Update: Universities grapple with SSL-busting spyware

IDG News Service - U.S. universities are struggling with a flare-up of dangerous spyware that can snoop on information encrypted using Secure Sockets Layer (SSL). Experts are warning that the stealthy software, called Marketscore, could be used to intercept a wide range of sensitive information, including passwords and health and financial data.
In recent weeks, IT departments at a number of universities issued warnings about problems caused by the Marketscore software, which promises to speed up Web browsing. The program, which routes all user traffic through its own network of servers, poses a real threat to user privacy, security experts agree.
Columbia University, Cornell University, Indiana University, the State University of New York (SUNY) at Albany and Pennsylvania State University are among those noting an increase in the number of systems running Marketscore software in recent weeks. Each institution warned its users about Marketscore and posted instructions for removing the software.
The software is bundled with iMesh peer-to-peer software, and may have made it onto university networks that way, said David Escalante, director of computer security at Boston College.
The company that makes the software, Marketscore Inc., has headquarters in Reston, Va., at the same mailing address as online behavior tracking company ComScore Networks Inc.
Comscore CEO Magid Abraham said that the Marketscore software is similar to other market research tools, in which subjects agree to give information in exchange for a gift or valuable service. In the case of Marketscore, the premium for sharing information is use of the acceleration software, he said.
Reports of infected systems on campuses ranged from a handful to as many as 200 on one large campus network, Escalante said.
Marketscore is the latest incarnation of a spyware program called Netsetter, which first appeared in January, said Sam Curry, vice president of eTrust Security Management at Computer Associates International Inc.
"Basically it takes all your Web traffic and forces it through its own proxy servers," he said.
The redirection speeds up Web surfing, because pages cached on Marketscore's servers load faster than they would if they were served directly from the actual Web servers for sites such as Google or Yahoo. However, those performance benefits have been elusive.

"People who have installed the software complain to us that they're not getting any improvement," Curry said.
Richard Smith, an independent software consultant in Boston, is also skeptical of performance improvement claims made by Marketscore and others, especially since many Internet service providers already offer Web caching for their dial-up customers, he said in an e-mail message.
But tests conducted

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.