Unlike most conventional spyware,
imrworldwide.com's Red Sheriff is loaded as a Java applet embedded in a Web
page you visit. Once loaded, it sends information about your Internet usage
(how long the page took to load, how long you stayed, etc.) to the parent
company, supposedly bypassing firewalls, cookie blockers and the like. A
number of Internet Service Providers have begun including Red Sheriff on
their start pages, which are programmed to load every time the user logs
on to the Internet.
Currently, the Red Sheriff program is billed as a reporting tool to measure
visitors use a Web site, kind of like an access_log reader with some
Previously, the Red Sheriff
(cached) was more obscure about what kind of information was collected,
suggesting access to surfing habits beyond the original Web site containing
the Red Sheriff applet, and bragging of its ability to get past personal
firewalls and cookie crunchers.
This applet, included with some ISP packages, causes severe slowdowns on some systems as reported in
Gibson Research's grc.spyware
The most obvious (if not user-friendly) solution is to disable Java in your web browser.
users can use this filter to eliminate the Red
Sheriff from their surfing. (Updated 11/17/02 to detect the latest version of Sheriff.)
users of Sheriff:
Bigpond/Telstra Internet Services
Peakhour (http://www.peakhour.com.au/, http://www.peakhour.net.au/ http://www.peakhour.com/)
"All trademarks are hereby acknowledged as the property of their respective owners." So don't even THINK about suing me :)