Slashdot Mirror
Morpheus Hijacks Browsers For Affiliate Links
An anonymous reader submits: "According to this news.com article, morpheus (aka streamcast) has begun silently installing a browser plugin on its users' machines that basically hijacks the web browser even when not running Morpheus. An afflicted browser will sense if a user is going to visit a shopping site like Yahoo! or Amazon, and secretly send them to a different site instead and then redirect them from this site to the user's intended destination. The user will not be aware that this is happening... however the site doing the redirecting will benefit because they are set up as an affiliate partner and will get a commission on the backs of the user. On a horrible scale of 1 - 10 for sleazy business practices, I rate this a 9.
Comments?"
Trillian password files perhaps?
perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
it's funny because it points out how stupid those affiliate things are. why doesn't the user get a discount if they find the site on their own? it just takes advantage of those lame referral programs
you should expect this from install that morpheus crap. it doesn't even work under linux
its like theres lots of money being lost from users not being referred to sites, somebody should cash in
What you don't know can't hurt ya. Most people will still get up and go to work the next day. The crud is going to come down the line, when it waterfalls into a much bigger problems with worse results.
"i can never say no to anyone but you"
Honestly, I had the idea for this a while ago while talking with a friend. I've been waiting for someone else to implement it. Its not that much different than those sites that collect and list internet deals, in the hopes that you'll follow their links and they'll get the referer fee, Like this one.
While I personally see this as a bad thing, since they do it behind the users back, I would probably have no objection to installing something similar for slashdot. I don't exactly feel the need to subscribe, but I would have no objection to them collecting a referrer fee off of my internet purchases.
I know I'll be checking that any referral programs my Web site participates in aren't on Morpheus's hitlist, and switching to a competitor if they are. I expect others to do the same, thus giving retailers like Amazon a real incentive to make sure that they don't pay anything out to Morpheus.
Ok, we know that morpheus is spyware. Would anyone mind telling me how to find that out? I have a few programs that i would like to test and see if they are whispering behing my back
I have sent the following message to Robin Gross of EFF.
Dear Ms. Gross
I am writing to express my concern that my attempts to financially support EFF have been stolen by Morpheus and similar companies. I have long been careful to use the Amazon Affiliate Button on your front page for all of my book purchases. I have felt that doing this combined to support what I believe in simply and effectively. Since my purchases have been well over $1000 per year for at least the last two years, I know that it has to have been worth at least some money to EFF.
It has recently become apparent that Morpheus et al. have been placing software such as TopText and other scumware on users machines. These programs have the sole purpose of rewriting affiliate links. This effectively redirects the financial benefits of these links to the scumware operators. To put it bluntly, this is theft, no different than if they had taken the affiliate checks and written their own names as payee.
I have supported the EFF for years. I supported Morpheus partly because of EFF's support of them. But I am frankly disgusted by this turn of events. As the Director of the Campaign for Audiovisual Free Expression, and a staff attorney for EFF for Fair Use and Intellectual Property, I believe that you may well be the single best person to let them know they have gone too far. To take a principled stand on Fair Use is one thing. To pump ads to users while using the software is also perfectly legit. To actively steal revenue from other people, companies and organizations, even after the user has supposedly removed the software, without notice is simply beyond comprehension.
Sincerely
Walter Williams
TopText is KaZaA's version of this mess so I assume Streamcast is doing basically the same. Specifically, it reads the HTML coming through and does two things. First, any link to an affiliate program it recognizes gets rewritten so that the referal ID is TopText's NOT the site which provided the link and content. Second, the text is searched for keywords which are then rewritten to be links again with a refer ID for TopText. This is the source of the so called Yellow Text links.
/. subscriptions, how bad would it be if all the ad revenue disappeared because Morpheus and KaZaA stole it? Now think about all of the free sites out there trying to live off the referal ads. They will all die if scumware like this becomes standard.
The first one is theft pure and simple. The people like me who write the site are trying to get paid by putting the link there. KaZaA, Morpheus etc are simply stealing scarce and hard earned money from others. The second activity might barely be legit but not likely. For example, if I linked "Buy your books at BN" with my referal ID and TopText then grabbed "books" to point it at Amazon, I have still been robbed.
If my sites didn't make at least some money off the links, they would disappear when the hosting bills come around. For all the screaming about
To hell with the idiots downloading porn or warez.
This affects website owners. Many small websites make ends meet by their affiliate links. This will steal that money away. This is one of the few way small webmasters can make money - short of begging.
And aren't we all sick of the virtual begging cup by now? Don't let the last legit way for sites to make money be destroyed. Sites that don't have traffic for banner ads sales, need these sales. They need this income. If this takes off, it will wipe out small sites everywhere.
As an example, look at http://www.gonegold.com
Informative helpful website. IGN pays them squat. But they do make money on their affiliate gaming links. Take them away and who will pay the site's bandwidth? That is the real issue, that is the real fight. And for some smaller sites, this really is a fight for their survival.
By the way- what is the implications that the only thing you have to agree with when installing morpheus is the gnu license. their is no mention of this spyware(even though it is installed).
Chet
I'm a sysadmin in a large call centre which used to tolerate a certain amount of personal use of it's computers. One of the main helpdesk requests to the IS department had was for ghosting's of computers which had been so f**cked up by various bits of spyware. The worst offender by far was Save Now, getting it to uninstall was a pain and even when you did think it was gone, it would reappear sooner or later. We firewalled the Save Now website and any addresses the app connected to to and rather than die after 2-3 attempts the plugin would thrash the firewall contiuously trying to make a connection. We also came across a particular nasty spyware app which had no visible front end but would randomly redirect you to a porn site, thankfully we had Super Scout installed which blocked 99% of porn sites. However this didn't help the poor employee who unknowingly had this crap on his PC as he though he was going to be sacked for looking at porn (we have always had a very, very tough line on porn).
Most of the spyware on the computers was not intentionally installed which is what made it worse. The last straw for us was when we discoverd a Win98, 1ghz Pentium with 256mb RAM and a fast hard drive taking 15 minutes to start as it was loaded with so much spyware/plugins/rubbish and they all wanted to start simultaneously, running a packet sniffer on that particular machine showed that spyware was using over half the bandwidth available. We locked down the network after that barring access to anything known to inolve file sharing, plugins, spyware etc. However there is an interesting side note, we had a retained lawyer with IT specialisms, aparently the UK Computer Misuse Act makes it illegal to alter the contents of a computer without getting the users authority, which was interesting.
It's bad enought these spyware app's stealing money from deserving small websites and let's face it users as well. You just need to see the damage they can do to networks and computers as well, I can see a lot of sysadmins becomming very angry if these sort of applications get more sneaky and nasty in the way the operate.
Documentation on Browser Helper Objects (BHOs) at MSDN.
S
We do use the lockdown kit and have done for quite a while, initially to randomly monitor client machines for dodgy stuff then later to lock machines down. Unforunately it just does not work! Plus there is the social engineering of this scumware which takes advantage of users naievity to make them think the app is of real benefit to them and mentions phrases such as "Will work behind most firewalls" or "This plugin can bypass you network security setting which sometimes blocks innocent programs like this". The sad fact is scumware programmers write their software to bypass security mechanisms sysadmins put in place. We now simply rely on a good old fashioned firewall and signed agreement that says if you install unauthorised software you'll be out the door.