Over the weekend, InfoWorld editor-in-chief Eric Knorr announced that Infoworld had severed ties with one of its editors, Randall Kennedy, because Kennedy had been "misrepresenting himself" to the world as Craig Barth, the CTO of Devil Mountain Software (also known as exo.performance.network). It was this Craig Barth who made the outrageous and false claims about Windows 7's memory usage - and several other false claims in the past as well.
"Integrity and honesty are core to InfoWorld's mission of service to IT professionals, and we view Kennedy's actions as a serious breach of trust," Knorr writes, "As a result, he will no longer be a contributor to InfoWorld, and we have removed his blog from this site."
At the same time, ZDNet published an in-depth investigation into Devil Mountain Software and "Craig Barth", in which they indeed reveal he is actually Kennedy. In addition, they found out a number of other alarming issues.
"We asked a team of researchers to look more carefully at Devil Mountain Software and its Exo Performance Network (XPNet) to find out more about the company and its data," writes Larry Dignan for ZDNet, "What we found is alarming: Dubious claims about the company's products and its customers; violations of privacy involving the company's data collection software; and Web posts and interviews with a source who appears to be certainly fictitious."
For instance, the data connection that uploads performance information from your machine to the exo.performance.network servers was not secured - despite claims from Devil Mountain Software that they transmit the data securely. This means that data collected on your machine was sent over an insecure line to the exo.performance.network servers; anyone could've been listening in.
Another big issue is that of privacy. As we already know, Kennedy/Barth published performance data from Ars Technica's Peter Bright on the web; what we didn't know, however, was if this violated any privacy policies put in place by Devil Mountain Software. ZDNet has found out that yes, it indeed violated privacy policies.
There's more, though. The company has made claims that it is used by large organisations such as Morgan Stanley and Credit Suisse, but ZDNet turned up that this is not true. "Best case scenario for Devil Mountain is that its suite is installed on a few stray PCs at Morgan Stanley in violation of security policies," Dignan writes, "Worst case: The claims that Morgan Stanley is a Devil Mountain Software customer are fabricated completely."
All this stuff was already found out by InfoWorld, apparently, as they fired him right before the ZDNet story hit. You might wonder why you would fire someone for using a pseudonym, but if you think a little further, it becomes quite obvious: Kennedy had been linking to what has now been revealed to be his own company quite often, using exo.performance.network's work to backup his own claims. This is not something you'd want on a news website.
Kennedy has responded to the accusations on the exo.blog, and his claims have a decidedly black helicopter feel to them. He claims this is all a Microsoft conspiracy, out to destroy him, because "the exo.performance.network [...] hit a bit too close to home" and "It was our research into Windows 7 performance that prompted Microsoft to call in its chips".
I've had run-ins with Kennedy in the past, and to say I mistrusted him would be an understatement. However, I never could've anticipated anything like this. It just goes to show, once again, that you really need to be very careful with where you get your stories from. I can't recall ever putting exo.performance.network's stuff on OSNews (feel free to correct me), and it seems that my suspicions about them were correct.
Which is not to say we haven't ever (or will never) slip up. We have, and we will.