Month: May 2006

PaperGhost chats with a botnetter.

Pg : Ok cool. what method of payments are available?

Support (02:33 PM) : wire, webmoney,egold, western union

Pg : k. lets talk risk – do you actually own these servers, or are they hacked boxes?

Support (02:36 PM) : no they are legally bought servers. we dont mess around with hacked boxes. we have our own datacenter setup – what contents are u planning to host? let me tell u scam is not allowed.

One of my favorites:

Pg: Well, first we have exploits that compromise servers, then inject packets that redirect the end user to our exploit page, which installs adware, trojans etc – at this point we install RADmin server tools to gain control, then download and install our own version of bittorrent….at that point, we start shovelling pirated movies onto the PCs, all kinds of dodgy content, then we “contact” the box owners and threaten to “expose” them to the police etc unless they pay us money each month to keep quiet about it

Support (02:42 PM) : LOL. thats nasty and dirty but i love it. thats so bitchy….but here is the solution i got. i have a nasty datacenter in korea…good bandwidth

Link here.

It’s a really good read. 

Alex Eckelberry

Botmaster gets almost 5 years prison…

Sealing the first prosecution of its kind, US federal Judge Gary Klausner in Los Angeles sentenced “botmaster” Jeanson Ancheta, 20, to 57 months in jail for taking control of an array of computers he had corralled into his “Botnet.”

Link here.

Alex Eckelberry
(Hat tip to Ferg)

And, of course, we recommend you always use Microsoft Update instead of Windows Update.

 

How to restore the system/boot drive letter
Occasionally, if you make a change to the hardware/disk drive configuration, your drive letters may get changed so that the letter that was previously assigned to your system/boot drives (for example, c:) is no longer the same. These instructions assume your C: drive was changed to D: and tell you how to change it back to C: Before you begin, you should back up your data and the system state, and you must be logged on as an administrator. First you may need to change Permissions:

1. Start Regedt32 and navigate to the following key: HKEY_LOCAL_MACHINESYSTEMMountedDevices
2. Click MountedDevices and then click the Security menu.
3. Select Permissions.
4. Give Administrators Full Control permissions.
5. Close Regedt32.

Next you can rename the drives:

1. Start Regedit (you cannot use Regedt32) and navigate to the following key: HKEY_LOCAL_MACHINESYSTEMMountedDevices
2. Find the entry for the original drive letter (in this case, DosDevicesC:)
3. Right click it and select Rename.
4. Rename to a letter that’s not being used, such as DosDevicesZ:
5. Now find the entry for the changed drive letter (in this case, DosDevicesD:)
6. Right click it and select Rename.
7. Rename it to the original (DosDevicesC:)
8. Right click DosDevicesZ: and rename it to DosDevicesD:
9. Close Regedit.

Finally, change the Permissions back:

1. Follow Steps 1-3 in the first set of instructions.
2. Set Administrators back to Read Only.
3. Close Regedt32.

Note: you should use this procedure only if your drive letters were changed from the letter used when you installed XP. Don’t change the letter of the system/boot drive otherwise.

How to manage groups in the XP address book
You can use the address book in Windows XP to store contact information that can be utilized by Outlook, Outlook Express, IE, NetMeeting and other Microsoft applications. For a tutorial on how to create and manage groups of names in the address book, see KB article 308668 here.

IE displays a blank white page
You opened a new window in Internet Explorer 6, or click an HTML link to open a new window in IE, and all you get is a blank white page. What’s up with that? If you try to do a search on the page, you’ll see an error message that says “Error 49: Interface not registered.” That’s a clue that your problem is unregistered or incorrectly registered DLL files related to Internet Explorer. Luckily you can usually fix the problem by registering the relevant files. To find out how to do so, see KB article 902932 here.

Explorer.exe quits when you try to search for a file
If you try to search for a file in Windows XP and the Explorer.exe process suddenly quits, causing the taskbar to disappear for a moment and the desktop to be redrawn, it just may be that you installed the Windows 2000 Resource Kit on your XP computer and this copied the Rkadmin.dll file to the System32 folder. If that’s the case, you can workaround the problem by uninstalling the Resource Kit. For more info on this problem, see KB article 900004 here.

Deb Shinder

There has been a lot of talk lately about the concept of network neutrality, and there are bills in Congress to force the issue, but most Internet users don’t even know what it means, much less whether or not the government should mandate it. It’s an issue, though, that can affect all of us who use the ‘Net, in several different ways – especially when the government starts getting into the act.

Network neutrality, in its original meaning, refers to non-discrimination. In other words, a network such as the one run by your ISP treats all types of traffic the same way. One type (whether a specific protocol such as VoIP or content from a specific provider such as Microsoft or email from specific addresses) doesn’t get priority over any other type.

It doesn’t help that different sources are using the term to refer to slightly different things. Some articles seem to equate it with monopoly/anti-competitive issues: that is, consumer and content provider choice as to Internet provider. This certainly is a problem for many Internet users outside the major urban areas. In many locations, consumers may have only one realistic option if they want broadband Internet service.

Those whose cable companies don’t offer Internet service and who are too far away from the phone company central office to get DSL (or whose COs have been upgraded to the equipment required to support DSL) have one choice left: satellite. Although it costs more than cable/DSL and is slower, along with suffering from latency problems that make it impractical for certain applications such as real-time gaming, it can be installed most anywhere that you have a view of the southern sky.

As you get closer to urban hubs, you often have additional options, mostly commonly cable Internet and/or DSL. Some of us are really lucky and live in areas where Verizon has laid fiber and offers their ultra high speed (up to 30 Mbps) FiOS service, and others live in places served by wireless Internet providers or in one of the few places where you can get Internet over power lines. So it’s possible (but rare) to have five or six broadband options. Most have from one to three and many rural users are stuck with zero, having to rely on slow dialup or expensive T-1.

So how is this matter of choice related to network neutrality? The worry is that ISPs such as your cable company or phone company and services such as AOL can use technology called Quality of Service (QoS) to give some of the data that passes over their networks priority. Corporate networks have been doing this for years. Packets generated by mission-critical applications can be given preference over less important traffic.

This could be a money-maker for service providers because they can strike deals with content providers to ensure that those content providers’ data gets delivered more quickly than that of other content providers who don’t pay the fees for this priority attention. For example, Verizon could contract with Google to give their search services priority over Yahoo’s or MSN’s search. This would make Google more attractive than its competitors to those who use Verizon as their ISP, because it would be faster. In addition, the money that Verizon got from Google could be used to keep their prices for Internet service lower than those of an ISP that doesn’t engage in such contracts.

Does such a contract amount to discrimination? Sure it does. The question is whether the government has the right (or duty) to prohibit a private sector company from discriminating. We have laws that prohibit private employers from discriminating in hiring decisions, if the discrimination is based on race, gender, age, disability and so forth. On the other hand, the mandate for “employment neutrality” is not absolute. There is no prohibition on an employer discriminating against people who don’t have college degrees, or people who have no job experience.

In fact, the word “discrimination” has come to have a negative connotation because of its association with racial prejudice, but the original meaning of the word “discriminate” is “to exercise judgment or selection based on differences.” A world where no one discriminated would be a chaotic one; every time we make a choice we practice discrimination.

Hiring aside, companies are allowed to discriminate in making most business decisions. The practice of making discriminatory deals with other companies is commonplace in the business world. Should McDonald’s be allowed to make a deal with Coca Cola to sell Cokes instead of Pepsis in their restaurants? Or should the government require that they provide “equal access” to all brands of cola?

On the other hand, traditionally public services have been held to different standards regarding discrimination than is true for a business like McDonald’s. While ISPs are private businesses, the Internet is considered a public network and is often likened to the public highways. Those in favor of laws mandating network neutrality argue that allowing ISPs to create a deal with a content provider giving its content bandwidth priority is like the highway department striking a deal with a car manufacturer giving its brand of vehicles a special fast lane on the road.

Critics of these laws counter that the highways are funded by the taxpayers, not by a company like AT&T, Verizon or Comcast, and these companies will not continue to put their money into making the networks better if they aren’t allowed to maximize their revenue streams. The response to that is that much of the original Internet infrastructure was built with tax dollars before commercial concerns took it over. And the debate goes back and forth, with both sides making a lot of valid, logical points.

What does it mean to you as an ISP customer and user of the Internet? If ISPs are allowed to make discriminatory deals, at the extreme they could actually block the web sites that compete with their partners. That is, in our example of Verizon making a deal with Google, they could prevent Verizon customers from accessing the Yahoo or MSN search sites. This is not what any ISP is proposing to do at this time, but it’s certainly technologically possible.

Discrimination also means your ISP can not just certain web sites, but types of Internet packets. If your Internet provider is also your phone company, they could block you from using Voice over IP (VoIP), which allows you to make free long distance calls over the Internet so you’d have to use your regular phone service and pay long distance charges. Likewise, if your ISP is a cable company, they could block you from watching TV over IP, forcing you to get your TV content via their cable TV services instead.

In 2004, the Chairman of the FCC devised the “principles of network freedom” that stated consumers are entitled to access lawful Internet content of their choice, to run applications and services of their choice, to connect any legal devices of their choice so long as they don’t harm the network and to have a choice (competition) in service and content providers. In 2005 the FCC fined a carrier that blocked VoIP.

On the other hand, opponents of net neutrality laws warn that prohibiting ISPs from making deals will lead to higher prices for Internet service, since they’ll recover the lost revenues by raising consumer prices. They also point out that if you don’t like the priorities assigned by your ISP, you can drop them and use a different ISP. Back in dialup days when there were dozens of ISPs competing in many markets, that was a lot easier to do. Now, as we mentioned earlier, there may be only one or two ISP choices in your area if you want/need a high speed connection.

You can find numerous commentaries on the Web that expand on both sides of the issue. Let us know what you think. Should ISPs be forced to treat all traffic equally, on a “first come, first served” basis? Or should they be allowed to give priority to some types of network traffic, or even block some (for instance, if file-sharing programs are clogging up the network and slowing it down for everyone, should they be able to block such programs)? Would you be willing to pay more in ISP fees to keep the network neutral? Or should the government stay out of it and let the free market sort things out?

Deb Shinder

Authenticating click fraud… Alan Chapell has this to say:

Which leaves me with one thought– it would seem that the best answer (perhaps, ultimately, the only answer) lies in authenticating clicks. As I’ve just mentioned, some analytics firms are providing a basic level of authentication by looking at IP addresses and geographic data. If we’re really going to get at the root of the click fraud problem, however, we’re going to need to understand more about who’s clicking.

…

Yet here’s where privacy issues can start to arise. To “authenticate” a click implies having to look closely at consumer data. To make this work, the search engine would need to collect a good deal of information about the click — and clicker — that is being authenticated. It might even require that the engines reference a profile of past searches and clicks as a sort of reputation score. After all, this is part of how email senders are authenticated, too.

Link here.

Your thoughts?

Alex Eckelberry

Chicago environmental attorney Shawn Collins, who admits “he is often the butt of jokes at his firm because of how little he knows about technology,” is taking the legal angle of trespass to chattels (the legal concept akin to “stay the hell away from my personal property”) to fight adware.  And it seems to be working. 

He’s been using a computer for only a year, but 48-year-old Shawn Collins wants to accomplish what the software industry has failed to do: stop annoying pop-up ads and spyware from intruding into personal computers.

The Naperville attorney considers spyware to be akin to cyberwaste.

“The Internet is being polluted,” he said. “I look at spyware companies as industrial polluters.”

Link here (registration required…argh)

Alex Eckelberry
(Thanks David)

Nassau County Legislator Jeffrey Toback, for filing an idiotic complaint against Google for being the “World’s Largest Facilitators and Distributor of Child Pornography”.

Dorkus Maximus Toback, who didn’t even know that Google had Safe Search until just a few days ago. has filed this lawsuit apparently for publicity reasons. 

You have to read the complaint.  It’s just a blithering mish-mash of bombastic stream of consciousness about mall owners, Google and China, with multiple uses of the word “obscene”.  I’m not a lawyer, but I’ve read a few complaints and I’m just astounded as to the absolute lack of evidence.  As Eric Goldman says, “this lawsuit is just a publicity stunt, and a pathetic one at that.”

Links: Eric Goldman’s excellent overview.  The lawfirm that did the dirtry work for Toback.  The press release.  The complaint.  The Newsday article where Dorkus Maximus Toback describes himself as “not the most computer-literate guy,” and “learned of the [safe search] filter three days ago.” 

And a smiling Jeffrey here.

I hope the court makes you pay Google’s legal costs, Dorkus Maximus Toback.  And then you can go back to trying to ban toy guns. (I’m not kidding, he really does want to ban toy guns in his county.)   

Alex Eckelberry
(Thanks to Eric Goldman for the complaint, etc.)

I see this as pure legal chicanery.  Google is being sued for “taking in billions of dollars by allowing child pornography” and “other obscene content” through adwords.

People may have complaints about Google in some areas, but in my personal experience with the security people at Google, this is a company that takes these types of issues very seriously.  When notified of an offending site, they take prompt and immediate action to remove the links.  It’s ridiculous to even allege that the company has made “billions of dollars” from this type of stuff.

Of course, these folks doing the suing are the same ones who “sought at least $10 million for alleged sex discrimination against Atlantic City, N.J., casino cocktail waitresses and $600 million from the maker of an ephedra-based dietary supplement claimed to cause the death of a Baltimore Orioles pitcher.”

It’s a silly lawsuit and I’m sure will be dismissed.

Alex Eckelberry

 

Press release here.

“The attacks started with a strike on the Internet backbone itself, causing the Blue Web site to become inaccessible to visitors outside Israel, while remaining available for Israeli visitors. How exactly this attack was carried out is still unresolved, but what is clear is that PharmaMaster boasted that it was he who was able to make a top-tier ISP’s staff member to block Blue Security’s former IP address (194.90.8.20) at the backbone routers.”

In PharmaMaster’s words (taken from ICQ sessions where PharmaMaster contacted Blue Security): ‘Support (top-tier ISP’s name withheld) says: Yes wont be a problem, I’ll make sure to block all traffic to this domain very soon just get me reports, mate.’

Reshef continued, “Thirty minutes after Blue closed its Israeli site and posted a note on its blog site, PharmaMaster ruthlessly ordered a massive, sophisticated DDoS attack against any site associated with Blue. This attack caused five top-tier hosting providers in the U.S. and Canada, a major DNS provider and a popular blog site to go down for several hours.”

PharmaMaster summarized the situation (excerpt from ICQ session): “you know Ii feel sorry for you and all the world 9000 servers (which) are down :-)”

According to Reshef, PharmaMaster also told Blue Security that if he can’t send spam, there will be no Internet. He also said that he will do whatever it takes to continue his fight but acknowledged the power of the Blue Community.

PharmaMaster (excerpt from ICQ session): “Blue found the right solution to stop spam, and I can’t let this continue.”

Blue Security is working hard to restore its community-based anti-spam service to its members, and has already started contacting the relevant authorities. Blue Security is working closely with its service providers and partners to help resolve the problems and mitigate risk.

Alex Eckelberry
(Thanks Ed)

First there was the Amish computer virus, which said:

You have just received the Amish virus.

Since we have no electricity or computers, you are on the honor system.

Please delete all of your files on your hard drive. Then forward this message to everyone in your address book.

We thank thee.

Of course, that was a joke. 

Now, there is a flagrant phishing hoax which promises:

The following complete hacking tutorial IS GUARENTEED TO WORK AND ITS FREE!! The hacking method is based on a flaw in the PayPal (www.paypal.com) mailing address confirmation system THAT MY UNCLE HAS SHARED WITH ME AND NO ONE ELSE!! I am giving this to you because it has helped me out ALOT and it will help you too. It will only work BEFORE PayPal discovers this serious security flaw and fixes it. Take your action FAST! This method works only works for hackers with PayPal accounts with CONFIRMED PAYPAL ACCOUNTS. It will never work for PayPal user without a confirmed account.By strictly following instructions in the following tutorial, you’ll gain unlimited access to various PayPal accounts with confirmed mailing addresses. Use those accounts AT YOUR OWN RISK. You’re responsible for your action and ENJOY!!! I DID!!

Of course, in order to take advantage of this “hack”, you need to send your personal information to a “mailerbot” address.

Link here, with copious acknowledgment to Lance James at Secure Science.

Call it gallows humor, but I found this painfully funny.  More seriously, though, is that some poor soul is probably going to fall for it.

Alex Eckelberry

Behavioral marketing is what is behind cookies and adware.  It’s the idea that by knowing what an audience is doing, you can tailor ads to them. 

Of course, this means that advertisers have to know what you’re doing online… and that is where you get a lot of the privacy arguments.  As I’ve discussed before, cookies provide advertisers the ability to infer demographics and tastes and hence, display advertising that attempts to match the behavioral characteristics of the viewer (for example, an advertisers can infer that someone who goes to a lot of NASCAR sites might be interested in Ford trucks or Budweiser beer).   However, it’s imperfect because a) many people hate cookies and b) there are privacy concerns and c) it is a actually a fairly sloppy way to gauge demographics.

There was an article earlier this week in iMediaConnection on the subject of behavioral advertising, which attempts to dispel the myths of behavioral advertising.  It’s focused on teaching advertisers how this all works:

Behavioral Targeting (BT) is a load of hype. Like so many internet businesses, BT has been horribly over-promised and chronically under-delivered…On the other hand, without question BT is the future of online media. 

Then there’s this chart:

Would you be more inclined to click on a banner ad if the product/service was more relevant to your area of interests or needs? Freq Pct % Absolutely yes 132 12% Most likely yes 425 40% Unsure 210 20% Most likely no 167 16% Absolutely no 136 13% Total 1070 100%

Source: “Understanding America’s Perception of Internet Advertising and Consumer Privacy,” conducted by Revenue Science, Chapell & Associates, and the Ponemon Institute (2004).

What would the response to the same question have been if it had been worded:

Would you be more inclined to click on a banner ad if the product/service was more relevant to your area of interests or needs, and in exchange, you had a piece of software on your system that tried to determine what those interests or needs were? 

Would you be more inclined to click on a banner ad if the product/service was more relevant to your area of interests or needs, and that advertiser had paid for the privilege of extending you that offer? 

Link here.

Alex Eckelberry

And just put money on the line by purchasing Massive.

Let’s play “Where’s Waldo?” with these in-game ads.  See if you can find the advertisement in the following screen shots of games, all ads placed by Massive:

And since they apparently did this to compete with Google, one wonders where the future might be?

 

Alex Eckelberry

SANs just got an email from Guy Rosen at Blue Security:

Monday:
 – Spam-based threats and accusations
Tuesday:
 – Our website www.bluesecurity.com is cut off from outside of Israel by a mysterious routing change
 – Later on, huge DDoSes lash out at our service’s servers (but NOT the www, note!), with adverse effects to several different hosting facilities in which they were located.
 – To restore access to our inaccessible www site and keep our users informed, we restore an old blog we had and point www there.
 – Within about an hour, a DDoS attacks the blog site on which that blog was located.
Wednesday:
 – A massive DDoS goes out at our domain’s DNS provider, causing a service outage that affected their customers.
Thursday:
 – DDoSes continue as we relocate our service to bring it back up. One estimate was of something of the order of 10 million packets/sec coming in.
Friday:
 – Today we are slowly coming back up and hope to see the service working soon.

I have to say that the great lengths the spammers have gone to in order to bring us down are worrying, not only in the specific context in which they took place in this last week, but I think given the general idea that so much power is available to people of this nature and that they are willing to use it in order to see things go their way. Seeing us as a threat, they did not seem to care who they brought down on the way.

Link here (thanks Ed).

My 2 cents?  I do suspect that spammers got the database.  While Blue Security didn’t publish the email addresses of their subscribers, they did establish a Do Not Spam registry which spammers could use to check emails against.  It’s seems fairly trivial to take a large list, run it against BlueSecurity’s registry and figure out who is a Blue Security user.   The people who are saying “I have multiple addresses, but only a few got targeted” simply may not have been on the master list.  However, I’m willing to be corrected on this assumption.

I am concerned about “fighting fire with fire” when it comes to spammers.  These people control spam zombies, which are botnets of users who unwittingly send spam—and can act as attackers in a DDoS.  It may make the user feel better in the short term to “fight back”, but it might not be the best idea done in this fashion.  Just block the spam using traditional methods and move on. Current generation spam filters are becoming remarkably effective. Why do you need to get users involved like this and have the potential of collateral damage?

Alex Eckelberry

SpywareSheriff (not to be confused with SpySheriff) is a new rogue antispyware app on the loose.

According to Bleeping Computer:

SpywareSheriff, a new rogue antispyware application that is starting to infect a lot of users. This particular infection is harder to remove than other variants such as SpywareQuake and SpyFalcon. This is because it uses a lot of random names for the files. It is, though, easy to tell when you are infected with this malware.

Link here.

The application is distributed at antispylab(dot)com or spywaresheriff(dot)com.

Alex Eckelberry
(Thanks Suzi, Adam)

Dollar Revenue, describes itself as:

…one of the best pay-per-install affiliate programs on the Internet. DollarRevenue provides revenue opportunities to affiliates who have entertainment/content websites, offering them an alternative to traditional advertising methods. DollarRevenue offers high payouts per install and converts Internet traffic from any country into real income.

Well, downloading the file “vsl02.exe” (VirusTotal results) from the Dollar Revenue site  — currently located at content(dot)dollarrevenue(dot)com — results in a blizzard of transmissions from advertising sites. 

Sunbelt researcher Patrick  Jordan was able to see over 2,000 transmissions in the course of running a video (movie here).  You can see the list of transmissions here.

Just what is going on here?

Alex Eckelberry

 

Ah, good old Sanford “Spamford” Wallace, the erstwhile Spam King, who became a spyware guy.  And who is now in deep trouble.

An operation that deceptively downloaded spyware onto unsuspecting consumers’ computers, changing their settings and hijacking their search engines, has been halted by a federal court at the request of the Federal Trade Commission. The judge has ordered the operators to give up to more than $4 million in ill-gotten gains. The court also ordered a halt to another spyware operator’s stealthy downloads and barred the collection of consumers’ personal information, pending trial.

Link here. 

Alex Eckelberry
(Thanks Suzi!).

A follow-up to my earlier musings about BlueSecurity:  The company, under a DDoS attack by spammers, redirected its blog to Six Apart (TypePad and LiveJournal).  Well, this then knocked Six Apart offline for almost eight hours.

Internet security company Netcraft said on Thursday that Blue Security temporarily dealt with the distributed denial-of-service (DDoS) siege by redirecting traffic to its journal at blog host Six Apart, knocking out that company’s TypePad and LiveJournal services.

Link here.

Alex Eckelberry

Does that crap stock spam you get actually have an effect on stock prices?  I’ve blogged on this subject earlier, about a site called Spam Stock Tracker, which shows that ownership of stocks marketed through spam are a money losing proposition.

Earlier this week, I posted an stock spam message from a company called Cyberhand (Pink Sheets: CYHD).

This stock spam pounded out on Tuesday, and a look at the chart shows that something has been going on, at least on an intraday basis:

So, it seems the spam is working to raise this stock price—on a very short term basis. And this is corroborated by Univeristy of Mannheim researcher Thorsten Holz, who said in a discussion group recently:

“together with a researcher from another German university, I took a closer look at stock spam recently. We could show that such spam messages indeed influence the traded volume and also the stock price.”  

The research paper is here.    

Harvard researcher Daniel Peng also looked at this issue and found:

“…stock spam is highly correlated with short-term spikes in trading volume and long-term falling stock price. I was unable to find any reliable evidence of short term price trends.”

Link here (thanks to Jose)

My guess is that  penny stocks jump up immediately when sent and then decline down (as you can see from the above Cyberhand graph).  

I’m not sure these studies took into consideration the actual buy and sell prices on the stock. The last price is different than what you can actually sell it for, because of the Bid (how much you pay to buy the stock) vs. the Ask (how much the dealer will pay you for it). The Bid and Ask is set by the market makers (the dealers who actually hold inventory in the stocks).  Then, you have to take out the effect of commissions. 

So can you make money rushing out and buying the stock when a stock spam hits?  “Not that easy. Especially since an event study only gives abnormal returns. If the overall market goes down, you statistically loose less than the market, but that’s nevertheless a loss. And since pennystocks are not very liquid, there are further limitations…,” says one of the study’s co-authors, Thorsten Holz.

All in all, this whole Internet stock scam business is pretty disgusting.

Alex Eckelberry

 

 

Interesting, I’ll try and get more information on this one.

NetRatings announced today it has filed patent infringement lawsuits against WhenU.com, Inc. and 180solutions, Inc. as part of the company’s patent enforcement program commenced in early 2005. Under the program, designed to protect the company’s investments in its patented technologies related to the collection, analysis and reporting of computer usage and activity, NetRatings has signed licensing agreements with three companies: Visual Sciences LLC, SageMetrics, Corp., and Omniture, Inc., and has complaints pending against three additional companies: Coremetrics, Inc., Sane Solutions, LLC, and WebSideStory, Inc.

Link here (thanks David)

Alex Eckelberry