lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.44.0603081419530.19922-100000@bugsbunny.castlecops.com>
Date: Wed, 8 Mar 2006 14:32:10 -0500 (EST)
From: Paul Laudanski <zx@...tlecops.com>
To: bugtraq@...urityfocus.com
Cc: paul@...tlecops.com
Subject: Aluria/WhenU Troubled Past and Whitewashing History


I realize this may not be a bug report in the classic instance, but I do 
feel the community needs to be advised of what is going on with Aluria and 
their apparent WhenU delisting coverup.  We're all supposed to be in this 
security thing together, but the recent actions on Aluria's part leaves 
much to be desired.  Information and links are provided so you can 
determine for yourself what is really transpiring.  One thing is certain, 
this cannot be silenced.

The breaking news story on the whitewashing of Aluria certifying WhenU as 
spyware safe is here:

http://castlecops.com/article6549.html

At the moment, a discussion with Aluria's Rick Carlson is ensuing here:

http://www.spywarewarrior.com/viewtopic.php?p=116720#116720
 
Some take away items that Eric Howes has highlighed (of the Rogue 
Application list fame) wrt to Rick Carlson from Aluria:
 
* your continuing misrepresentations of the historical handling of WhenU by Aluria 
* Aluria's removal of key documents related to the WhenU relationship from its web site 
* your own refusal to squarely confront Robin's responses to you 
* your astroturfing of Download.com

This last comment speaks to catching Rick giving a thumbs up to his 
product (Aluria's software) at download.com without ever disclosing he's 
the product's vendor.

Some of the more recent references:
 
http://castlecops.com/article-6556-nested-0-0.html
http://castlecops.com/article6552.html
http://castlecops.com/article6550.html
3 pages: http://discuss.pcmag.com/forums/1004295499/ShowPost.aspx
http://www.dslreports.com/forum/remark,15599732
<http://www.digg.com/security/Anti-Spyware_Vendor_Erasing_History_with_Adware_Company>

 
However, the main discussion is continuing in the SWW thread above.
 
The point of this is to spread awareness of the issues surrounding 
Aluria/Earthlink at the moment, and their stupid decision to certify WhenU 
as spyware safe a couple years ago which caused a lot of press and bad 
publicity for Aluria.

America Online was partnered with Aluria at the time and made very clear 
they did not want any part of that Aluria/WhenU arrangement:

http://castlecops.com/article-5524-nested-0-0.html

At the time Aluria delisted WhenU, 20 questions were put forth in which 
they (including Rick) responded:

http://castlecops.com/article5618.html

Enjoy the reading.  Unfortunately, the SWW thread Rick seems to be dancing 
and skirting the foundational questions at hand wrt the WhenU history 
deletion.

-- 
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ