statement at SpyCop is enough. It was interesting. But we're going around in circles about my original post until a REAL controlled test can be done. That's up to the owner of this forum and not any of us.

    At least we're talking about a topic that's important. This keylogging thing is becoming epidemic!

    John
     
  24. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi Guys,

    This is in essence a very interesting thread indeed; I would hate to see emotions taking over and turning it into a personal controversy. Nothing wrong in having different opinions and providing facts/arguments - possible personal dislikings: wrong track.

    As for testing: we will put it on our "to do list". Since that list is quite long, it might take a while though, so don't hold your breath.

    In the meanwhile,please continue the discussion if you feel inclined - with mutual respect.

    regards.

    paul
     
  25. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    John and Paul (and George and Ringo, if you're listening),

    Mutual respect is no problem.  John's happy with the product, and that's good news.  I personally won't go near it, and I've given my reasons why, but that's no reason we can't get along, and I'm sure we will.   :)
     
Loading...
Thread Status:
Not open for further replies.