New.net and Cexx.org

In the spirit of full disclosure, and in case some other members of the anti-*ware community may be interested, presented here is the full record of communication between cexx.org and New.net's lawyer (ahem, Business Affairs...but more on that in a bit).

Conventions:

For MSWord/OO.o/PDF files, the internal filename is specified in parentheses following the link. (Files have been given descriptive names here on the Web server which avoid long names, spaces, etc, but are not the original file name.)
<<< Angle brackets >>> indicate the direction of mail travel (e.g. those pointing this way <<< indicate something we've received, and those pointing this way >>> indicate something sent).
"Out-Of-Band" denotes items on the side, not directly relating to the original subject matter.
Email addresses have been removed from plaintext materials, in case a spambot should ever get here.

<<< March 16, 2004 / March 12, 2004
Original letter from New.net (Microsoft Word - Letter to WebbInternet re cexx website v3 _final clean_.doc)

(I have to wonder what was in the non-clean version... :-)

This letter contains some glaring errors and generally wierd lawyer-isms that went unnoticed at first. Notably, the letter states that cexx.org "accuses New.net of banning users from New.net’s discussion forum and deleting their posts". In actuality, the original text simply states: "Sadly, the worst part is how their angry customers are treated when they find this out" [that New.net names are not domain names, but subdomains]. The hyperlink points to a discussion on New.net's server which, frankly, even we can't tell the original context of, since (ironically enough) the discussion has long since been deleted. Consequently, I must wonder how they would suddenly jump to the "banning users and deleting posts" conclusion...(Oooops!)

It also asserts that New.net subdomains "are the property of the user and cannot be taken [a]way". Besides the fact that we have at no time made any statement regarding the ownership of New.net names... according to WHOIS, the top-level domain name "new.net" (and thus all subdomains) is owned by New.net, Incorporated, Sherman Oaks, CA 91403. (These names are expected to remain in control of the purchaser as long as New.net stays in business, but what happens if/when their assets are liquidated?)

Of considerable confusion/amusement is the following paragraph, reproduced in entirety for your viewing pleasure:

The New.net Software does not serve any type of advertisements to its end-users, whether through a pop-up browser, pop-under browser, or otherwise, other than advertisements served on or via our Quick! Search results pages. [Emphasis added]

Kind of reminds me of: "I'm not pregnant in any way, shape or form...except for the baby that I am carrying." :-) So, apparently the current version of the New.net software (6.50) is in fact adware. It's a good thing they pointed this out for us; we were still thinking of "firstlook".

>>> March 22, 2004
Our response (Response to New.net demand letter.sxw)

>>> March 28, 2004
Submission of updated document and supporting materials. ('Supporting materials' includes screenshots of the New.net software being run in concert with a packet sniffer, showing the software displaying 'new.chat' in the browser while resolving 'new.chat.new.net', and the New.net software displaying paid content (advertising) when a URL is mistyped. It seems strange that the "popular search categories" (Viagra, HGH, mortgage, credit...) are all the same words that keep showing up in my email box unannounced.)

In the letter above, we noted that the materials would be posted on the evening of April 2, giving time for them to read and respond. I said to myself, "just watch them stall on this until late April 1, then come up with some late-breaking reason why we shouldn't publish this".

<<< April 1, 2004 (8:30 PM)
Letter No. 2 to cexx v1.doc (Letter to Cexx.org (New.net/General))

Sure enough, seeming to do the bare minimum required to stall publication (claiming again that the materials are in error, but won't actaully say what the error(s) is/are)...it also (dis)claims that their original letter was "certainly not intended as a threat" at 56k BPS (backpedals per second), and goes on to chant "we're not spyware" for another paragraph, although we have at no point accused them of being spyware (a fact we thought was made clear in our original letter).

Note: Interestingly enough, although this letter is signed with the same name as the first, the meta-information helpfully included by MS Word indicates the author as Stephen Chuck (schuck at garrett-tully.com) of Garrett & Tully, a different California law firm. As far as I can tell, they don't employ a Mark J. Sonnenklar. Also from the meta-infos:
S y s t e m   U s e r m a r k . s o n n e n k l a r
F o r m   L e t t e r   t o   a n t i - s p y w a r e   c o m p a n i e s   v 4
K a y   T h a t c h e r   ( k t h a t c h e r @ g a r r e t t - t u l l y . c o m )

That explains the "we're not spyware" bit, anyway. (Hmm.... Any of you recognize it? ;-)

<<< April 02, 2004
(Out-of-band) Fwd: Newnet

New.net's lawyer forwards us customer mail

and

(Out-of-band) Request for removal of contact information from published letter

Self-explanatory.

>>> April 03, 2004
Our response to Letter #2 (Response 2.sxw)

>>> April 04, 2004
(Out-of-band) Confirmation of contact information removed

On the public web site, New.net's letter is converted to a graphic so that contact details could be blacked over. Our letter is converted to HTML and references to such contacts are replaced with "******".

<<< April 07, 2004
(Out-of-band) Request for removal of first name and job title

This we have to wonder about (as expressed in the reply below). Perhaps this guy is ashamed to be associated with New.net? Or maybe New.net doesn't want it widely known that they've hired in a lawyer as their Business Affairs department...

>>> April 11, 2004
(Out-of-band) Cexx.org response to addtional removal request

Although not stated above, the lawyer's first name/initial and job title have also been blacked out on the public Web site, if for no other reason than butt-covering. Indeed, no reference to this person (or even department) turns up on the New.net site or any other source of public record. The only reference to a "Mark J. Sonnenklar" (full name) seems to be this one. Can't guarantee that it's the same guy, but the location, line of work, and even format of the e-mail address seem to match up. Unfortunately, the Corporate Counsel homepage (aside from being something I'd be embarrassed to tell my friends about) doesn't have any information.

and

Awaiting a response to our letter dated April 3, 2004

Hello, hello....is this thing on?

Today is the 9th of May, and we have still heard not a peep. They in all likelihood have found someone else to pester for a while. Either that, or they are at work digging deep into our pasts for something to bust us on. (Good luck)

One of the anti-spyware vendors pretty much foretold this right after our previous post on this matter to the list. You were 103% spot-on.

End of Info

If you've read all of that, congratulations, you have the endurance of... well, something with a lot of endurance. As a bit of closing advice, Cexx.org would like to stress the importance of having a backup system in place. :-)