| BAD OR UNDISCLOSED BEHAVIOR |
| Software Which Installs Deceptively (Guideline III.A) |
CyberDefender Early Detection Center does not disclose the principal and significant features of the bundled MyIdentityDefender toolbar. [Updated 2/6/2009]
|
| Software Which Makes Changes to Other Software (Guideline III.D) |
The MyIdentityDefender toolbar that is bundled with CyberDefender Early Detection Center changes the user's default search engine to one that is provided by CyberDefender, without first asking the user to consent to this change.
CyberDefender redirects unresolved URLs to this search engine even if the user later changes their default search provider to another search engine.
|
| Software Which Transmits Data To Unknown Parties (Guideline III.E) |
The MyIdentityDefender toolbar that is bundled with CyberDefender Early Detection Center transmits users' web browsing URL histories web searches to CyberDefender in a potentially personally identifiable manner. [Updated 2/6/2009]
CyberDefender Early Detection Center also fails to notify users at the time of installation that it will request and receive updates via a peer-to-peer network, which may unexpectedly consume computer resources. [Updated 2/6/2009]
|
| Software Which Interferes With The User’s Normal Computer Usage (Guideline III.F) |
CyberDefender Early Detection Center repeatedly notifies users with interruptive pop-ups that their computers are infected with spyware threats, even if the only threats identified are tracking cookies. Though such cookies are considered by the security industry to be a low-risk threat, the pop-ups do not make this distinction, and prompt users to purchase a registration key to rectify this exaggerated threat (i.e., to remove the tracking cookies).
The software also produces similar pop-up notifications to advertise CyberDefender's PC Support service. Users are not provided with the opportunity to consent to this advertising behavior.
|
| Recommendations |
| We recommend that CyberDefender makes the following changes: |
- Fully, accurately, clearly and conspicuously disclose the principal and significant features of the 'MyIdentityToolbar' that is bundled with Early Detection Center, at the time that Early Detection Center is installed, in accordance with StopBadware's disclosure and consent guidelines.
- Inform users in a clear and conspicuous manner at the time that the MyIdentityToolbar is installed that the software will report all URLs visited by the user to CyberDefender, in a potentially personally identifiable manner.
- Inform users in a clear and conspicuous manner at the time that MyIdentityToolbar is installed that the software will change the users' default search engine to one branded by CyberDefender, or do not change this setting without first requesting the user's consent.
- Inform users in a clear and conspicuous manner at the time of installation that the software will alter the computer's handling of unresolved URLs to redirect them to CyberDefender's search engine, even if the user has chosen a different default search engine.
- Inform users in a clear and conspicuous manner at the time that Early Detection Center is installed that the software will request and receive updates via a peer-to-peer network, which may unexpectedly consume computer and network resources.
- Inform users that the Early Detection Center will function as advertising software by displaying frequent pop-up notifications which promote other CyberDefender products or services.
- Cease to use repeated pop-ups and exaggerated threats to induce the user to purchase the software.
|
|
We currently recommend that users do not install CyberDefender Early Detection Center, unless users are comfortable with the behaviors we have identified or until the application is updated to be consistent with the recommendations made in this alert.
|
|
This alert represents StopBadware's findings during our initial testing period. Additional badware behaviors that were not initially detected may exist in the application.
|
|
|
|
