After several months of ongoing communication, CyberDefender has released a version of its flagship suite, CyberDefender Early Detection Center, that appears to address all of the issues that led us to labeling it badware. We have therefore archived the alert. Thanks to the company for keeping the lines of communication open.
Archives
- July 2010 (3)
- June 2010 (5)
- May 2010 (2)
- April 2010 (7)
- March 2010 (7)
- February 2010 (5)
- January 2010 (6)
- December 2009 (2)
- November 2009 (3)
- October 2009 (9)
- September 2009 (5)
- August 2009 (3)
Posted by Maxim Weinstein
Posted by Maxim Weinstein
[Update 4/17/09: This alert is no longer active. See this blog post for more information.]
Today we released a badware alert about CyberDefender Early Detection Center:
We find that the CyberDefender ‘Early Detection Center’ application is badware because it fails to disclose the principal and significant features of the bundled ‘MyIdentityDefender’ Internet Explorer toolbar, which monitors users’ web browsing behavior and transmits users’ URL history to CyberDefender, and which changes the user’s default search settings to display a CyberDefender branded, advertising predominated search engine. The software installer also does not disclose that the Early Detection Center application will request and receive updates via a peer-to-peer network, which may unexpectedly consume users’ computer or network resources. Once installed, CyberDefender Early Detection Center may exaggerate the threat of harm from certain kinds of ‘spyware infections’ in order to induce users to purchase a license for the software.
We have spoken with the software producers, CyberDefender Corp., and they have indicated that they are working to address our concerns in an upcoming release. They requested, and we provided, feedback on proposed new language for both the installer and the product itself.
CyberDefender Corp. also pointed out that the bundled MyIdentityToolbar currently holds TRUSTe certification as "Certified Tracking Software," and that the company is working to receive similar certification for its other products, including Early Detection Center. TRUSTe, which is not affiliated with StopBadware.org, is a for-profit entity that offers certification based on an application’s adherence to prescribed disclosure requirements. Certification does not guarantee compliance with the StopBadware.org guidelines, but there is significant overlap between our guidelines and the certification requirements.