Symantec Begins Cutting Ties to Researchware

The security vendor is ending its relationship with ComScore, an adware/spyware vendor that entices users with the offer of free e-mail anti-virus scans.

Anti-virus vendor Symantec is ending its relationship with online market research company ComScore, which makes the "Marketscore" spyware program.

Symantec Corp., of Cupertino, Calif., is in the process of severing its e-mail scanning services from ComScore Networks Inc.s online behavior-tracking programs, according to Genevieve Haldeman, a Symantec spokesperson.

The relationship had raised the eyebrows of anti-spyware activists critical of ComScores programs, which capture and store information from online sessions, including encrypted traffic from sensitive online transactions.

Marketscore, also known as OpinionSquare, NetSetter and JDCouncil, is a Web proxy agent that directs all Web traffic from computers it is installed on through servers operated by ComScore, before forwarding the traffic along to its final destination.

ComScore collects data from insecure browsing sessions and encrypted sessions, possibly including online shopping baskets, banking sessions or interactions containing health information, according to disclosures in the Marketscore privacy statement.

As recently as 2004, ComScore, of Reston, Va., advertised the program as a free "Web accelerator" that would speed Web surfing by channeling traffic through ComScores infrastructure. Critics questioned that claim.

"I couldnt confirm any improvements in my tests," wrote anti-spyware activist and Harvard Law School student Ben Edelman.

Beginning in late 2004, ComScore ditched the "faster surfing" claim and began enticing users to install the program by offering free e-mail virus scanning "powered by Symantec," with its Web proxy. In exchange for free e-mail virus scans, Marketscore routes e-mail traffic through ComScore servers where they are scanned and forwarded along to the users inbox, according to the Marketscore privacy statement.

Symantec has had its scan engine technology bundled with ComScores technology since 2001, despite the fact that Symantecs labs labeled Marketscore "spyware" and warned users about "security risks" from having Internet connections routed through the Marketscore proxy.

"[Symantec was] working with them as a service provider similar to other service provider efforts we have," Haldeman wrote.

But the relationship was troubling to IT administrators like David Escalante, director of computer policy and security at Boston College.

"As purchasers, we hear continual rumors about the major anti-virus and anti-spyware companies being less than thorough because of legal threats from or business relationships with spyware companies," Escalante said.

Those rumors have delayed Boston Colleges decision to purchase a comprehensive anti-spyware package, he said.

Meanwhile, Symantec isnt sure when its scanning engine will finally be separated from ComScores systems, Haldeman said.

Updates to the Web site late last year removed references to Symantec. The Web site now says only that the anti-virus scanning is done by "an award-winning market leader in anti-virus technology."

ComScore, which is a leading provider of data on consumers online behavior, has consistently and strongly denied that its programs are spyware, even floating the term "researchware" to try to distinguish Marketscore and programs like Nielsens NetRatings from more nefarious spyware and adware programs.

/zimages/5/28571.gifClick here to read about Microsofts beta test of its "AntiSpyware."

Unlike spyware and many adware programs, ComScores programs make no effort to disguise their presence on users machines, said Chris Lin, chief privacy officer at ComScore Networks.

"The Marketscore application continues to be prominently listed on users [Windows] Add/Remove programs list so special scans are unnecessary to find [or remove] our software," he said.

Experts like Edelman concede that ComScore discloses what the Marketscore program does prior to installation. However, he and others say the program circumvents other organizations Web site security by acting as a "man in the middle" that intercepts, decrypts, tracks and analyzes users behavior.

"That means theres a huge amount of extremely sensitive information passing through Marketscore servers—passwords, PIN numbers, account balances, and on and on," Edelman said.

Recent security breaches and data thefts at companies that aggregate data, such as LexisNexis Seisint division and ChoicePoint Asset Co. should be worrisome for individuals who have their data on ComScores servers, he said.

Lin said that ComScore is winding down its Marketscore promotions and no longer accepting new members to the program. The virus-scanning feature has recently been adopted by major ISPs, reducing the "value proposition" of installing Marketscore, he said.

"Good riddance," said Boston Colleges Escalante. He and other IT administrators at colleges and universities across the United States continue to battle installations of Marketscore and its cousins, he said.

At universities, the programs are typically found on residential networks of student machines, but also make their way onto areas of campus networks that handle sensitive data, such as scientific research, he said.

Haldeman of Symantec declined to elaborate on the reasons behind the companys decision to break off its business relationship with ComScore. However, the anti-virus company has recently been more muscular in its anti-spyware efforts.

On June 7, Symantec announced that it had filed suit in federal court against adware vendor Inc. The suit asks the court for a declaratory judgment that affirms Symantecs right to call Hotbars programs adware and treat them as security risks.

/zimages/5/28571.gifRead more here about Symantecs battle for permission to label Hotbar Inc.s products spyware.

Escalante welcomed Symantecs more assertive posture against spyware and adware vendors. "If Symantec is moving toward a stance thats more pro-customer, thats terrific news," he said.

/zimages/5/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.