Slashdot Mirror
Morpheus Hijacks Browsers For Affiliate Links
An anonymous reader submits: "According to this news.com article, morpheus (aka streamcast) has begun silently installing a browser plugin on its users' machines that basically hijacks the web browser even when not running Morpheus. An afflicted browser will sense if a user is going to visit a shopping site like Yahoo! or Amazon, and secretly send them to a different site instead and then redirect them from this site to the user's intended destination. The user will not be aware that this is happening... however the site doing the redirecting will benefit because they are set up as an affiliate partner and will get a commission on the backs of the user. On a horrible scale of 1 - 10 for sleazy business practices, I rate this a 9.
Comments?"
Now that Morpheus is just a hacked-up (or down ;-) version of Gnucleus, there's really no point in using it anyway. I don't see what it provides that Gnucleus doesn't, other than annoyance.
Don't blame me, I get all my opinions from my Ouija board.
An afflicted browser will sense if a user is going to visit a shopping site like Yahoo! or Amazon, and secretly send them to a different site instead and then redirect them from this site to the user's intended destination.
The final destination is more or less the same. The difference is the intermediary. Morpheus isn't stopping me from going to Amazon by instead redirecting me to Borders.com...They're just stealing referral dollars.
Honestly, though...I wonder how long it'll be before these online vendors lock out Morpheus' referral IDs, or even worse, deny the connections altogether (since the most recent source IP will be Morpheus' proxy, not your own).
And I assume that if there's a pre-existing Referral ID, Morpheus will strip it out and replace it with its own. Doesn't this constitute actual monetary theft?
"Mod, mod, mod...and another troll bites the dust."
This belongs to a new breed of nusiance known as scumware. Check out http://www.scumware.com for more info.
Under "Tools" -> "Internet Options" -> "Advanced" deselect "Enable third party browser extensions" and reboot. Even if the .dll responsible for the redirection, bpboh.dll, is installed, it won't be able to run.
From what I can see on their website ..
If I were Amazon, why would I pay 10-15% margin to someone who has not really promoted the product, but has hijacked the links?
They also probably violate this portion of the operating agreement.
These folks really must think that they own the user once the user buys their product, becuase even a "respectable" company like Intuit doesn't seem to have any problem with monkeying around with the private parts of the user's computer for their own purposes. Certainly those icons are paid placements.
Bruce
Bruce Perens.
A 10 is when it takes control of your computer, prints out ads, and has your AIBO tape them up all over your house. It paints your walls with company logos, tapes over your Star Trek tapes with infomercials, fills up your TiVO with the same, and replaces all your vinyls with Britney Spears CDs. It will kick your puppy and attack your kittens. It converts your children to Scientology and steals your beer.
If software which does this sort of sleezy tactic put as a clear, easily obvious disclaimer "You are indirectly paying for this by allowing us free reign over your PC", then I'd wager that about 5 people on the planet Earth would actually install it. Instead, however, companies that do this sort of tactic either sneak it in entirely unintended, or they hide the details 40,000 words deep into a EULA which they know that no one reads, all the while promoting their "free" software. Why stop at redirecting the browser though? I mean surely there's some worthwhile nuggets of information on that harddrive somewhere that could be sold to the highest bidder. All's fair in the land of free software, right? (Why say just free though? Using this "anything goes" justification, anyone who believes that they are providing a more valuable service than they are charging can go nuts)
.NET Framework supposedly offers this but I wouldn't trust it until its evaluated and proven) or a legal solution. It's obvious that a "Dirtier-than-thou" cat fight is taking place with every sleezy vendor out slimeballing the next.
This sort of activity is atrocious, and I don't see how these people aren't facing the same punishment as the Kevin Mitnicks and Melissa virus writers are. Without any doubt there is a serious need for either a technical solution (one could say that it exists by way of Java : Sandbox every application to ensure it has no rights outside of its little world. The
First, they took an open source app, Gnucleus, and repackaged it as their own, adding nothing while actually degrading the software by adding popup ads.
Second, they started banning from their chat room anyone who mentioned this fact and posted the url to Gnucleus.
Now, they're installing scumware in order to control your browser for their own profit even while you're not using Morpheus.
Anyone left who still wants to argue with me about whether or not Music City is a company of degenerate sleazebags? Anyone who still disagrees with me that the proper course of action is to delete Morpheus and install Gnucleus immediately? (at least until something better comes along).
After reading this article (and noticing redirects being performed on my system - i thought it was something else, not morpheus) I downloaded this utility: BHO Cop which is designed to search out these nasty browser-attached proggies and allow the user to disable them. I found the culprit: bpboh.dll put out by Wurld Media, who, according to their inadequite website, claim the primary goal of their business is to help companies be profitable (very ambiguous, don't you think?).
.dll w/ BHO Cop, relogged in (WinXP) and low and behold, when I go to amazon.com, I end up at the root page rather than a referal page deep in the system.
Well, I disabled the
So - download and run BHO Cop now! who knows what else you might find (Acrobat seems to have dumped something as well)
I'm out of my mind right now, but feel free to leave a message.....
goto http://www.Lavasoft.com and download ad-aware and the latest ref update and have it remove all your spyware from your computer..
I have sent the following message to Robin Gross of EFF.
Dear Ms. Gross
I am writing to express my concern that my attempts to financially support EFF have been stolen by Morpheus and similar companies. I have long been careful to use the Amazon Affiliate Button on your front page for all of my book purchases. I have felt that doing this combined to support what I believe in simply and effectively. Since my purchases have been well over $1000 per year for at least the last two years, I know that it has to have been worth at least some money to EFF.
It has recently become apparent that Morpheus et al. have been placing software such as TopText and other scumware on users machines. These programs have the sole purpose of rewriting affiliate links. This effectively redirects the financial benefits of these links to the scumware operators. To put it bluntly, this is theft, no different than if they had taken the affiliate checks and written their own names as payee.
I have supported the EFF for years. I supported Morpheus partly because of EFF's support of them. But I am frankly disgusted by this turn of events. As the Director of the Campaign for Audiovisual Free Expression, and a staff attorney for EFF for Fair Use and Intellectual Property, I believe that you may well be the single best person to let them know they have gone too far. To take a principled stand on Fair Use is one thing. To pump ads to users while using the software is also perfectly legit. To actively steal revenue from other people, companies and organizations, even after the user has supposedly removed the software, without notice is simply beyond comprehension.
Sincerely
Walter Williams
The article said that StreamCast will:
1. Redirect users to another site to collect usage statistics before sending them to the site they wanted to go to. This might be seen as invading people's privacy, but no personal data will be collected, merely usage statistics.
2. Put up a shopping section in Morpheus. That sounds perfectly legitimate to me.
3. Put referrals to online stores inside the browser window in some unspecified manner.
Please note that 1) and 3) are two separate points. They won't redirect you to another site when you're trying to go to Amazon.com, and then claim the referral bonus. The redirection is only for collecting usage statistics.
And the referrals inside the browser window have nothing to do with the redirection.
There's nothing in the article saying that StreamCast will hijack other people's referrals.
There's nothing in the article saying that StreamCast will pretend to refer people to sites (like Amazon.com) when they go there themselves.
Exactly. Why the hell are people using it anyways? Go here to download the spyware free and opensource version.
Ah, but the point is that the Morpheus user isn't the customer. The Morpheus user is the product that is sold to these advertisers, the real customers. The Morpheus software is bait.
I'm a sysadmin in a large call centre which used to tolerate a certain amount of personal use of it's computers. One of the main helpdesk requests to the IS department had was for ghosting's of computers which had been so f**cked up by various bits of spyware. The worst offender by far was Save Now, getting it to uninstall was a pain and even when you did think it was gone, it would reappear sooner or later. We firewalled the Save Now website and any addresses the app connected to to and rather than die after 2-3 attempts the plugin would thrash the firewall contiuously trying to make a connection. We also came across a particular nasty spyware app which had no visible front end but would randomly redirect you to a porn site, thankfully we had Super Scout installed which blocked 99% of porn sites. However this didn't help the poor employee who unknowingly had this crap on his PC as he though he was going to be sacked for looking at porn (we have always had a very, very tough line on porn).
Most of the spyware on the computers was not intentionally installed which is what made it worse. The last straw for us was when we discoverd a Win98, 1ghz Pentium with 256mb RAM and a fast hard drive taking 15 minutes to start as it was loaded with so much spyware/plugins/rubbish and they all wanted to start simultaneously, running a packet sniffer on that particular machine showed that spyware was using over half the bandwidth available. We locked down the network after that barring access to anything known to inolve file sharing, plugins, spyware etc. However there is an interesting side note, we had a retained lawyer with IT specialisms, aparently the UK Computer Misuse Act makes it illegal to alter the contents of a computer without getting the users authority, which was interesting.
It's bad enought these spyware app's stealing money from deserving small websites and let's face it users as well. You just need to see the damage they can do to networks and computers as well, I can see a lot of sysadmins becomming very angry if these sort of applications get more sneaky and nasty in the way the operate.