Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

6/30/2009
04:01 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Court Rules That Zango Can't Sue Kaspersky Over Blocked 'Adware'

Kaspersky Lab, which classified online media company Zango's software as malware and "protected" users from it, is not liable for restricting user access

WOBURN, MA - June 30, 2009 " In a precedent-setting case for the Internet security industry, the 9th U.S. Circuit Court of Appeals ruled last week that Kaspersky Lab, a leading developer of Internet management solutions that protect against all forms of viruses, spyware, hackers and spam, is entitled to immunity under the safe harbor provision of the Communications Decency Act from a suit claiming that its software interfered with the use of downloadable programs by customers of Zango.

The court ruled that Kaspersky Lab, which classified online media company Zango's software as malware and "protected" users from it accordingly, could not be held liable for any actions it took to manufacture and distribute the technical means to restrict Zango software's access to others, as Kaspersky Lab deemed it "objectionable material."

Zango sued Kaspersky Lab to force the Company to reclassify Zango's programs as non-threatening and to prevent Kaspersky Lab's security software from blocking Zango's potentially undesirable programs. In the precedent-setting ruling for the anti-malware industry, the Court of Appeals for the Ninth Circuit affirmed a lower court ruling that Kaspersky Lab is a provider of an "interactive computer service" as defined in the Communications Decency Act of 1996. Part of the Communications Decency Act of 1996 states: "No provider or user of an interactive computer service shall be held liable on account of . . . any action taken to enable or make available to information content providers or others the technical means to restrict access to [objectionable] material."

According to the court, "Kaspersky contends that Zango's software is adware, and possibly spyware." "Spyware, which is often installed on a computer without the user's knowledge or consent, covertly monitors the user's activities and exposes the user to the risk that his or her passwords and confidential information may be stolen As its software qualifies, Kaspersky is entitled to Good Samaritan immunity."

The ruling protects a consumer's choice to determine what information and software is allowed on their computing systems, and protects the ability of anti-malware vendors to identify and label software programs that may be potentially unwanted and harmful to computer users. Kaspersky Lab's software is designed to do just that. Users can adjust the settings to allow certain programs of their choice to come through at all times.

Quote: Steve Orenberg, President, Kaspersky Lab Americas "Kaspersky Lab's corporate mission is and has always been to warn users and protect them from malicious programs that exist online. In support of that, we feel it's our responsibility to warn a user when we classify an application as malicious, thus giving the user the choice to stop the application or let it run. We are thrilled with the outcome of this case because it supports the key message of the information security industry -- consumer protection comes first and that a legal suit cannot force a vendor to classify a potentially malicious program in a certain way."

About Kaspersky Lab Kaspersky Lab is the world's largest privately-held Internet Security company, providing comprehensive protection against all forms of IT threats such as viruses, spyware, hackers and spam. The company's products provide in-depth defense at work, at home and on the road for home and mobile users, small and medium sized businesses and large enterprises, protecting more than 250 million systems around the globe. Kaspersky technology is also incorporated inside the products and services of approximately 100 of the industry's leading IT, networking, communications and applications solution vendors. For further information about the company, please visit www.kaspersky.com. For the latest in-depth information on security threat issues and trends, please visit www.viruslist.com. For the most up-to-date world security news, visit www.threatpost.com.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC,  12/5/2019
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "This is the last time we hire Game of Thrones Security"
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0242
PUBLISHED: 2019-12-09
mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
CVE-2015-3424
PUBLISHED: 2019-12-09
SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter.
CVE-2015-3425
PUBLISHED: 2019-12-09
Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cph_content$_uig_formState parameter.
CVE-2015-7892
PUBLISHED: 2019-12-09
Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.
CVE-2015-0841
PUBLISHED: 2019-12-09
Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8, allows remote attackers to cause a denial of service (crash) via a long line.