Slashdot Mirror

you wouldn't be the first

Here is one example:
http://forums.pcpitstop.com/lofiversion/index.php/ t134757.html
---
I get the following error when trying to play a DVD. My guess is an video driver problem:

Error Message Reads:
"Windows Media Player cannot play this DVD because there is a problem with digital copy protection between your DVD drive, decoder, and video card. Try installing an updated driver for your video card."

Hi, Twitter! Good to see you. Farming with this account again, after you managed to get eight Troll mods in a row with your main one, eh? I was very impressed at that, good going! Anyway, to business, we can't sit around here, chatting about 'old times', eh?

These stats seem to show that Windows XP is at 75% usage and thus did, in fact, manage to 'grab marketshare' in a way that any OS manufacturer would intend it to. Apparently for you 'plenty of users' is 9% of the market share, which I will concede to you with as much grace as you have ever shown.

Unfortunately for you though, according to these figures, even Mac usage is increasing more than Linux usage is, which I find to be a great pity, as I'd much rather people were using Linux. Oh well, eh? And this is from one website - others suggest Windows XP has an 85% market share, or even in some cases as much as 90%! Obviously 'not good enough', so I'm wondering how Linux's 3% marketshare ranks on that incredible scale of yours?

MS credibility? Better than ever! Sorry to break it to you.

Finally, Vista doesn't suck. I should know - I'm using it. Have you? Don't answer that, it's one of those rhetorical questions you've heard so much about.

Claria will have nothing to sell when it comes out.

I wonder how long it will take for Vista to be adopted by the majority of the Windows-using population. According to this article, as of last year at this time, only 40% of corporate users were using Windows XP. It could be several years before Vista reaches the point where even half of the Windows market. According to this graph, about 15% of Windows users still aren't on XP. Of course, the data could be skewed. Still, it makes me think that spyware will be with at least some Windows users (perhaps the least technically-savvy, and therefore least equipped to deal with spyware) for a long time to come.

The players here already have blood on their hands. Yahoo's Overture division is the primary source of revenue for Claria Corporation, one of the biggest offenders out there. TRUSTe makes big money to certify web sites and basically takes the company's word about their answers to a form.

It's not just about spying or offering an uninstall link. For example, the Ask Jeeves folks make a toolbar that is bundled with a cute little utility named Smiley Central that is heavily advertised on game and kids sites. When you install it, it reconfigures your search setup to funnel all searches to Ask Jeeves. It also tacks little advertisements for itself onto your outgoing emails. But remember, you agreed to all that in the EULA, or at least your 10-year-old must have. Sure it has an uninstall, although the average computer user doesn't even know Add/Remove Programs exists much less what should be removed.

link..
http://www.pcpitstop.com/spycheck/eula.asp

Some people actually DO read them. Like this one guy that got $1,000 dollars for reading PC Pitstop's EULA

Both Google and Click Defense (RTFA) probably use a combination of IP addresses, cookies, time frames, and click patterns to guess whether the clicks are fraudulent or not. This dispute is probably over the gray areas.

There's no doubt that someone clicking a dozen times on the same ad over the period of an hour should be backed out. But if a user clicks once on a particular ad today, then does it tomorrow, and the next day, is that click fraud? Google could argue no, the user is just looking to see if the offer changes or taking some time to make up their mind. The merchant or Click Defense might argue the other way.

AFAICT, both the Google and Click Defense techniques do nothing to stop "click laundering" where the click is automatically generated by a trojan or spyware. Imagine a botnet of 100K PCs that run click laundering software. They attack certain advertisers by automatically "clicking" on their ads. This drains the victims Adwords account to zero and makes the keyword available to other advertisers, often belonging to the attacker. But there is no pattern, and only one click per computer, so how do you prove fraud or even stop it?

Another variation on click laundering is to set up a web site that has Adwords on it. Then have the trojan-infected PCs "click" on the Adwords ads on that site, or create ads that display off the site (in spyware popups for example) that will get clicks. There was a movie floating around on the P2P networks that displayed Google ads as part of the DRM license process!

Because Amazon only pays about 3% commission. Every 3 months. Minimum of $100 payout. Not worth it. Look for sites that pay big and you'll find tons of spam. Also, they can't spider the blogs for spam, because a lot of times the blog links points to a junk domain the affiliate registers, for the sole purposes of filtering traffic back to the Casino. To figure out what sites are paying, you can check out www.cj.com, www.linkshare.com, etc.

Hope that helps clear up the confusion. I'm an affiliate marketer who only uses what I consider ethical methods, and I don't like to see good advertisers (PartyPoker actually is quite ethical, marketing-wise) get bashed.

If you guys want to slam someone, there are more than a few fortune 500 companies who buy advertising in software we all would consider adware. I'll leave the google exercise to you.

Okay, I'll do some.
Investment Firms who are funding spyware
Yahoo is Largest Paying Advertiser on Gator ("Claria")
Blockbuster, Thrifty Rental Cars, Chase Credit Cards

I think I've given everyone enough starting points. Let's vote with our wallets. If you don't support spyware, don't indirectly fund it by using these companies.

Samuel Wright, Senior Vice President, Government Relations, Cendant Corporation, Washington, DC

Cendant has been a client of Claria (formerly Gator). At one time, Cendant was one of Claria's top twenty advertisers.

Since I don't use OSX, I can't comment on that, though if what you say is true then I'm glad that I've gone Linux rather than OSX.

A school that runs Unix (e.g. Linux workstations) are hardly going to give the kids root access, are they? Any virus/worm would *have* to be able to first manage a local exploit at least, even to get started. That's hardly "just tell the user ... and press return"

The same sort of thing can apply to the home situation - if you're a parent, and you want your kid to be able to use the internet but you don't want the machine eaten by the malware out there, do you:

(a) Do what's listed here http://www.pcpitstop.com/spycheck/safesurfing.asp

(b) Or give them a Linux workstation, with their own user, but without root access?

Both options require the parent to learn something about the threat, and what to do about it. Which is easier? Which is more effective?

Especially amusing on the Windows safe surfing tips I thought was the stuff about only accepting ActiveX when you're "absolutely confident" it's trustworthy, as if you could ever know.

Go Linux, and that question doesn't arise. Depending on age and maturity, you can relinquish the root password at some later stage, when you would be explicitly handing over control and responsibility to the kid, if it was their own computer, or if it was a family shared computer then probably not ever.

In any case, one of the beauties about Linux is that even if it was prevalent (> 50% of machines), it *still* wouldn't be a monoculture, and would *still* be a hostile environment for this sort of malware.

That's likely to translate into fizzling rather than spreading. Perhaps the best real-world example so far of that is the attack record against Apache, as compared to IIS - we'll have to wait a bit for Linux to continue growing before we see the point replicated for desktop systems.

I have on hand lots of information about advertisers supporting these companies. One complication is that some of the advertisers are unintentional participants -- e.g. the ads were placed by affiliates, apparently often acting without authorization by the underlying merchants. Often, the link format makes it possible to tell the difference between an affiliate's ad and an "official" ad.

As to Gator advertisers: See Gator advertisers as of 2003 and Gator advertisers based on data from Claria's S-1 disclosure.

In any event, I'll be updating my site with more advertiser information in the future. It's at the top of my list of priorities.

I remember specifically reading something on Symantec's site that said something to the effect of "we are not targeting any 'spyware'".

Wouldn't [including spyware detection in AV software] have saved a lot of problems? How is spyware not considered malicious?

It's as simple as this: Symantec and McAfee don't want to get sued for labelling some other company's software "spyware" and removing it. Look at how sensitive Claria *cough*GATOR*cough* was about being labelled a purveyor of spyware. Even if a particular piece of software is generally considered to be spyware or adware, the company that produced it disagrees-- they see it as a moneymaking, legitimate product that was willingly installed by the enduser (though that was most likely via clicking through the EULA for some freebie gewgaw they downloaded somewhere without bothering to read it). And they see another company tampering with their product as a legally actionable matter.

We all know that this is a bunch of horse shit, and that nobody with any sense would have deliberately installed that junk on their PC if it wasn't stealthily tacked on to the installation of something else. We also know that nobody would have agreed to having that junk stealthily installed on their PC if it wasn't buried in some ponderous legalese that will almost certainly go unread by the vast majority of people who happen upon it.

Show me your proof that "in most cases the user has 'agreed' to allow these programs to run." I can certainly find proof to the contrary.

Take a look at these screen shots of the Bearshare install that includes WhenU and tell me it is reasonable to expect a user to press page-down 45 times to read the license.

Users are not aware they are running WhenU because the company works hard to keep them ignorant.

I was going to say, if it were based solely on OVERTURE'S results then the only competition it would have would be Gator/Claria's horrid Searchscout/GAIN system, which is the only "major search engine" I know of that is powered purely by Overture results. Though to be fair when Overture runs out of ads it just dips into the Yahoo/Inktomi pool and runs those listings instead. So I guess its not TOTALLY worthless - try for yourself at http://www.overture.com

By the way, the Gator/Overture partnership has gotten Overture's owner Yahoo in trouble and continues to miff Overture advertisers since Overture does not allow advertisers to "opt out" of their scheme.

They are annoying, but I think they HAVE stopped being sneaky with their 3rd party stuff

Yes, and I have a bridge that I want to sell you.

Gator still does deceptive "drive-by-downloads", and people still unkowingly get infected with their crapware

Sorry/Claria/they will always be gator to me.

Exactly. People do not realize they are installing this crap. All statements to the contrary by the spyware companies are bullshit.

The most interesting part of the pitstop website is the finding that Gator and Overture are linked. A lot of companies that would never knowingly do business with Gator no doubt have acocunts with Overture.

Overture needs to be called to task for this relationship.

If you go look at their Gator info the word "spyware" is nowhere to be found. However, there is a lot of interesting factual information about Gator's questionable way of doing business. Notice their survey of users who had Gator; more than 70 percent didn't know it was installed. Yet Gator claims they can do what they want on systems because users accepted their license?

Also see PC Pitstop's website.

Well, they could figure out a way around the problem that made their customers happy but still avoided the wrath of spyware makers. For example, they could point users to a page on the Dell site that had a disclaimer that users should check their licenses and links to programs like Spybot.

For example, PC Pitstop was sued by Gator but still has a lot of Gator information.

Check out Here for some help fixes for outlook and outlook express.