Pop-up purveyor fights FTC

A software start-up is fighting a court order that shut it down after it exploited a flaw in Windows Messenger service to send pop-up advertisements.

Stefanie Olsen Staff writer, CNET News
Stefanie Olsen covers technology and science.
Stefanie Olsen
3 min read
A software start-up is fighting back after it was shut down by a federal court for exploiting a flaw in Windows Messenger service to send pop-up advertisements.

Last month, the Federal Trade Commission obtained an order from a U.S. district court in Maryland to shut down software maker D Squared Solutions, run by Anish Dhingra and Jeffrey Davis, college students at the University of California at San Diego. The order barred the two from sending pop-up ads to PC users through a security hole in Windows Messenger service.

D Squared and its attorney, Anthony Bain, filed a motion in opposition to the order last week. A hearing is scheduled for Monday, during which the FTC is expected to try to show justifiable cause to continue the injunction.

"There's no law that says annoying advertising is illegal. It's just a cost of doing business in our society," Bain said on Wednesday.

The FTC declined to comment on the pending litigation.

D Squared, based in San Diego, sells software that helps people block pop-up advertisements while they're surfing the Web. To promote the software, the company took advantage of a loophole in Windows Messenger service. The Windows feature (not to be confused with Microsoft's instant-messaging service) is designed to let network administrators notify users about critical maintenance--about when servers are about to go down, for example.

However, D Squared used the feature to send pop-up ads promoting its software. The ads, which are sent as frequently as every 10 minutes, appear on top of all other windows on the desktop, even if the computer is not connected to the Internet. The Messenger service vulnerability affects Windows 95, 98, NT, 2000 and XP.

D Squared licenses software that uses this method to deliver pop-up ads to third parties, according to the FTC. D Squared says the program lets buyers send pop-ups to 135,000 Internet addresses per hour.

The FTC claims that D Squared used unfair business practices, calling the operation a "classic scam," which essentially created a problem it hoped to solve for a fee. "Their pop-up spam wasted computer users' time and caused them needless frustration," said a statement from Howard Beales, director of the FTC's Bureau of Consumer Protection.

But Dain, the attorney for D Squared, argues that its practices are perfectly legal.

Dain, a partner at San Diego-based law firm Procopio Cory, said that the Windows vulnerability can be exploited by hackers who want to take over PCs for malicious purposes, and D Squared's software aims to help consumers fend off such attacks and other pop-ups sent via the Web. "The very people complaining of this software are the very people who need it most," he said.

"While the pop-ups may be annoying, the government has no right to say, 'We're going to stop this form of advertising.' It's like saying flu shots are an annoyance--but those flu shots will stop you from getting sick," he added.

The FTC has urged consumers to change a default setting on their Windows operating system to block the feature that allows spontaneous messages.

Microsoft recently alerted customers to the security hole in Windows. AOL has also made technical changes to its Internet service to stop the flaw from affecting its subscribers.