It’s (one of) every IT manager’s nightmare: thousands of users, downloading and installing a seemingly innocent add-on program, in this case one offering to speed up their Internet experience. However, in reality, the program has the ability to compromise the most sensitive of user information, including passwords and more.
This is the situation across the country, with universities being particularly hard hit, although certainly not the only ones whose user’s data may be being compromised by a program called “MarketScore”.
Offering a “free Internet accelerator and email virus scanning”, MarketShare promises to speed up web browsing. Because it has been bundled with iMesh, a peer-to-peer program, it has found its way onto the computer systems of countless university students, with whom peer-to-peer software is extremely popular (although of course others are using it as well).
The problem is that MarketShare accomplishes these tasks, to the extent that it does (users have complained about not receiving any appreciable benefit) by routing all user traffic through its own servers. This, says experts, constitutes a serious compromise of user data, as it allows MarketShare the potential to monitor such sensitive information as passwords, credit card numbers and other financial information, and even medical data.
Ostensibly MarketShare does this routing because it can, in theory, serve up webpages much faster if they are cached on their own servers; after it has been cached by the first visit, subsequent surfers visiting the same page would be able to access the version cached on MarketShare’s servers.
|Get notified of new Internet Patrol articles for free!
|Or Read Internet Patrol Articles Right in Your Inbox!
as Soon as They are Published! Only $1 a Month!
Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
Part of its process – the most problematic part of its process – is that MarketShare creates its own certificate of authority on the user’s system, and then intercepts the user’s web traffic which has been secured with SSL, decrypts it, and then sends it to the MarketShare servers bare and unencrypted. It re-encrypts it only after it has already arrived at their server, prior to sending the traffic on to its final destination.
Put in plain English, imagine if you are sitting at your computer, you log into your bank’s web site, send your password, and then enter the account number of the checking account you wish to access. If you are using MarketShare, the story goes, your password and checking account number will be decrypted before it leaves your machine, and sent in the clear to the MarketShare servers – unencrypted – and only after it has already arrived in MarketShare territory will it be re-encrypted. Not only does MarketShare now have access to that information, but it’s quite possible that so does anyone who might be sniffing around between your computer and MarketShare’s.
Said David Escalante, Director of Computer Security for Boston College, one of the affected universities, “I don’t know how good it is for parties at either end of a transaction to have a third party listening in.”
Well Aunty does. It’s no good at all!
You can read more about this at Computer Weekly
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!
|Get notified of new Internet Patrol articles!