Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »

CIO Executive Council

A Peer-Advisory Service and Professional Association for CIOs

Webcast: In the Google Apps Cloud: How to Achieve Your Business Objectives

Dec 3rd, '09, 1 - 2 pm US/Eastern (GMT-5)

Join Council member Brent Hoag, Director, Global IT, at JohnsonDiversey, as he discusses the adoption of Google Apps which has helped meet four corporate goals; sustainability, simplification, increased employee productivity and global collaboration.

Webcast: Collaboration Initiatives: Benchmarks & Best Practices

Dec 15th, '09, 4 - 5 pm US/Eastern (GMT-5)

Join Council members Ruth Thorpe, VP & CIO at the U.S. Pharmaceutical Operations of Sanofi-Aventis, and Gary Kuyper, CIO at Bethany Christian Services, as they speak about their collaboration initiatives and experiences in how and why they chose the social networking and collaboration tools they are using and their business goals for collaboration, and facing culture change challenges.

Data Overview: Collaboration Initiatives Field Guide: Benchmarks & Best Practices

This appendix to the Council Field Guide provides an analysis which discusses benchmarks for collaboration IT implementation costs, adoption rates and payoffs. The overview identifies top IT and business goals and satisfaction rates for collaboration initiatives as well as best practices and lessons learned for implementing collaboration IT.

More / Register »

Learn more about the CIO Executive Council »

RESOURCE CENTER

buy a link »

News Feature

Microsoft Gives 'Adware' Distributor MVP Status

Microsoft has come under fire for naming the developer of a program that can install adware on users’ PCs as ...

Leave a comment

October 06, 2006 — CIO —

Microsoft has come under fire for naming the developer of a program that can install adware on users’ PCs as one of its Most Valued Professionals.

MVPs are people with deep knowledge of Microsoft products who volunteer to answer technical questions for other users or contribute to its software in significant ways. It’s a prestigious recognition, with only about 2,600 MVPs worldwide.

Microsoft recently added Cyril Paciullo to its MVP list. He’s the developer of Messenger Plus, a free plug-in that adds some handy features to Microsoft’s Windows Messenger program, like the ability to stack several chat windows together and access them via tabs.

But security experts say his software is also a distribution vehicle for Lop, which they describe as a nasty adware program.

"Bottom line is, Microsoft are rewarding someone that has an active involvement with one of the most maligned names in PC hijacking," said Christopher Boyd, a Microsoft Security MVP who’s also director of malware research for FaceTime Security Labs. "If that isn’t booberific, I don’t know what is," he wrote in his blog.

Lop is a family of adware programs that will, among other things, generate pop-up advertisements and install misleading icons on a user’s desktop, according to Sunbelt Software, a security company that also noted Paciullo’s MVP award with interest.

Messenger Plus does provide users with the option not to install its accompanying "sponsor program." But Pacuillo’s involvement with adware makes his MVP appointment questionable and also devalues the program, critics said.

"Yeah, it now gives you an option as to whether you want to install it or not—but that’s hardly the point, is it?" Boyd wrote in his blog.

"Note that he does give the option to infect your machine (and quite politely, at that). But it’s still Lop," Sunbelt Software said.

Paciullo, who goes by the alias Patchou, could not be reached for comment on Friday. He says in a frequently asked questions section on his website that the sponsor program is not dangerous and can be uninstalled easily. He acknowledges that some adware programs flag his software, but says that’s because they can’t distinguish between "a clean adware solution and nasty spyware."

Microsoft also did not immediately comment. Its own malware-protection engine flags Messenger Plus as a threat, according to Boyd.

Paciullo is not new to criticism. His software has been a target for another Microsoft Security MVP, Sandi Hardmeier, who runs a blog called Spyware Sucks.

Paciullo has made some changes to Messenger Plus in response to Hardmeier’s criticisms, Hardmeier wrote in her blog. Version 3.63, introduced in April, no longer installs a toolbar and resets the browser homepage, she said. But it does generate pop-up windows that try to install Active X controls on a PC, she said, including one that’s known to use rootkits, making it still "malware" in her book.