History | Issue | Software Titles | Solution | Links
Broderbund/The Learning Company/Mattel Interactive/Riverdeep developed the DSSAGENT to provide users of their software with advertisements and notices of product updates (at least that is what they said). The DSSAGENT is a Display Splash Screen program that delivers advertisements to users of their software.
In 1998 the United States government passed the Children’s Online Protection Act to protect the privacy of children who were using computers to access the Internet.
It was determined that the DSSAGENT violated the COPA act. In response to this determination, Broderbund/Riverdeep closed down the server which provided the advertisements to the software users, www.brodcast.net and stage.broderbund.com.
The company changed the DNS records to the above mentioned sites to go to 127.0.0.1 which is the loopback address and results in the DNS response being dropped by the requesting PC or Server.
The company stated that the DSSAGENT was removed from all software starting in April of 2000. Additionally, the company stated there was an option to not install the DSSAGENT during installation of the software.
Internet users report that the agent proceeded to be installed in spite of the user declining to install the agent during installation and there are reports that the software continued to incorporate the display splash screen agent up until 2002.
PC’s and Servers with the Broderbund software installations that contain the DSSAGENT broadcast incessantly to connect to their mother server. The request from the PC for http://www.brodcast.net results in an ARP request to the DNS server that holds the DNS records for the website.
The DNS server responds with 127.0.0.1, loopback, our firewall sees the loopback response and drops the request as the loopback address, which is always under the authority of the local machine.
The frenetic attempted communication between the PC’s and their mother server results in millions (our current number of requests exceeds 2 million per day) of requests being processed by our firewall and degrades computer performance as well as network performance on the LAN and WAN.
As our network has multiple PCs with the DSSAGENT installed, the resulting requests constitute a DOS (Denial of Service) attack on the network. The network implications for these requests is high utilization rates for the servers that provide access to the internet. Users will experience slower access times to the Internet, failure to connect issues, slow and interrupted email downloads, etc…
Mattel Interactive Software
Brodcast was created by Broderbund which was bought by The Learning Tree which was then bought by Mattel and now is a division of Riverdeep. A definitive list of software including the DSSAGENT isn’t available, all older software from Broderbund, The Learning Tree and Mattel are suspect.
Requests from Riverdeep for assistance have been ignored and emails responded to with spam.
If anyone has any other software titles that can be added to this list please advise the Internet Services Department, isd@archdiocese-no.org.
Educational Software
Arthur, Berlitz, Carmen Sandiego, ClueFinders, Dr. Seuss, KidPix, Learn to Speakâ„¢, Madelineâ„¢, Oregon Trail, Reader Rabbit, Schoolhouse Rock!, Sesame Street , Amazing Writers Machine,
Edutainment
ABarbie, Generation Girlâ„¢, HotWheels, Sesame Street
Entertainment
ChessMaster, Creaturesâ„¢, Dogz, Earth 2150, Myst, Masterpiece
Home Design
3D Home Architect, 3D Home Design, Total 3D Homeâ„¢, Total 3D Landscapeâ„¢
Legal/Financial
Quicken Family Lawyer
LifeStyle
Virtual Makeoverâ„¢
Print Creativity
AG Creatacard, AG Holiday Design, ClickArt Infinity, The Print Shop, PrintMaster
Reference
Compton’s Encyclopedia, National Geographic
Religion
Membership Plus, QuickVerse
Utilities
Address Book, Atomic Clock, Calendar Creator, Internet Tuneup, ScreenShot
Solution
Solution
The solution to the DSSAGENT issue to run the removal patch provided by Broderbund or to manually remove the DSSAGENT from the registry.
We recommend that the removal patch be run. The removal patch deletes the DSSAGENT executable and removes the registry entries associated with the nefarious advertising spyware.
Running the removal patch is quick and simple. It takes less than 5 seconds to execute and instantly advises whether the PC was infected and if so that the DSSAGENT was removed.
Implementation of running the removal patch may be achieved in a variety of ways:
1) download the patch and run it on every PC and Server on the local network
2) place the removal patch on a network share, download the removal patch to each PC and execute
3) logon script - place a script in the users logon profile to execute the script each time any user logs on to the network. The following script will execute the removal patch upon logon.
For Windows NT Server: Place this script at the bottom of the existing logon script or place the two-line script in a batch file in c:\winnt\system32\repl\import\scripts
For Windows 2000 and 2003 Server: Place this script at the bottom of the existing logon script or place the two-line script in a batch file in c:\winnt\SYSVOL\sysvol\DomainName\scripts\
Replace r with the drive letter of your shared network drive and server with your server name.
net use: r: \\server\share r:\cleanbc.exe
This information was gathered from various internet resources. For additional information please visit the sites listed below.
* http://www.pestpatrol.com/PestInfo/D/DSSAgent.asp
* http://www.riverdeep.net/about_us/privacy_policy.jhtml
* http://archive.salon.com/letters/daily/2000/06/21/brodcast/
* http://accs-net.com/smallfish/mattel.htm
* http://dir.salon.com/tech/col/garf/2000/06/15/brodcast/index.html
* http://cexx.org/dssagent.htm (not available on Archdiocesan networks due to subnet block)