Date:         Tue, 2 May 2000 23:14:25 +0000
Sender:       The Internet TourBus - A virtual tour of cyberspace
From:         Bob Rankin 
Subject:      TOURBUS - 02 May 2000 - Evil Spyware?
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
               TOURBUS Volume 5, Number 88 -- 02 May 2000
    _________ ____________ ________ __________ _____________ ___ _
   /         |            /        |          |             /   | \
  |        AT LAST, YOU CAN MAKE YOUR MOTHER HAPPY!        /    |  \
  |__________|__________/__________|__________|___________/_____|   \
 /                                                              |----|
|  Looking for a really special Mother's Day gift?  Try the     |////|
|  candies at Choose calissons      |////|
|  from Provence, nougat from Montelimar or papillotes from     |////|
|  Lyon. Or try the gift box with candies from 10 traditional   |////|
|  French confectioners.  Also available are French classics    |////|
|  like bouillabaisse, duck confit & snails, as well as hard    |////|
|  to find regional specialties like rillettes and tapenade.    |////|
|            --->  <---             |////|
       /   \  /   \                                             /   \
       \___/  \___/  T h e   I n t e r n e t   T o u r B u s    \___/
       FIVE YEARS of Searchable Archives at !!
            TODAY'S TOURBUS TOPIC: Evil Spyware? / Eudora Bug
It seems I really struck a nerve last week when I mentioned CuteFTP,
my favorite file transfer utility.  Is this free and useful program
really an Evil Spyware Thingy?  We'll also be discussing the "Stealth
Attachment" bug in the Eudora email program.  Are you vulnerable?
Find out in today's Tourbus!
  Now's the perfect time to get your Palm(tm) IIIe handheld Special
  Edition - the one with the cool clear case.  Pick one up at the
  Palm Online Store and you'll also get a 3-Pack of Colour Shades
  FREE. They're the perfect way to brighten up and protect your new
  Palm handheld.  For more on this exclusive offer,
+-----------  SAVE 75% on a Great MOTHER'S DAY GIFT!   ------------+
   Fruit Jel Candle w/fruit chunks just $6.99 for a limited time.
   I'm sure you've seen them in stores for as much as $24.95 but until
   our stock is gone they are just $6.99 at the World's Largest Candle
   Store! Our Daily Deal section has many items listed BELOW wholesale.
   We also offer a 100% money back guarantee on all of our products!
+------------------[ ]-------------------+
After last week's mention of CuteFTP, a whole bunch of readers wrote
to warn me of the evils of the Aureate ad-enabling software which is
embedded in CuteFTP.  Here's the scoop...
About a year ago, the concept of ad-supported software started to
become popular.  Instead of charging users for software, some
companies are placing advertising banners in the program and giving
the software away for free.
If you've ever used the free Juno email program, or ad banners on a
website, then you've seen the type of thing I'm describing.  You get
free software, and the advertisers get a little piece of your screen
while you're using the ad-enabled software.  Seems like a fair trade,
Most people would agree, but some recent ill-informed articles have
many people believing that CuteFTP contains malicious code that spies
on users and sends personal data back to the software vendor.  But
it's just not true.
The ad-serving software embedded in CuteFTP and about 400 other
programs is provided by a company called Aureate.  Back in February, a
false rumor (based on some unfinished research into the Aureate ad
software) began circulating on the Net.  And of course it spiraled out
of control, leading to reports that Aureate was "stealing data" and
sending inventories of the files stored on users' computers.
Further research by computer security experts has shown that these
charges are ABSOLUTELY FALSE.  The Aureate software is NOT evil
There are some legitimate gripes that have been raised by critics of
the Aureate software, namely that the ad-serving software is not
removed when the "host" program is uninstalled.  But there is no
evidence that the Aureate software is sending private data to Hacker
HQ or tracking users as they surf the net.
Aureate Software has issued a statement about these false rumors, and some
other excellent articles by CNET and InternetNews shed more light on the
situation.  Here are some links you may find helpful to learn more:  ,,12_324131,00.html  
Note: I provided that last address (Steve Gibson's OptOut page)
because it's referenced by some of those articles.  Personally, I
don't care for Gibson's style, and I disagree with some of his
conclusions, but you may find the information useful.
Bennett Haselton, software bug hunter and proprietor of,
has reported that a potentially serious security hole exists in all
versions of the Eudora email program.  In a nutshell, a malicious user
could send an email with a hyperlink that executes an attached program
instead of opening a website as expected.
Normally Eudora warns the user before running any executable files
sent in an email attachment.  But this exploit uses a trick involving
a Windows shortcut (.LNK file) to fool Eudora into running the
There are no reports that this security hole has been exploited by
Evil Hackers, but if you use any version of the Eudora email program
on a Windows PC, you really should understand this problem and take
corrective action to prevent the problem from affecting you.
The first link below is from a CNET article, and it describes a simple
patch that you can apply to your Eudora configuration file.  The
second link is from Bennett Haselton's site, which describes how the
exploit works in impressive technical detail.  
That's all for now, see you next time!  --Bob Rankin
The Internet Tourbus - U.S. Library of Congress ISSN #1094-2239
Copyright © Bob Rankin and Patrick Crispen - All rights reserved
=====================[ Tourbus Rider Information ]===================
   The Internet Tourbus - U.S. Library of Congress ISSN #1094-2238
     Copyright 1995-2000, Rankin & Crispen - All rights reserved
 Like Tourbus?  Recommend It!  You could Win $10K or a Sony DVD Player
 HELP the hungry, poor and sick - for free!
 Note : Put LISTSERV commands in the message BODY, not SUBJECT line.
 Tourbus Home: Archives, Free Stuff and More -

TOURBUS - 02 MAY 00 - Evil Spyware, viruses, hoaxes, urban legends, search engines, cookies, cool sites
TOURBUS Site Search