As Originally Reported by the NEW YORK TIMES 06/30/05:

BREAKING NEWS:

MICROSOFT PLANS TO BUY THE WORLD'S LARGEST SPYWARE COMPANY IN
AN ATTEMPT TO SPAM 40 MILLION+ COMPUTER USERS WITH MICROSOFT ADS

----- ---- --- -- -  -

By Ray Everett-Church / eSecurityPLANET
July 18, 2005

Ray Everett-Church is a principal with PrivacyClue LLC, a
privacy consultancy. He is a founder of CAUCE, an anti-spam
advocacy group, and he is co-author of ''Internet Privacy for
Dummies.''

----- ---- --- -- -  -

It's been a bad month for Microsoft's efforts to promote their
visions of trustworthiness and authentication in Internet
commerce.

Just as the ground began to crumble beneath Microsoft's "Sender
ID" email authentication proposal, it was discovered that the
Redmond, Wa.-based software giant was considering acquiring
Claria, one of the world's most notorious adware and spyware
companies.

Let's look first at the email authentication wars. As I've
discussed previously, the battle over email authentication has
been raging for several years. Among the many proposals being
considered by the email industry and Internet standards community
is Microsoft's Sender ID and its closely related cousin, the
"Sender Permitted From" or SPF standard.

Both SPF and Sender ID use text records entered into a domain's
DNS entry that define what IP addresses should be permitted to
send email for that domain. These definitions embedded in the
sender's DNS records are then queried and parsed by the receiving
server to determine whether to accept or reject a particular piece
of email.

As I reported back in October, Microsoft's Sender ID proposal
became the subject of much scorn when it was discovered that, at
the same time they were promoting Sender ID as a global standard,
they were trying to patent the technology surrounding Sender ID.

In the intervening months, numerous major service providers
participating in the Messaging Anti-Abuse Working Group, an
industry consortium that is promoting the development of new email
authentication standards, have continued to test Sender ID. Their
recently released findings are not good news for Microsoft.

According to the technical committee's white paper :

"At best, SPF and Sender ID are comparable to a license plate
 issued by a foreign country: they show that the vehicle is
 permitted to drive in that country, but make no indication as to
 whether that country's regulations are similar to yours - and we
 can only assume that the driver inside is permitted to use that
 vehicle."

But the committee went on to explain that along with these dubious
benefits, there were some significant downsides to implementing
Sender ID.


These include:

* Forwarded or re-sent mail will fail authentication without
  changing email systems to re-write return addresses and add new
  headers;

* Those sites publishing authentication records must ensure that
  their records permit mail from all possible points of origination
  or risk having legitimate email mislabeled as spam;

* This method of authentication does not provide protection against
  forgery of the most common user-visible mail headers;

* Receivers must be aware that performing some checks in accordance
  with Sender ID and SPF may yield inaccurate authentication
  results due to misinterpretation of the Sender's authorization.,
  and

* If your operation provides email services to roaming users, you
  may need to forge or add certain headers in order to ensure
  successful authentication.


As a result, several major service providers have removed their
Sender ID and SPF statements from their DNS records in order to
avoid potential confusion and lost email.

But just as the industry is backing away from Sender ID, Microsoft
rekindled fears of monopolistic bullying tactics by unilaterally
declaring that all email sent to MSN and Hotmail would be scanned
for Sender ID compliance. Resistance is futile. If your company's
email doesn't pass a patent-pending Sender ID check, it might be
labeled as spam and consigned to the dreaded Spam folder.

Just as the world was trying to digest what Microsoft was
attempting to shove down its collective throat, word leaked out
that Microsoft was in talks to buy Claria, formerly known as Gator
-- one of the world's most notorious peddlers of spyware and adware
-- which I will call malware hereafter for the sake of brevity.

According to several news reports, Microsoft has been eager to
compete in the online advertising markets dominated by companies
like Yahoo and Google. Experts suggest that buying Claria would
give Microsoft a jumpstart in the market because of Claria
advertising network consisting of more than 40 million souls who
receive Claria annoying pop-up ads.

As one commentator wrote, this move "underscores just how eager
Microsoft is to catch up with Google, the search and advertising
giant."

Eager? How about desperate?

In my opinion, picking up Claria for its advertising network is
like buying a former nuclear bomb testing site because the lack of
anything standing gives you such great views in all directions.
Just don't touch anything, ignore the three-headed rabbits
populating the poisoned ground, and you'll be fine.

There are plenty of other ad networks out there, most of which got
to be successful without engaging in deceptive, unfair, and
lawsuit-provoking activities.

Some might say Microsoft and Claria have been unwittingly working
together for a long time. Claria advertising reach is directly tied
to its years of distributing malware and long history of its paid
"affiliates" taking advantage of security holes in Microsoft's
operating system to install the software surreptitiously and without
end-users permission.

In its defense, Claria claims to be migrating its business model to
one focused on more legitimate forms of business. But like the Gotti
family and their garbage hauling business, I have a feeling that it
is going to take them some time to stop living off their other gigs.

More recent reports suggest that an acquisition of Claria is never
going to happen because Claria reputation is too tarnished for even
Microsoft's tastes. But that didn't stop Microsoft from giving Claria
a pre-engagement gift just last week -- downgraded threat rating in
Microsoft's anti-spyware utility!


According to Eric Howes of SpywareWarrior.com:

"Several sources have now confirmed that Microsoft downgraded its
 detections of Claria's adware products in the latest update (#5731)
 to Microsoft AntiSpyware released today. Where Microsoft AntiSpyware
 used to detect Claria's products and present users with a Recommended
 Action of 'Quarantine, following today's update Microsoft AntiSpyware
 now presents users with a Recommended Action of 'Ignore[.] Users can
 still change the action to "Quarantine" or "Remove."

In the end, though, this is nothing new. As I've noted before , other
security software makers have gone soft on malware. Microsoft's is only
the most recent, and to my way of thinking, the most unprincipled and
morally corrupt.

So the next time you hear pronouncements from Microsoft about their
efforts to make your computing experiences safer and more secure, a
deeper look may suggest that Microsoft's effort to be part of the
solution includes taking a bigger stake in the problem.