pdescobar
Moo, baby. Moo.
I just noticed the following Java thingy popping up on the forum pages:
This is what they say it is:
and this is what someone else says it is:
I must say, it makes me uneasy and I will be blocking imrworldwide.com or doing whatever else I need to keep this from running on my machine.
Code:
<!-- START RedSheriff Customer Intelligence V4 - Java v1.1 Revision: 1.8 -->
<!-- COPYRIGHT 2002 Red Sheriff Limited -->
<script language="JavaScript"><!--
var pCid="us_us-ugo_network-telefragged";
var w0=1;
var refR=escape(document.referrer);
if (refR.length>=252) refR=refR.substring(0,252)+"...";
//--></script>
<script language="JavaScript1.1"><!--
var w0=0;
//--></script>
<script language="JavaScript1.1" src="http://server-us.imrworldwide.com/a1.js">
</script>
<script language="JavaScript"><!--
if(w0){
var imgN='<img src="http://server-us.imrworldwide.com/cgi-bin/count?ref='+
refR+'&cid='+pCid+'" width=1 height=1>';
if(navigator.userAgent.indexOf('Mac')!=-1){document.write(imgN);
}else{
document.write('<applet code="Measure.class" '+
'codebase="http://server-us.imrworldwide.com/"'+'width=1 height=2>'+
'<param name="ref" value="'+refR+'">'+'<param name="cid" value="'+pCid+
'"><textflow>'+imgN+'</textflow></applet>');
}
}
document.write("<COMMENT>");
//-->
</script>
<noscript>
<img src="http://server-us.imrworldwide.com/cgi-bin/count?cid=us_us-ugo_network-telefragged" width=1 height=1>
</noscript>
</COMMENT>
<!-- END RedSheriff Customer Intelligence V4 -->
This is what they say it is:
From http://www.redsheriff.com/2.1.2.htm
The purpose of traditional server log file analysis is to monitor a server's performance, record unauthorized requests and provide information relevant to the server activity. Web server log files record files requested, IP addresses and successful downloads of files delivered from the server. Unfortunately, this system is fundamentally inaccurate for measuring user behavior as it cannot differentiate between page views coming through proxy servers, firewalls, browser caches, or even back and forward buttons.
RedSheriff has developed a more robust and accurate technology. When a web page is loaded into a browser, the instrumentation sends information to the front-end collection servers, which collect the data. This data is then passed directly to RedSheriff's back-end machines and managed via a centralized data operation. We keep track of every page view, every time, and our system ensures continuous results are made available to clients in a series of comprehensive reports
and this is what someone else says it is:
quoting http://www.cexx.org/sheriff.htm
Server-Side Spyware: Red Sheriff
Unlike most conventional spyware, imrworldwide.com's Red Sheriff is loaded as a Java applet embedded in a Web page you visit. Once loaded, it sends information about your Internet usage (how long the page took to load, how long you stayed, etc.) to the parent company, supposedly bypassing firewalls, cookie blockers and the like. A number of Internet Service Providers have begun including Red Sheriff on their start pages, which are programmed to load every time the user logs on to the Internet.
Currently, the Red Sheriff program is billed as a reporting tool to measure how visitors use a Web site, kind of like an access_log reader with some extra frills.
Previously, the Red Sheriff product page (cached) was more obscure about what kind of information was collected, suggesting access to surfing habits beyond the original Web site containing the Red Sheriff applet, and bragging of its ability to get past personal firewalls and cookie crunchers.
This applet, included with some ISP packages, causes severe slowdowns on some systems as reported in Gibson Research's grc.spyware newsgroup
I must say, it makes me uneasy and I will be blocking imrworldwide.com or doing whatever else I need to keep this from running on my machine.