Yahoo Anti-Spy Favors Yahoo's Adware Partners?

prostoalex writes "Yahoo's new browser toolbar is advertised to clean out adware and spyware from the user's PC and from the sound of it is a good tool to rely on. Not so, says eWeek, whose Matt Hicks notices that Yahoo excludes by default two popular adware/spyware applications - Claria (ex-Gator) and WhenU.com - Claria has commercial bonding with Yahoo! Inc."

Irony

[r_glen]

Does anyone else find it humerous that Yahoo! is carrying the story?

Re:Irony

[SnakeJG]

Yeah, they might not be playing fair in the spyware finding business, but at least they are still honest with the news reporting.

Re:Irony

>> Does anyone else find it humerous that Yahoo! is carrying the story?

It's one way of making sure you have an exclusive story.

1. Do something naughty.
2. Report your naughtiness.
3. Profit!

Re:Irony

[Zen]

I'm not exactly sure why anyone's surprised. Either that Yahoo is doing this, or that they ran the story. It's business.

Re:Irony

wait, i thought snake was trying to be funny?

Re:Irony

[SenseiLeNoir]

no.. maybe a smart move. They may not be ALLOWED to treat Claria (gator) as spyware (rememebr Claria's protest that they are not spyware). However, if you look carefully at the toolbar, it is easy to enable the removal of Claria too. its just disabled by default. The move to not remove claira may be more a legal position than a profit descision.

By then telling it on their OWN news story its liek saying.. yes its there, and making the world know that claira filtering is turned off by defult, so people turn it on! And what better way to "legally" say it, than in a news article quoting someone else!

Smart move i think!

Re:Irony

[fingerfucker]

Don't mislead here! Yahoo did NOT report on this story. Their news site only picked it up while aggregating news. eWEEK reported the story.

Re:Irony

Yeah, like all those books written by high-profile criminals.

Re:Irony

[SnakeJG]

I was, but I will take Insightful, either way gets my comment read.

This is not a first

[KoriaDesevis]

Yahoo is not the first to pull this stunt. At one time, Norton Internet Security (I think it was NIS2000, specifically) had known holes in the firewall component for different spyware applications. After enough people pitched a fit, they have since closed those holes (supposedly).

Re:This is not a first

[tolan-b]

The Slashdot story is misleading though. It implies that a special case is made for these two companies, and that the tool ignores them. What is actually the case is that the two companies 'products' are in the adware category (along with others) which isn't enabled for filtering by default.

It's not quite the same as the system refusing to remove them, they're just in the category that isn't removed by default.

Re:This is not a first

And that makes it cool? Obviously the reason they are in that category (which itself isn't removed by default) has something to do with their financial ties to them. Same shit, just dressed up differently.

Re:This is not a first

[LostCluster]

Really, this opens up a question of "Just what, exactly, is adware/spyware/malware?"

I remember a day when WeatherBug was a cool application being sponsored by local TV stations who basically used it to promote the WeatherNet equipment that they had invested in. No popups, just a few ads that mostly linked you to the TV station's website and sometimes had a picture of the station's weather team. Of course, now that thing is a pop-up crazy monster. But how can you say on which day was the day that this program suddenly turned "evil"... it's not exactly a binary state.

It's hard to ban software such as WhenU because the users end up agreeing somewhere along the line to a AUP/TOS/EULA that lays out exactly what WhenU is going to do. We need better standards for how such documents are displayed, but we can't exactly prevent people from agreeing to them if they really want to without taking out some programs that we like such as ad-blockers in the process.

Really, this is a game of blury definitions...

Re:This is not a first

[Overly+Critical+Guy]

A Slashdot story purposely misleading in order to generate knee-jerk page hits? Say it ain't so...

Re:This is not a first

[binarybum]

blury definitions yes, but that does not mean that there are not clear distinctions.

We can all tell the difference between the salvation army and a pawn shop.

Now if an app has a thousand ads attached to it but it makes you well aware that exposure to these ads is the "price" you pay for using it and you choose to continue using it anyway, then thats not evil, it is just an annoyance, and one that you have chosen to accept at that. If it secretly slips ads in after it is suppossedly a terminated process or if takes any action that cannot easily be stopped or that you were not made clearly aware of, then it's evil and it clearly smells evil (insert your "hey that sounds like windows" joke here).

Re:This is not a first

It ain't so.

Go back to kuro5hit or whatever.

Re:This is not a first

[rsilvergun]

But how can you say on which day was the day that this program suddenly turned "evil"...

I think it was a Tuesday, not very many people know that

If you don't get it, google for Animaniacs.

Re:This is not a first

[Xtifr]

Netscape 7.1 had a similar (though not as bad) thing: their popup-blocking, by default, didn't work on their site or that of some of their "selected partners". Unlike Norton, though, I think they're unlikely to change this in future versions (fortunately, I finally managed to persuade my brother to switch to firehyena, or whatever it's called).

Re:This is not a first

[TheUnFounded]

I think google nicely sums up what malware really is

Re:This is not a first

[The+Clockwork+Troll]

Come on, it is not the same shit.

There is a substantial functional difference between not enabling adware filtering by default, and outright preventing adware filtering.

Both are lame, but at least the former gives a nod to the observant.

Re:This is not a first

[Audity]

Really, this is a game of blury definitions...

I think Google's Software Principles would be a good place to start. I mean, we can just ban any software that doesn't meet these principles. Granted, things like WhenU would probably still be alowed (I havn't used it myself, so I don't really know), but from a standars point of view, Google's really has given us a good point to work from.

Re:This is not a first

[cgenman]

Yahoo's tool bar pop-up blocker has long been known to let Yahoo's advertisers through. The only difference here is in the maliciousness of the programs.

Re:This is not a first

[AstroDrabb]

What a troll. Where is this story being misleading? Yahoo! is up to crap IMO, that is one reason why I _never_ use yahoo.

Oh, and about your sig;

Everyone should respect the copyright of the GPL. By the way, the RIAA is evil for going after copyright infringers.

What one GPL app is suing thousands of end users for sharing code? The whole point of the GPL is to give end users more rights then what copyright gives. Obviously you are just trolling and don't have a clue about the GPL. Please give one example of where a GPL app tried to remove right from and end-user? The RIAA is always tring to remove right from end-users.

Re:This is not a first

[Cat_Byte]

Lets see.....you may redistribute this code as long as you do not modify it in any way? Sounds like removing the right to use open source code to create a better mousetrap (so to speak). Maybe I want to use portions of it to help with a ANSII-BBS to regular term conversion for graphics....no-can-do according to the GPL.

Re:This is not a first

[jred]

I would like to add ease of uninstallation. If an app purposely makes it difficult to uninstall, then it's doubly evil.

Re:This is not a first

[Ptraci]

Sure you can modify it! You just have to provide the source code for your modifications if you distribute it. I'm not a programmer and even I know that. Or are you just trolling?

Re:This is not a first

[AstroDrabb]

Man, you have no clue about the GPL do you? You can modify GPL code as much as you want. A corporation (end-user) can even modify GPL code for their own needs and never release those changes as long as they don't try to distribute those changes. So the fortune 500 that I am a senior programmer for can take any GPL app and use it internally and make any amount of changes we want without releasing those changes. You can take a GPL app and modify it as you please and keep it "top secreat". If you want to distribute those changes, the GPL states that you must also distrubute the code. If you don't distribute, those code changes belong to you only. Get a clue about the GPL before you try to put it down.

Re:This is not a first

[Mudcathi]

But how can you say on which day was the day that this program suddenly turned "evil"...

That would be the day I threw my laptop out the damn window.

Re:This is not a first

[Trepalium]

If it has to hide it's true function somewhere within 10 pages of legalese in the EULA, then it's triply evil. Drive-by downloads, on the other hand, particularily those that exploit bugs in IE should be considered viruses or malware by antivirus software.

Re:This is not a first

> take a GPL app and modify it as you please and keep it "top secreat"

But if you make it "top secret" isn't that restricting the rights of those people/employees who you intentionally distribute the app to?

I think any attempt to force GPL code to be internal only would be in violation of the licence.

Re:This is not a first

[cbiltcliffe]

I think any attempt to force GPL code to be internal only would be in violation of the licence.

What section? If you're so sure, why don't you post the part of the text of the GPL which would prohibit this?

Oh...that's right.....

You're just trolling....

Re:This is not a first

[SFBwian]

And here all this time I thought that sig was an ironic joke about stereotypes on slashdot.

Re:This is not a first

[goatan]

There is a substantial functional difference between not enabling adware filtering by default, and outright preventing adware filtering

There's also a big diffrence the adware blocking not being enabled and being enabled from the start, especially for the less tech savy.

Re:This is not a first

It's the bit of the GPL that says you can't restrict others' rights more than the GPL already does.

Someone gave you code, you modified it, if you give it to an employee in your company and said "You can see the source as GPL gives you that right, but don't give it to anyone else or we'll have to show them the source too. It's TOP SECRET!", that's restricting the rights granted by the GPL code.

Am I imagining this? Don't have time to read the GPL at work. Where's ESR to clear this up when you need him?

Re:This is not a first

[poot_rootbeer]

It's hard to ban software such as WhenU because the users end up agreeing somewhere along the line to a AUP/TOS/EULA that lays out exactly what WhenU is going to do.

Do they? Back when I was a foolish IE user, I used to end up with WhenU installed on my system every few weeks, and I know I wouldn't have agreed to their EULA if it were presented to me.

Best I can figure, the installation was kicked off when I clicked the "close" icon on a Flash overlay ad. Can "go away" be reasonably interpreted to mean "okay"?

The one good thing I will say about WhenU is that their website contains useful instructions for manually removing their software, since their uninstall program is usually too broken to do the job itself.

Re:This is not a first

[eathan13]

...and you also agree to accept periodic updates which may or may not include software or software elements that may or may not require updates of their own. You agree that these updates may require installation of further automated update software for the software or software elements to function properly.

You understand and agree that removal tools provided with this installation are designed to remove only the branded piece of software you're aware of and that other "rider" software may require separate removal.

You further agree that automated updates, while part of the functionality of the branded software you know about, are also required for the continued functionality of the "rider" software and that system instabilities may ensue if removed. You agree that it is in your best interest that we leave it running in the background even after removal of the branded software.

And lastly, by clicking below, you agree to permanently reset your homepage to hotwetpanties.com.

Re:This is not a first

It's in the GPL FAQ, maintained by the FSF.

Is making and using multiple copies within one organization or company "distribution"?
No, in that case the organization is just making the copies for itself. As a consequence, a company or other organization can develop a modified version and install that version through its own facilities, without giving the staff permission to release that modified version to outsiders.
However, when the organization transfers copies to other organizations or individuals, that is distribution. In particular, providing copies to contractors for use off-site is distribution.

Dear Users

[Letter]

Dear Users,

Why would I install a "toolbar" to clean out spyware? Shouldn't I use an application dedicated to that?

-Letter

Re:Dear Users

[bircho]

In fact, linux is the best "anti-spyware" i know.

Re:Dear Users

I bet U do. U just dont know it. Oh and watch your language or I'll tell your mom.

Re:Dear Users

[PhoenixFlare]

Don't delude yourself. If ever Linux gets anywhere near the marketshare and desktop userbase that Windows has, somebody will exploit it.

And that's to say nothing of the fact that switching from Windows to Linux to avoid spyware would be massive overkill. Plenty of easy to use, effective, and free anti-spyware Windows tools out there.

Re:Dear Users

[Master+of+Transhuman]

You don't have a Net connection?

You just own the Windows CD and haven't actually installed it on anything yet?

Moron...

Re:Dear Users

[|<amikaze]

People are already trying. I've had several pages attempt to install .xpi files onto my computer. In Linux!

Re:Dear Users

[bircho]

I should write more about it... to be fair, i could moderate myself flamebait for that comment.

Of course somebody WILL exploit it. But linux security model is far better than microsoft one. How long before bugs get patched? ActiveX? Word Macros taking over the system? But, yes... i'm a zealot...

Re:Dear Users

[Cat_Byte]

Yeah if only we could spread the word to ppl & get them to STOP using root as the login/pw on the console. Its always nice to do some consulting & find a # prompt to make your work easier. Next step, get the ppl on the old default installs of *nix to turn off the damn open relay on sendmail. I'm tired of the spam I get tracing back to an open relay *nix system. So basically...it's capable of being more secure. Being up to the end users......we're doomed. I dual boot myself. I love both since I'm a pc gamer/admin/security admin. 1/3 Windows in my equation.

Re:Dear Users

[Lord_Dweomer]

"Why would I install a "toolbar" to clean out spyware? Shouldn't I use an application dedicated to that?"

Actually, I think it could be quite useful if I had a button on the toolbar in Firefox that let me run a Spybot and Adaware scan all without leaving my browser. I mean, I agree I'd like dedicated software to handle it, but when you think about it, this is software that directly deals with the internet, and in order to help the mass amount of clueless users, I think it would be quite a good interface move to install a button in IE or something that ran the software in the background or something.

Re:Dear Users

[Delphiki]

Does that make Wine anti-anti-spyware? And by the way. Even though this is slashdot, not every thread is about Linux.

This is a farce...

[BodyCount07]

Claria is one of the most prevalent and intrusive spyware programs out there. It's a major omission to not handle it.

This just shows yet another benefit of open source software. When a publicly traded corporation is solely behind the development of a closed product, don't be suprised when they try to protect their interests, at the consumer's expense.

Re:This is a farce...

[gcaseye6677]

It doesn't necessarily require an open source application to clean spyware off your computer. It just requires a company to produce software for the purpose of keeping your computer safe and running well, as opposed to creating it for the benefit of hidden advertising deals (I assume Claria gave them something for not removing their crap). The best way around this is to use multiple spyware scanning tools (Spybot + AdAware, for example). Claria probably won't make a deal with all the spyware remover companies.

Re:This is a farce...

[LostCluster]

How exactly would having the source being readable change this situation. Claria/Gator is in the settings ready to be blocked... it just starts unblocked in the default setup.

I think this is just a side effect of Claria's lawsuits going after any body who calls them bad names such as "spyware". Yahoo's willing to block them, but they don't exactly want to take on this legal fight.

Maybe the best compromise is to leave everything unblocked by default... and then the start-up wizard can allow users to click on the blocks one-by-one with a nice easy "select all" available if they'd rather bypass that step. Something along the lines of "Submitted for your approval... these are the programs that in our opinion are worth blocking, do you agree?"

Re:This is a farce...

The best way around this is to use multiple spyware scanning tools

Now I've this picture of each cleaningware (oh shut up, if you can call everything xxxware so can I) thinking all other cleaningwares are spyware, so now you're spending half your time installing programs, and the other half installing and running cleaningware to wipe out the adware and spyware from those programs.

Maybe you'll need to get an installware to help you out with all this. But then it's best to run multiple installwares so they can keep an eye on each other... Don't be surprised to see blood leaking off your computer.

Re:This is a farce...

How exactly would having the source being readable change this situation.

Are you being thick on purpose? If the program was open source with, say, GPL, then someone could take it and compile and distribute their own version where Claria/Gator would be blocked by default.

Yahoo?

[HBI]

You mean that thing that was really cool back in 1995 but has become the net equivalent of a tourist trap?

I haven't even visited the site in years, literally. Do people still use that? Between the slanted stories on the front page and the increasing use of flash on the site, they drove me away a long time ago.

Re:Yahoo?

[DrEldarion]

The site is still a great resource, but I haven't used it as a search engine in god knows how long.

Their news section is fantastic (although Google's is admittedly better), their webmail is the best I've ever used, and they have a great movie section that shows reviews, showtimes, etc.

Sucks as a search engine, but it's actually a pretty good "portal".

Re:Yahoo?

Between the slanted stories on the front page and the increasing use of flash on the site, they drove me away a long time ago.

Yeah it sucks now. I only use it for my email (until I get gmail) and the yahoo groups are pretty good. One of the best sources for Rio Natsume bikini pics.

Re:Yahoo?

[dmoore]

IMHO, Yahoo Maps beats the pants off Mapquest and MSN maps, mostly because of its decent integration with Yahoo Yellow Pages.

Re:Yahoo?

[gad_zuki!]

Yahoo is a great resource.

I use:

Yahoo movies. Listings, reviews, etc.

maps.yahoo.com

yp.yahoo.com yellow pages

yahoo groups

yahoo mail (you can actually get *gasp* POP3)

yahoo's messenger does video and sound now.

and now they're using Overture's search tech to do web searches. Make no mistake about it, the Overture/Alltheweb.com system rivals google and beats it in a few places. When I can't find something with google I usually find it with Alltheweb.com.

I'd say yahoo is stronger than ever, a few years ago I thought they were going to fold. Granted, the shady practices aren't helping any, but they are far from Microsoftian ethics.

Re:Yahoo?

[HBI]

This is sort of a parallel to the RIAA issue - I refuse to use because I dislike what the site has become. Ditto, I won't buy cds new because of the same issue. There is no 'used Yahoo' market, unfortunately.

Re:Yahoo?

[Yahoo's] webmail is the best I've ever used...

Damn, that's pathetic. Unless you like the flashing Horoscope buttons every time you look at your email...

You should check out a serious webmail provider, such as Fastmail.FM. I have been a happy customer for over two years. Tons of features and absolutely nothing on the page that doesn't have to do with your ability to gain information about and control your email.

Re:Yahoo?

[aardvarkjoe]

Between the slanted stories on the front page and the increasing use of flash on the site, they drove me away a long time ago.

Given that you're still here, I take it that the use of Flash is the primary reason?

Re:Yahoo?

[BigAl_nz]

I haven't even visited the site in years, literally. Do people still use that?

In a word, yes. Yahoo is still one of the most popular sites on the Internet, even if you don't think so.

Re:Yahoo?

[puck01]

their webmail is the best I've ever used

As someone who uses yahoo mail occasionally (mostly for throw away email addresses) and now uses gmail, I think google's email will be considered far better than yahoo's once it is publically available. I'm curious to know if you've had a chance to use gmail and still feel yahoo is better.

puck

Re:Yahoo?

[austad]

No, Yahoo is one of the most popular sites among people that don't know how to uninstall Alexa.

Re:Yahoo?

[red+floyd]

their webmail is the best I've ever used

You haven't tryed MyRealBox, have you? Plus, MyRealBox is by Novell, who I suspect that most /.ers want to support.

Re:Yahoo?

yahoo email is great.. spam free for nearly 2 years.. can't say that about any hotmail or most other accounts i've tried.

Re:Yahoo?

[88NoSoup4U88]

No offense to you, everyone to his/her own opinion : But Yahoo, a 'good portal' : Their frontpage , in my eyes, only gets worse once you login :/

Re:Yahoo?

[hendridm]

their webmail is the best I've ever used

Best you've ever used for *free* maybe. POP is soooo 1990's. Actually, they have a very robust webmail interface and their spam filter seems quite good, but I get more spam there than any other account so I suppose it has to be. I'd rather read my e-mail from a 'net-enabled calculator than POP it.

fastmail.fm
mailsnare.net

Re:Yahoo?

It's also very popular with SCO-haters, considering the number of links to finance.yahoo.com we see in every SCO story on slashdot.

-hadohk

Re:Yahoo?

[jfengel]

I use my.yahoo.com as my general news source, and I find that quotes.yahoo.com is a more friendly way to keep track of my stocks than my broker. I visit each several times a day.

But I haven't visited the main page in quite some time.

Re:Yahoo?

>people that don't know how to uninstall Alexa

I knew that name sounded familiar. A few weeks ago I was trying to lock IE down a bit more, so I was exploring its functionality. I discovered "tools > show related links", which opens a window that says "powered by Alexa" and invites you to upgrade to the full version. I want to know how it got on my system in the first place. I know for a fact that I never downloaded it...

How do you uninstall Alexa? I can't find anything in the registry or my hard drive that contains the name. :(

Re:Yahoo?

[Kris_J]

I haven't even visited the site in years, literally. Do people still use that?

I use Yahoo for two things; News (via Google and Fark) and currency conversion. That's it.

I remember when it was just a table of contents for the Internet. You used to be able to find whatever you wanted just by wandering through the directory. Those were the days...

Re:Yahoo?

[Kris_J]

their webmail is the best I've ever used

Huh? SquirrelMail is better than Yahoo. Yahoo's webmail is just a standard example of a bloated commerical webmail installation.

Re:Yahoo?

[Kris_J]

They've stopped accepting new accounts. I currently recommend SpyMac.

Re:Yahoo?

[ilyag]

Overture takes payment from sites that want their rating increased, correct?

I'll stick with Google, if only to make a point about a business practice...

Re:Yahoo?

[Kris_J]

I'm curious to know if you've had a chance to use gmail

You giving out invitations?

Re:Yahoo?

[UncleFluffy]

I use Yahoo for two things; News (via Google and Fark) and currency conversion. That's it.

Here you go, 50% reduction in yahoo use and the url's easier to type

Re:Yahoo?

Overture has nothing at all to do with position of entries in the web search, Overture results are listed seperatly from web results.

The Overture system is almost the same as the google adwords system.

Re:Yahoo?

[Ilgaz]

"As someone who uses yahoo mail occasionally (mostly for throw away email addresses) and now uses gmail, I think google's email will be considered far better than yahoo's once it is publically available. I'm curious to know if you've had a chance to use gmail and still feel yahoo is better."

I am also curious to know what does this post do at yro.slashdot.org . Google offers 1 gb in sake of your PRIVACY. They are already sued. Let me tell simple way, Google servers will "read" all of your mail and analyze them. They have ex NSA employees too.

There, first hit from Google news search (heh heh, on purpose) http://www.kansascity.com/mld/kansascity/business/ technology/8821126.htm?1c

I didn't have anything against google, I just used fast.no but when damn browser authors started to make Google search default, even on Mac, it started to get on my nerves.

Re:Yahoo?

delete
c:\windows\web\related.htm

or better yet...
open the htm in notepad and change the url from the msn click track redirect (takes you to alexa )to googles related feature

http://www.google.com/search?q=related: www.slashdot.org

or stick this in that related.htm file

<script>
var sUrl = external.menuArguments.location.href;
var sRedir = "http://www.google.com/search?q=related:";
if (sUrl.indexOf("http://") != 0)
{
sRedir+="secure or offline site";
} else {
sRedir+=encodeURIComponent(sUrl);
}
external.men uArguments.open(sRedir, "_search");
</script>

no MSN or Alexa privacy breaches involved
enjoy

Re:Yahoo?

[arkanes]

If you don't think that your current mail provider "reads" your email you're sadly mistaken. Unless you've got no spam or AV filtering. Good spam filtering analyzes messages at least as much as gmail does. Your privacy isn't at risk - at least no more than it already was, considering that you're using an unsecured medium (HTTP) for access to unencrypted communications (email) over an unsecure protocol (SMTP), with all the communication happening on servers you don't control and in fact probably don't even know about. Every email provider on the planet has at least as much access to your email as gmail will - it's a matter of who you trust and what you're comfortable with.

If you don't trust Google thats fine, but don't fool yourself into thinking that they're doing anything out of line as far as email goes - it's nothing more or less than any other provider already does.

Re:Yahoo?

I haven't even visited the site in years, literally. Do people still use that? Between the slanted stories on the front page and the increasing use of flash on the site, they drove me away a long time ago.

I see the home page about once a quarter, if that... instead, I have a my.yahoo.com account set as my home page. On there, I get aggregated news feeds, a place to store bookmarks that I want easy access to (e.g. my daily web comics), and a bunch of other useful tools.

my.yahoo.com is probably one of the things that they're doing (mostly) right.

Re:Yahoo?

[Ilgaz]

Reading is one thing, Analysing is another. So, when a badly coded dll scans your habits and show relevant ads, its called Spyware, Google does same thing and its not.

That fanaticism of Google kills me. OK, its cool, they run Linux , largest documented beowulf ever but there CAN be a thing they do bad.

Its your privacy imho. And shadowy workers (ex NSA so on)

Re:Yahoo?

[puck01]

actually...i've been getting so many lately i'm not sure what to do with them....

Figures.

[Kid+Zero]

Wonder how much they charged for that little "Feature" to Claria and whomever. It would be very Microsoft of them.

Re:Figures.

[starphish]

I love that "Microsoft" is a recognizable adjective that can be used in the place of "unethical" or "evil". This could be a sign of the beginning of then end for them.

Re:Figures.

This could be a sign of the beginning of then end for them.

What do you mean, beginning?!?! This started years ago.

Re:Figures.

[Geoffreyerffoeg]

$0, which is sufficient when compared to the money lost when they're (threatened to be) sued for libel by classifying Claria as spyware. Gator's complained about that before.

Not Microsoft in particular, just business sense over altruistic morality.

If true...

[moehoward]

If this turns out to be true, then Yahoo! is a bunch of scumbags.

However, given the nature of recent Slashdot stories, my skeptic-radar is on high alert (Alert Level Orange for you youngsters out there).

Re:If true...

[DeXtroMe]

Actually I believe it's alert level Ernie for the youngsters...

Re:If true...

Consider that Yahoo! allowed pop-under advertisement from X10 to plague their network. They were scumbags long ago.

Yep

[weekendwarrior1980]

There'a always a catch, I think this might be true with AOL's spy blocking software too. After all they are "corporations" with an obligation to their shareholders. Advertizing makes a chunk of their revenues, and they aren't going to choke that golden goose, are they? For now I am sticking with Adaware.

Alarming or Business As Usual?

[fembots]

Should we take this news as a shocker, or is it somehow expected in commercial sense? Yahoo can probably claim those businesses are not considered spyware from its point of view, hence no removal.

And how long? How long before we start seeing Anti-Spam filters have built-in mechanism to let associates' spam emails through, even if you blacklisted them.

Re:Alarming or Business As Usual?

[geminidomino]

Depends on whether it's disclosed or not. If there's no notification short of checking manually, then it's pretty sleazy. If they do disclose it, well, their software, their rules.

no surprise

[bizpile]

I hope this doesn't surprise anyone. Seeing as how altruism is rarely profitable, this is exactly what I expected to hear sometime about an adware removal program.

Kekeke ^___^

[billybob]

Yah I actualled LOL'd at that one. Even though it's not technically yahoo's story, it's funny that it's on their site. :)

Re:Kekeke ^___^

Another fucking anime loving would-be Japanese white boy faggot. Dude, high school girls say "kekeke". Grow the ever-loving fuck up and stop talking like a faggot.

Re:Kekeke ^___^

[ruckc]

LOL'd??
Lots of laughed...
I LOL'd...
I lots of laughed...
i think you forgot 'had' or some other word.

Just me being picky

Re:Kekeke ^___^

[19thNervousBreakdown]

Laugh Out Loud

Re:Kekeke ^___^

[ruckc]

oh

Re:Kekeke ^___^

OK there was nothing gay in his comment. Stop your gay fantasies over this guy & quit making us read about how you want him to be a gay white guy. Seriously....didn't you learn in gradeschool that calling ppl gay at random for no reason makes ppl wonder why you think about fags all the time?

Re:Kekeke ^___^

[IncohereD]

so technically, it should still be LedOL. Similar to RsBI. Or Attorneys General.

Only impacts Microsoft Windows users

[XavierItzmann]

No known commercial spyware for OS X or Linux

Re:Only impacts Microsoft Windows users

[karmatic]

Actually, I've come across 3 spyware XPIs so far. One of them simply downloaded their .exe, ran it, and installed their IE spyware on your system.

The other 2 actually manipulated the Mozilla DOM, and as they were written in java, they can work just fine in OS X, or Linux.

Re:Only impacts Microsoft Windows users

[mlk]

Thats only cos SF.net rejected my project :(

Re:Only impacts Microsoft Windows users

[DrLZRDMN]

Only impacts (stupid/old) Microsoft Windows users ^ would be more accurate. I've never had a problem.

what about old smart Windows users, you seem to be implying that old users can't be smart.

Re:Only impacts Microsoft Windows users

[Jord]

I would be very interested in knowing about these Java spyware programs you refer to. I have never heard of any spyware that can run in a browser that is written in Java. With Java's sandbox I find it very hard to believe that someone could come up with any spyware that would work behind the site that hosted the code.

Re:Only impacts Microsoft Windows users

[karmatic]

Blech - I misspoke (way too tired - stupid 32 hour coding sessions).

Anyhow, Mozilla uses XUL, which is syntactally similar to Java. XUL, by design, allows manipulation of the Document Object Model (DOM) of the browser, which is what allows form filling, ad blocking, etc.

Anyhow, the 2 non-IE spyware work by basically shoving an evil JavaScript (probably where I got java from) script into every html page that is loaded. As I didn't actually _run_ them, I have no clue what the javascript does.

Re:Only impacts Microsoft Windows users

[RzUpAnmsCwrds]

Hmmm... if you were writing crapware, would you target:

- 95% of desktop users
- 4% of desktop users
- 1% of desktop users

And, would it be more efficent to:

- Spend money on getting your crapware in more products
- Spend money on porting your crapware so you can reach the other 5%

Now, Windows has some fault (the "drive-by-download" flaw in IE, thankfully corrected in SP2), but the reason that Spyware is written for Windows is that it is the easiest way to reach the broadest audience.

Trust me, whether or not you have admin privelages, spyware can exist on the Mac.

IE happens to be particularly "extensible", making it easy to add toolbars and other crap. However, it's not exactly rocket science to display advertisements using Safari and a background process.

Re:Only impacts Microsoft Windows users

maybe you could show us the url/code so those that do understand JS can take action against it

Is anyone surprised?

[andalay]

Why would anyone bite the hand that feeds them? Unless they have more than one hand :)

Gotta say it...

[dev32810]

1) Write spyware
2) Team up with Yahoo!
3) ???
4) Profit!

Re:Gotta say it...

[spyrral]

3) Charge clients for advertising their product to unfortunate fools who download your application.

Ever had an original thought? You should try it sometime!

Scumbags!

Guess they are feeling the pressure of the upcoming Google IPO....

Next Headline

[Snoopy77]

Yahoo! News disfavors Yahoo! Anti-Spy

Yahoo! Mail Spam Filter

[lexbaby]

Just like you can't report Launch.com e-mail to your Yahoo! mail account as spam. Of course, Launch.com is actually part of Yahoo! now.

Re:Yahoo! Mail Spam Filter

Except Launch.com email isn't spam. You opted-in to get that e-mail, and you can easily opt out.

Wait a tick!

[thewldisntenuff]

Ook, let's hold on a minute...AND RTFA (Again)! Yahoo's toolbar uses PestPatrol for its' spyware application, and even the article states that "On its Web site, PestPatrol does categorize software from Claria as adware." But later states that - "In a test of PestPatrol's free, online scanning tool, eWEEK.com confirmed that it does detect the presence of Claria's GAIN software automatically." Hmph, I says...I don't think (I dunno, maybe I'm not into the /. conspiracy theory mentality yet ;) ) Yahoo! is behind this, it smells like an issue with the PestPatrol software....But who knows? Not everyone is out to get us, people....

Re:Wait a tick!

[BCW2]

And you don't think that Yawhore would have it customized for their own puposes?

Re:Wait a tick!

[LostCluster]

And we also know that Claria is very agressive in suing anybody who dares classify them as "spyware"... so PestPatrol's decision is likely one of lawsuit-avoidance than an in-the-pocket protection.

Re:Wait a tick!

Not everyone is out to get us, people...

How can I know you're not here to fool us into a false sense of security? Hmm?

-hadohk

Re:Wait a tick!

[Lord_Dweomer]

" And we also know that Claria is very agressive in suing anybody who dares classify them as "spyware"

Sounds like a perfect candidate for a Googlebombing campaign. So say it with me everybody, Claria is spyware!

Well... it is a proprietary closed source program

[Pope+Raymond+Lama]

I would not expect any other behaviour.
As a matter of fact,I find hilarious that one justifies that his own computer is "clean from spyware" because he runs a closed source gratis program.

Indeed, it is self-contradictory to run a closed-source program of this nature, just as it is at least risky run a closed source program of any nature if one is concerned about spyware/leechware/trojans/viruses at all.

So what? You should be using multiple tools anyway

[lewko]

There is no magic bullet in online security or single tool that gets rid of all the threats. Users should make a point of using multiple redundant tools, even if they ostensibly perform the same job.

Some antivirus or anti-spam software may not detect a virus/spam that its competitors do, but the next day the situation is reversed. Which one is better? Ditto anti-Spyware. Install the Yahoo toolbar if you think it will help. You should still use other tools though.

If the suspicions raised in the article are true however, I do think there is an ethical question here that should play some part in your decision.

Damn, I was hoping

[Prince+Vegeta+SSJ4]

that they left in the ever welcome Bonzi Buddy

For those who don't read the article.

[Galaga88]

Gator/Claria is classified as 'adware' (as opposed to spyware) by the toolbar, and all adware by default is not blocked.

The toolbar will block them, it requires users clicking on a checkbox somewhere in the options. This makes it just a bit less sleazy.

And,

[abscondment]

Additionally: In a desperate attempt to fuel Yahoo's status as a search engine, the new Yahoo! toolbar blocks google.com via the hosts file...

Or not.. :)

spyware vs. adware vs. software

[The_Bagman]

The main problem with all of this is "where do you draw the line between spyware, adware, and software?"

Unlike viruses or worms, it's not at all clear where the line is between "good" and "bad." It may be that Claria has a valid business model, in which case they have a strong case that their software shouldn't be lumped in with the likes of clientman, or other truly nasty spyware. Certainly, their business model is not illegal today. (Of course, I personally don't like it, and would never use their software.)

Should Yahoo include "windows update" or "redhat update network" in their list of spyware?

Re:spyware vs. adware vs. software

[robochan]

The main problem with all of this is "where do you draw the line between spyware, adware, and software?"

Simple. I can manually install and uninstall software - no hiding behind cryptic EULAs or piggy-backed with another app. When I'm not telling windows update to run, it's not running, same for redhat update network. That's not the case with spyware.

If Claria wants to claim to have a "valid business model", they can put out an app that I can download and install on my own if I want to. Until that time, they can go fuck themselves.

Re:spyware vs. adware vs. software

[t1m0r4n]

Unlike viruses or worms, it's not at all clear where the line is between "good" and "bad."

Personally, I draw the line in the "Add/Remove Software" control panel. If the app has a clear definition and can be removed as easily as a legit piece of software, then it is alright by me. (This also implies that it was voluntarly installed as any other piece of software, i.e. went to download.com or similar place and selected the software based on an honest description to fill a users need.) I have no idea why someone would volunteer to have a computer used as a spam relay or be subjected to endless pop ups, but if that's what people want, so be it. But it should also be easy to remove without the use of extra software.

The mere idea that special software is neeeded to remove the junk, and, yet, no one is being prosecuted makes me very very angry. However, as I haven't had a personal computer infected with anything in a few years, I don't have anything to go.

Re:spyware vs. adware vs. software

[WCMI92]

"It may be that Claria has a valid business model, in which case they have a strong case that their software shouldn't be lumped in with the likes of clientman, or other truly nasty spyware. Certainly, their business model is not illegal today. (Of course, I personally don't like it, and would never use their software.)"

Stealing someone's car (because they didnt' read the fine print and agreed to it in an obscure line where they signed a credit card slip when buying groceries) and turning the windshield into a big pop up ad might be a way to make money, but it does not make it desirable or necessarily legal.

Spyware/Adaware is out of control

[Cyris]

These applications are out of control. To trick a user into installing (and sometimes, installing without asking) software that slows down the machine and floods them with pop up windows is worse then spam. At least with spam, you can delete it quickly.

In addition to this, I cannot count the number of times family members or neighbors have called me up asking for me to help them remove TONS of this junk from their machines. Its even worse when you have to update software just to remove the junk that has been installed. Some of these applications even force you to install other software to remove the offending software. This is ridiculous.

People trust Yahoo. For Yahoo to put a program out there on the market, and do this kind of thing on purpose? That is a pretty crappy thing for a company to do. I have lost what little respect I had for Yahoo..

Cyris

What goes around, comes around.

Re:So what? You should be using multiple tools any

[Cyris]

This maybe true, but are you saying that you accept the fact that these companies are not held responsible for creating software that can take over your PC? These programs are a virus.

Cyris

What goes around, comes around..

Insidious, sure...

[Atrax]

... but not entirely unexpected or illogical. They wish to protect their bottom line, after all, which is what all mega corporations are required to do to compete. Look at it from the point of view of the heartless corporation. ;-)

Of course it also means there's one more IE toolbar onto our 'banned' forever list. we used to allow the yahoo toolbar. >sigh

This toolbar sounds great!!

[the_rajah]

I can't wait to install it on my Konqueror browser.

"Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain

It found Claria and removed it for me

[uvince]

The first (and only) time I used this product to scan for xx-ware it found Claria and removed it.

What I am I doing right/wrong?

Re:It found Claria and removed it for me

Telling the truth. You're on Slashdot, remember?

Yahoo anti-spy ware

[yoder]

It should not surprise anyone that Yahoo cannot make anti spyware. Once the sales team gets their sticky little fingers on anything you can kiss functionality goodbye.

Decent anti-spyware

Cant we make anti-spyware apps that flood the spyware collection systems with LOADS of useless data?

Kinda makes spyware apps useless if they have to spend $$$ on extra bandwidth to handle the new data and $$$ on CPU Cycles to sort through the Krud.

hehe - and then watch as a new business of "anti-flood" filters are built for the spying companies!

Spyware has ruined a whole sector of free software

[bnavarro]

Namely, "fun/amusement" applets -- think applets like "XEyes". Yes, I will admit, when I was in college I used to get a kick out of running things like "BartEyes" (A Bart Simpson knockoff of XEyes), and although I have outgrown them, My mom still likes her "Felix", a cat that walks around on her screen.

Felix is the last amusement applet I will ever let my mom run. I only let her run it now because it predates spyware being trojaned into these little applets. Today, I don't trust ANY fun/amusing "applet" because IMO they all potentially carry a spyware payload.

Sadly, I have noticed that this trend of spyware payloads has begun to move itself into mildly useful, free utitlity applets as well -- I have heard of a weather reporting applet and a time server synchronization applet carrying nasty payloads. I suppose it won't be much longer before the majority of nifty utilities from places like tucows.com are suspect.

I think sometimes that we live in sad times.

Can I speak for everybody

[LS]

when i say, "NO DUH"??

LS

Re:EULA

[abscondment]

This also bleeds into the issue that people have with EULAs: No one ever reads them.

The GAIN Trickler and other similar programs are very often installed legally and volutarily by users themselves. Oftentimes installing the software is predicated upon accepting these "malicious" programs. If a user has in fact agreed to install software, it may be (and yes, I'm playing the devil's advocate here) a perfectly logical step to avoid uninstalling it.

Imagine if the toolbar uninstalled program updates, patches, and other things automatically installed. We'd hate it. Of course, we're only complaining because it's not doing what we want; however, I don't think we should freak out at Yahoo. The program still operates within the scope of its definition.

Is it possible that...

[mealtime_warrior]

Yahoo, in its *supposed* partnership with Gator (I prefer the old, more descriptive name) and WhenUClick, is participating in some twisted plot to eliminate all other spyware/adware programs. With no competition, Gator could become the unstoppable Big Brother.

does not favor Yahoo's partners

slashdot is really really losing it. I've seen
more FUD this week than I've seen all last month,
maybe all year.

The tool does not favor "Yahoo's partners", as a
*30 second skim* of the f'in article tells you.

It simply doesn't scan adware by default. If
you click the box to scan adware, it does detect
Yahoo's partners products. The article isn't
clear on whether the product removes the adware.

The controversial part, read carefully now, is
that it detects *spyware* by default. It's
*adware* that isn't detected by default. They
shouldn't do one and not the other. I'm sure
I speak for all consumers here when I say, no
consumer, not a one, cares about the distinction.
(And the distinction is fuzzy at best anyway.)

Their product favors "adware", and some "adware"
producers are Yahoo partners. It's not as if,
like the slashdot article tries to imply, that
some adware is detected but not Yahoo's partners'.

Re:does not favor Yahoo's partners

The controversial part, read carefully now, is
that it detects *spyware* by default. It's
*adware* that isn't detected by default. They
shouldn't do one and not the other.

No, the controversial part is that some code which is clearly spyware is labelled adware, which is then not detected by default.

The code in question is Gator, which is definitely spyware (It's about the most famous spyware out there!) and GAIN. GAIN is arguably adware, but according to the article it's classified as spyware by PestPatrol, the people who make the engine for the Yahoo toolbar. This suggests that Yahoo changed it to adware.

Putting your business partners' code into the "not cleaned by default" section when it shouldn't be certainly does qualify as favoring those partners!

Watch it now...

[johnny_sas]

You're not supposed to call Gater (or whatever) spyware, or those suckers will sue!

Re:Watch it now...

[trewornan]

I like "scumware" better anyway.

No need for spy/ad-ware removal tool...

[Soulfarmer]

It's like email viruses. You only get infected if you act like you don't care about getting infected. OR, if you act stupid. For about 4 years I have run Ad-Aware maybe a 4 times, and all I get as a result is few tracking cookies. And I Do use the internet more than average, I can tell you that. But then again, I am european ;)

People get spy/ad-ware by doing stuff on the net. It's like walking in desert and finding oneself being thirsty but alas no water to drink.
Anti malware tools are like that water in the desert. Byt who the heck told you to go into that desert.

If you don't know what will happen from "yes", don't click on it. Preferably don't even click on "no". Kill the process :)

Off-topic? Goes with the motive, your honor...
(Nightshift and nothing to do, I admit)

Re:No need for spy/ad-ware removal tool...

[SamNmaX]

It's like email viruses. You only get infected if you act like you don't care about getting infected. OR, if you act stupid. For about 4 years I have run Ad-Aware maybe a 4 times, and all I get as a result is few tracking cookies. And I Do use the internet more than average, I can tell you that. But then again, I am european ;)

This is not true. I personally managed to get adware on my system through bearshare before adware became as well known as it is. While you can only take my word for it, I do know very well what I'm doing with a computer, so it was not out of the type of ignorance you imply. I also just had the fun of cleaning up a ton of spyware a friend of mine got, who knows very well of adware and habitually clicks the 'no' button when it asks to install an ActiveX control, but accidently hit 'yes' once and found his system crawling with the crap.

These programs are trojans. While in some cases they make it 'known' what is being installed (as in, say, the adware version of DivX), they often are snuck in either through freeware or through ActiveX. While with email, you have to make at least a conscious effort to load that attachment, adware can hit even the best of us.

Re:No need for spy/ad-ware removal tool...

I disagree. Ever hear of the pup trojan/spyware/virus? Got it when I was trying to look up lyrics to a song. I hit "no" or "cancel" to every pop up that comes my way, but I still managed to get infected.

Re:No need for spy/ad-ware removal tool...

[peezer]

the thing is, even "legitimate" programs like AOL IM are loading us up with this crap... We can simply never install any new programs out of fear of getting infected, or we can just run spyware cleaning apps on occasion and enjoy all the wonders of sub-par chatting applications.

Re:No need for spy/ad-ware removal tool...

[poot_rootbeer]

People get spy/ad-ware by doing stuff on the net.

Your inference that people should avoid spyadware by NOT doing stuff on the net seems a little impractical to me.

The smartest thing you can do to avoid getting a malware infection is to use a sane browser as your prophylactic. Firefox is like a reliable name-brand condom; IE at its highest security setting is a no-name rubber out of the vending machine in the men's room. IE with default security settings is no better than covering yourself with Saran wrap.

News Flash...

[keiferb]

Large corporation provides special treatment to those who give it lots of money... film at 11:00.

yawn.

I think this is what Google meant when they said

[santos_douglas]

"don't be evil" for anyone who didn't understand it at the time.

Dear God

[rcastro0]

Give me the patience that I need
To keep my piece of mind,
And with life's cares, I hope, Dear God,
Some happiness to find.

Let me google but for today,
Not worrying 'bout Ads ahead,
For I have trust that You will see
Gator and friends, all of them dead

Give me the courage to face the web's trials
And not from adware or spyware run,
Let me keep this thought in mind,
"My will, not Yahoo's, be done."

Oh I miss the yahoo I knew.
http://web.archive.org/web/19970201021647/h ttp://w ww3.yahoo.com/

Re:Dear God

[evilviper]

Oh I miss the yahoo I knew.
http://web.archive.org/web/19970201021647/h ttp://w ww3.yahoo.com/

Yes, they've steadily added cruft. However, you can bookmark http://seach.yahoo.com and get a version even more crap-free than the original.

Re:Dear God

[evilviper]

GAH! that's supposed to be http://search.yahoo.com

Re:This is not a first - even for Yahoo

[robochan]

Wasnt it Yahoo that changed the "subscription" settings on all their current (at the time) email users to have them "opted-in" to all their spam partners not too long ago?
Fool me once...

Anybody remember AllAdvantage?

[LostCluster]

AllAdvantage.com was one of those late-90s .com's with an incredible business plan that turned out to in fact not be credible enough to last. For those who never heard of it, it was the idea that users would run a "toolbar" on the bottom of their screen at all times, and then the company would send the users a monthly check for their cut of the ad revenue for the ads they were exposed to.

Sure, this was adware to the nth degree... but all of the users either knew or should have known what they were getting themselves into and they were on the financial take for their part in the scheme.

Of course, the major anti-malware products weren't around back then to weigh in on their opinions on these things. But, it's an interesting call. Nobody was ever tricked into installing this program, so would it be the duty of an anti-malware program to attack such a program, or just let it be?

Re:Anybody remember AllAdvantage?

[Lehk228]

leave it Be, removing it would be like removing fdisk because deleting a partition can be malicious. something like that is a program which the user chose to be a part of, now if it puts hooks into the system or otherwise messes things up than go ahead and rip it out, I used the spinway ad banner funded dialup access for quite a long time several years ago.

Re:Anybody remember AllAdvantage?

[JazzXP]

Actually, I signed up to this, managed to score $30 Australian dollars, which back them worked out to probably around $0.50 US :-) The good thing about it was you could turn it off if you didn't want it.

Motivations...all comes back to motivations

Yahoo as a corporation is motivated -- through contracts -- to not ding partners. In general, open source projects are not. Any obvious dammage -- *XFree* -- is routed around -- *X.org*.

The more I look at the market, the more Stalman's position makes sense (though I'm still not 100% there).

And Spy-Bot

[antdude]

http://www.safer-networking.org/

Re:I think this is what Google meant when they sai

What exactly does "don't be evil" mean? Google bans WhenU.com from their search results (go on, search for whenu or whenu.com), but Jew Watch comes up when you search for "jew". In your judgement, now what should they do? Put WhenU back in, remove Jew Watch, or remove Claria.com, too? I bet Google does none of the above and instead just continues to collect money from the "The Gain Network results" Claria ad that appears when you search for "gator".

Absolutely untrue

[Chairboy]

This is wrong, NIS did not make holes in the firewall for spyware. NIS had a method for applying preset rules to known programs so they would work without the user needing to be an expert. You and I might know that a web browser needs to access outbound on port 80, as well as FTP rules, but Joe User doesn't.

This is a great way to make a firewall usable for novices, but it had a flaw. It used the .EXE name to apply the rule, and it was quickly discovered that you could rename a malicious program to use the same name of a known good program and take advantage of those rules. This was quickly fixed by adding a digital signature database that tracked each known good EXE (each version released wherever possible) so that only the real programs could take advantage of this functionality.

A couple of people saw the preset rules when NIS was originally released and made the assumption that since they listed a bunch of programs, there must be spyware in there. This was not true, and the NIS team watched those new rules like a hawk to make sure that no bad guys got in.

How do I know this? Because I worked on NIS 2000 2.0 and had the privilege of leading the NIS 2001 through NIS 2004 quality assurance team.

FUD is not something that Microsoft has a monopoly on, as the parent post proves, well meaning but wrong end users can dish it out too.

Re:Absolutely untrue

This is wrong, NIS did not make holes in the firewall for spyware.

Oh? What was the purpose of the file "C:\Windows\Application Data\Symantec\Norton Internet Security\adserv.alc" that shipped with NIS2000, then? A whole lot of people out in the security usenet groups have some foul things to say about this file and the Radiate/Aureate spyware product...

Re:Absolutely untrue

"I worked on NIS 2000 2.0 and had the privilege of leading the NIS 2001 through NIS 2004 quality assurance team."

Interesting. IMHO Nav2000 was the last decent NAV made. Or was it 2001? Which one was the last that worked on Servers? I'm not saying you personally are to blame for anything but most people I know in IT including myself say that from then on it got more and more bloated and caused more and more problems. Not all norton AV is bad, the CE has always been decent. But man, after seeing how far Nav went downhill in the last 4 years I have to question if you were being sarcastic when you said "privilege". Now I won't touch the consumer version of Nav with a 10 foot pole.

Re:Absolutely untrue

Apparently he can yap on about how good the products are when unchallenged... lets see if he answers tomorrow.

I have been lucky enough to not have to use any Symantec crap, they were like the kiss of death to software they bought - I remember this great early Mac compiler they bought - leading edge stuff at the time - open up to date bug list, incremental compilation, etc can't remember the name, anyway Symantec buys the company/product closes the bug list, turns the thing into crap in 2 revs.

Same with Peter Norton's stuff, which I think they were heading downhill fast before they bought him out. Bloated, crashy crap, all of it.

Re:Absolutely untrue

I'm having trouble finding anything on the net about what you describe. Could you provide any more information or some URLs?

Googling for "adserv.alc" gets 0 hits, for example.

Re:Absolutely untrue

Googling for "adserv.alc" gets 0 hits, for example.

Do a search in Google Groups, not a web search. There's quite a few posts about this back about 4 years ago, aimed squarely at NIS2000.

Re:Absolutely untrue

[Chairboy]

Adserv.alc was originally put in because Aureate/Radiant was a benign program that powered ad funded games. We monitored their traffic, and all they did was occasionally download a new advertisement, nothing nefarious. It was needed to make some popular games work.

Later, the program became a little less benign, so we removed the file from our program and released an update that deleted it. No conspiracy, in fact I'd think that our course of action would meet the approval of security minded folks because when the program shifted, we said 'no way, bucko' and got rid of the configuration file to protect our customers.

BTW, you're posting as AC. Not much of a challenge to take pot shots from an anonymous position. I have to wonder, what's your motivation here? Will you respond? I guess we'll see.

Re:So what? You should be using multiple tools any

mod parent (Score: -5, Used the word ostensibly)

Re:So what? You should be using multiple tools any

[lewko]

Yahoo toolbar (AFAIK) doesn't install itself without your prior consent.

This is NOT the case with plenty of spyware.

Re:Spyware has ruined a whole sector of free softw

[austad]

Felix is the last amusement applet I will ever let my mom run.

Ah, how the tables turn when one grows up and learns about computers. :)

POP3 Yahoo email

[solprovider]

yahoo mail (you can actually get *gasp* POP3)

You can POP3 your Yahoo mail, but it requires paying $30/year. I want to do this, but am scared about the automatic renewal. There is no option to have it automatically stop at the expiration date. The consumer would not lose anything since the account would revert to the normal free webmail until another payment was received, and they could easily send reminders before and after the expiration.

I had Geocities and Yahoo mail. Geocities always allowed POP3. After Yahoo bought them, I merged the accounts and was able to POP3 from both accounts. Then Yahoo started charging. I received an email advertisement about the "new service" every time I tried to POP3.

I dislike that Yahoo's webmail does not work in Mozilla as well as MSIE. I wish they would hire some good standards-aware web developers. Their spam filter works very well, but did not work with POP3 the last time I used it. The spam would be in the Junk folder in webmail, but there was no option to exclude the Junk folder from POP3.
---
I use Yahoo's movie listings and their maps. Mapquest's maps do not appear in Mozilla (with my settings?), and Yahoo's maps do.

Re:POP3 Yahoo email

"I dislike that Yahoo's webmail does not work in Mozilla as well as MSIE."

maybe you have an example of something that doesn't work?

I use yahoo webmail all the time on mozilla/firefox on both freebsd and linux.

mapquest also works just fine -- sounds like you've configured something wrong.

Re:POP3 Yahoo email

1. POP is so 1990's. Live in the now.
2. You can get a decent provider, *with* secure IMAP and secure SMTP for less than $30/year: mailsnare.net, fastmail.fm, and they both work with Mozilla just fine (except for the RTE editor on 'snare, but their text editor works just fine.

Re:POP3 Yahoo email

Do a search for YahooPOPs. It'll solve your problems without cost.

Re:POP3 Yahoo email

[1u3hr]

You can POP3 your Yahoo mail, but it requires paying $30/year. I want to do this, but am scared about the automatic renewal. There is no option to have it automatically stop at the expiration date.

It's $19.99 per year. They send you at least one notice: [This is a notice to remind you that your Yahoo! POP Access and Forwarding service will automatically renew on 22-APR-03, and your Yahoo! Wallet will be charged the annual service fee of $19.99 on that date. This is 20% off the current regular price.] before doing so.

That said, I'm getting impatient with it, the spam filtering is not very good, misses a lot and has false positives. For the same price I could get my own domain and look after my pown email; just inertis stops me so far.

but there was no option to exclude the Junk folder from POP3.

Yes there is.
Mail Options ->POP Access & Forwarding -> uncheck "Include Bulk Mail folder when downloading new messages"

Maybe you should look at YPOPs, "This application emulates a POP3 server and enables popular email clients like Outlook, Netscape, Eudora, Mozilla, etc., to download email from Yahoo!" When I get somethng better I'll use something like this to keep an eye on my Yahoo account.

Re:POP3 Yahoo email

[atarian]

Not so, you can sign up for free POP access to your Yahoo account providing you allow them to send you the occasional advertisement email (easily filtered)

NB: This applies to Yahoo.co.uk accounts, YMMV with .$TLD versions.

Re:POP3 Yahoo email

You can POP3 your Yahoo mail, but it requires paying $30/year

News to me. I've been POP3ing my Yahoo email for the last 3 years for free.

Re:POP3 Yahoo email

[Wyzard]

Is there any good reason to use POP3 over IMAP, aside from some services not offering IMAP access?

Link to original eWeek article

[MacRonin]

eWeek - Yahoo Plays Favorites with Some Adware

In its spyware-fighting tool released in beta last week, Yahoo Inc. left out for automatic detection a category of often-unwanted software for which its paid search division has a financial stake. Yahoo's Anti-Spy beta for its browser toolbar doesn't include adware by default when it scans users' systems for unwanted programs.

[ ... ]

Among the programs the Sunnyvale, Calif., company classifies as adware are controversial ones from Claria Corp. (formerly The Gator Corp.) and WhenU.com Inc., two common targets of spyware critics who say the companies trick users into accepting unwanted downloads and flood machines with pop-up ads.

With Claria, best known for its Gator eWallet application, Yahoo is also a business partner. Claria, based in Redwood City, Calif., delivers pop-up and other forms of advertising from its GAIN ad network through software downloaded onto users' machines.

Re:Well... it is a proprietary closed source progr

Ugh.

Looking at the source might help you get rid of Claris w/ the Yahoo thing, but it would probably be faster to PICK THE PROVIDED OPTION TO GET RID OF IT THAT JUST ISN'T ENABLED BY DEFAULT.

sick of it

[austad]

I got sick of supporting my friend's dad's computer. No matter what I did to it, he still managed to fill it with viruses and spyware. It was insanity. I had things set to autoupdate signatures and automatically run, but to no avail.

So last week he said he wanted a new computer, gave me his credit card number, told me what apps he needed, and let me order him one. I got him a shiny new Apple. No more friggin' spyware and virus hell, no more support calls for when his browser keeps crashing, and the security on it is miles higher than what he had with WinME. Plus, if he needs support, he can just go down to the local Apple Genius Bar.

I'm sure plenty of malware for the Apple will come, it's just a matter of time. But for now, I don't have to deal with it, and the Apple actually suits his business much better than his old windows box did.

Re:sick of it

[SamNmaX]

I got sick of supporting my friend's dad's computer... I got him a shiny new Apple.

Arrrrrrrggg... I guess it was sure that someone from the Cult of Mac would suggest this. ;)

Besides the fact that the userbase is too small for most malware producers to target, what is preventing an Apple user from Spyware hell? While I don't know much of the Mac equivalent to ActiveX, I don't see much stopping spyware from hitting a Mac as, say, a trojan in freeware.

Re:sick of it

[austad]

There is no mac equivalent to ActiveX. Which is good. There is Java, but as far as I know, the security with Java is fairly good.

I'd like to argue that because OSX is just a unix system it's inherently more secure than a windows box, but I don't think it necessarily is as far as malware companies getting stuff installed to spy on users/etc. A lot of this installing is done by trickery. If you try to install something outside of your home directory, the mac asks you nicely for your password, most people will probably just type it in. Not to mention the recent URL handler exploits for the mac that just became public knowledge...

I think I mentioned in my parent post that it's just a matter of time. It's just a matter of time for linux spyware also (Blasphemy!). Once someone makes linux as easy as a mac, we'll have plenty of clueless linux users with spyware and backdoor filled machines.

Re:sick of it

[SamNmaX]

I'd like to argue that because OSX is just a unix system it's inherently more secure than a windows box, but I don't think it necessarily is as far as malware companies getting stuff installed to spy on users/etc. A lot of this installing is done by trickery. If you try to install something outside of your home directory, the mac asks you nicely for your password, most people will probably just type it in. Not to mention the recent URL handler exploits for the mac that just became public knowledge...

Well, certainly asking for a password before you install something is one step above the average WinXP setup (with the main user as admin), though of course trojans can still get in through seemingly safe programs. Things like the URL exploits you mention, well, I that's certainly a problem but each individually anyway is easily fixed.

Unix wasn't really made with security, especially for the desktop, in mind in the first place, and systems based on it (Linux, BSD, OSX) are all quite vulnerable as you generally want to install your programs as root, which requires too much of trust in whatever you are installing. With Windows XP the situation is slightly worse since most people using it are always root. Until we start seeing more of a move to stop putting so much trust in programs (Java applets as you mention in another context, are a start), this type of thing will probably be a consant.

Re:sick of it

[0x0d0a]

Well, certainly asking for a password before you install something is one step above the average WinXP setup

Ironically enough, this is not the case.

I have listed several ways that a malicious program can slip past the Mac's password scheme before (grab keystrokes, put up bogus password dialog at a different time that looks like it belongs to a different program, etc).

The problem is that Apple's security design in the Mac OS fails to establish a secure channel between the user and the OS when requesting a password. (This is why you must hit Ctrl-Alt-Del in most versions of Windows before entering a password). Apple's password dialog actually represents a reduction in security over no password, since it (a) passes the password through an insecure environment on a regular basis and (b) does not provide a method to establish that the identity of the requesting program may be trusted -- that the dialog is really a legtimiate password dialog.

Re:sick of it

[SamNmaX]

The problem is that Apple's security design in the Mac OS fails to establish a secure channel between the user and the OS when requesting a password. (This is why you must hit Ctrl-Alt-Del in most versions of Windows before entering a password). Apple's password dialog actually represents a reduction in security over no password, since it (a) passes the password through an insecure environment on a regular basis and (b) does not provide a method to establish that the identity of the requesting program may be trusted -- that the dialog is really a legtimiate password dialog.

Unfortunately, the default in windows doesn't require Ctrl-Alt-Del, and for those who do want to run Windows XP as a non-admin account and then use the 'Run As' feature, that window itself could be spoofed as well.

I understand one of the features of Paladium (or whatever it was based on) is that you can provide the system a picture or phrase that the OS keeps secret from the rest of the system, and that when it asks for your password the window will display it so you know it's legit. Of course, it would require quite a bit of prodding to get the average user to notice this feature, but it's a small step in the right direction.

Re:sick of it

[davidstrauss]

Unfortunately, the default in windows doesn't require Ctrl-Alt-Del

XP Pro defaults to having the Ctrl-Alt-Del sequence on logon and when unloaking the system. You are, however, correct about the Run As... feature. On a related note, I have noticed that people don't usually care whether the OS asks for the BIOS-level key sequence or not. If I wanted someone's password, I could just fake a login box without any request for Ctrl-Alt-Del.

That wouldn't work

[FullCircle]

If an individual gives away software that hogs bandwidth and cpu cycles, you are now a terrorist hacker, writing malware and undermining national security and free commerce.

You have to start a company for it to be legal. Duh.

Re:That wouldn't work

[TheDigitalRaven]

You have to start a company for it to be legal.

Anyone fancy a job at AntiSpy Technologies LLC?

Actually that's probably a "COVER OUR ASSES"...

[Moryath]

Remember how much Claria/Gator pitched a fit at sites on the 'net who were calling them spyware (YOU'RE SPYWARE SPYWARE SPYWARE GODDAMNIT YOU LOUSY LIARS - I've seen your trickler bullcrap and the javascript on webpages that slips the trickler into Windows, it's invasive spyware and that's final), going as far as to threaten legal action against a few?

Yahoo's lawyers obviously do. The fact that the "Adware" category isn't set for removal by default is Yahoo's fuckup - the fact that Gator is in that category is probably a decision made by their lawyers.

What's far more insidious is likely to be all the bots/spyware/trojans that will, by next week, be disabling this portion of Yahoo's product the moment they find it just like viruses go after virus scanners and several trojans spyware programs go after Ad-Aware/Spybot/etc already.

Re:Actually that's probably a "COVER OUR ASSES"...

Shhhh.. don't give them any ideas.

Or you can just click "Also scan for adware"

[sleepyrobot]

This is a mountain made from a mole hill. All the user has to do is check the box that says "Also scan for adware" in the main dialog box of the application, and the tool will delete Claria and the rest of the intrusive garbage on the user's machine.

Here is a screenshot that shows how simple it is to remove adware using the tool.

Yahoo Anti-Spy

The article makes it sound like you have to go clicking through a bunch of option screens, but the truth is that removing adware is exactly one click more complex that simply running the program.

You guys are so ready to excoriate Yahoo, but all they've done is provide a free, easy-to-use tool for common users to delete crap from their computers. So what if they rely on the user to click *one cleary labeled check box* to delete software created by Yahoo's own business partners?

Keep in mind that the program has no negative side effects...even according to the progam's critics, its worst sin is a sin of omission.

Can amount to the same thing

[tehanu]

It can amount to the same thing though. It's an old trick in ideology and politics (and I guess business as well) to redefine other groups in such ways as to suit your purposes. For example, what are you willing to bet that groups that are pro-US are not classified as "terrorist" even if they use similar tactics? This then means they are not subjected to the same legal restrictions that groups classified as terrorist are. Note also that while we call extreme Islamic groups 'terrorists' they also call the US 'terrorists' and themeselves as 'holy warriors'. The way you label your enemies and your friends is one way to serve your own interests while being to able to *deny* it. Other way these tricks are played are for example the definition of "poverty-stricken". For example in China recently, the rate of those in poverty suddenly rose over-night, literally, as before that, China had been defining "poverty" in such a way as to exclude people who were literally scraping a bare living so as to be able to reduce the official statistics of who was living in "poverty". They decided to redefine "poverty" because they figured the economy was good enough and the state was stable enough to afford it. Western governments also play tricks like this with the definition of "employment".

Re:Can amount to the same thing

For example, what are you willing to bet that groups that are pro-US are not classified as "terrorist" even if they use similar tactics?

How long was it that the IRA terrorism in Ireland was mostly sponsored by US citizens? Many years. How many of those US citizens were ever so much as cautioned? Not many.

Yup, double standards at play...

My favorite part

[JPriest]

"Yahoo's Overture division, a leading provider of paid search listings, contributed 31 percent of Claria's 2003 revenues"

It seems to me that if they really wanted to do something about these companies they could start by not accounting for 31% of their profits.

Re:My favorite part

[Afrosheen]

Am I the only one who read this as "Yahoo's Torture division" at first glance?

Re:My favorite part

Yes.

Re:My favorite part

[SFBwian]

No.

Re:My favorite part

[kawika]

"Yahoo's Overture division, a leading provider of paid search listings, contributed 31 percent of Claria's 2003 revenues"

This is the part that people should be yelling about. Claria had $90 million of revenues in 2003, according to its S-1 statement. How can Yahoo/Overture give more than 28 million dollars to a company that treats consumers the way Claria does?

Think about it

[metalhed77]

But why is that option unchecked by default? Probably cuz of their partnership

Because...

[Nom+du+Keyboard]

Claria has commercial bonding with Yahoo! Inc.

And you're surprised because...?

Nothing to see here.

[matasar]

If you check the "also check adware" button, it will remove Claria. I've done this.

It doesn't remove any kind of adware by default, Claria or no.

Ben

Hey, it's free -- stop whining!

[Deeper+Thought]

What a bunch of whiners. It's a free feature. How is this so terrible?

Yes, Yahoo! has "come out of the closet" and said that they, too, are a commercial company, intent on making money off us Internet users. Whoa -- what a surprise! And Google too? Dang!

If you hate commercial companies, just use someone else's toolbar.

And don't forget to sell your Yahoo stock and avoid the Google IPO.

Google Removed WhenU for a Very Particular Reason

[bedelman]

As the guy who reported WhenU's cloaking to Google, I can tell you that Google didn't remove WhenU because Google doesn't like WhenU (whether or not they do, I do not know) or on a whim. Google removed WhenU because WhenU was breaking Google's rules.

Details at WhenU Spams Google, Breaks Google "No Cloaking" Rules.

Not Everyone Thinks Googles Principles are Perfect

[bedelman]

Not everyone thinks Google's Software Principles document is perfect.

See analysis by Eric Howes:

Unfortunately, the majority of those "software principles" address only the amount and type of information provided, not the actual practices through which that information is delivered. While Google's document does insist on "clear" and "conspicuous" notice, it largely neglects to lay out just what that would mean. Indeed, I strongly suspect that companies like Gator and WhenU would claim that they already abide by these principles and point to their EULAs, which are presented to users during the installation of Gator, SaveNow, and their other software applications. In my own analysis of the automated, online installation of C2 Media's Lop.com software (see www.staff.uiuc.edu/~ehowes/dbd-anatomy.. ), it was clear that C2 Media's collection of EULAs and privacy policies had in fact covered all of the major functionality and behavior of the software installed, just as Google's "software principles" insist.

Re:Not Everyone Thinks Googles Principles are Perf

[AstroDrabb]

I guess you failed to read the big header?

Feedback requested: A proposal to help fight deceptive Internet software

Notice the big Feedback requested? If you or anyone else things Google's software policy has holes, let them know.

The REAL story

The real story is in how major manufacturers of computers install certain spyware on the systems before they even ship. Too bad editors here feel that is worthy of a big "deny". Ironic knowing the background of a certain one here in hijacking a previous domain name and complaining about censorship.....

Re:The REAL story

Not a problem for me or my family. When I or someone in my family buys a new one, I immediately reformat and install a clean copy of XP Corporate edition.

Then I install Mozilla to keep them from the horrors that are IE.

re: AUP/TOS/EULA

First off, nobody actually reads those things until there's a pressing need (e.g. Why did my account get canceled? or Why am I getting spam? or Why won't the store let me return this defective/crappy software I just bought? ).

We all know they're not legally binding against the person who did the clicking, but they do provide a small amount of legal CYA for the content/service provider. I view clickthroughs as the moral equivalent of telephone slamming. For those unfamilar with the concept: Telemarketers record you saying "yeah" to something innocuous, then use that tape to defend the new "services" they've added to your telephone bill. Now instead of a tape, they have a record of your click, so they can claim they have the right to do anything they crammed into the 100page all-caps document displayed in a 4x60 scrolling window.

Personally, I think it should be illegal (in the US) to create a clickable AUP/TOS/EULA that says anything remotely resembling "we reserve the right to spam you, monitor your activities, install software, take over your machine, etc" (Of course, I also think it should be illegal to target minors with product advertisement; however, that's another battle I'll always end up losing.)

Popular?

[Anomalous+Communard]

excludes by default two popular adware/spyware applications

widespread, perhaps, but certainly not popular

Easy answer to the Adware Problem

[NoahKing]

If you're really that concerned about spyware/adware/anything at all on your computer, you an fix it in three easy steps!

Step 1: Unplug your network cable. This will prevent you from installing, intentionally or otherwise, any spyware/adware. Additionally, it will disable most of the spyware/adware on your computer because these generally depend on the internet to get the ads they are serving you! Two birds with one stone!

Step 2: Start your computer up at a command prompt. Type 'FORMAT C:'. This will completely eliminate all the unwanted files from your computer!

Step 3 (Optional): For the true anti-adware user, you should consider removing the computer from your desk and using a handheld calculator for all your computational needs. Nobody has even written adware for the TI-86 to the best of my knowledge!

Re:Easy answer to the Adware Problem

[0x0d0a]

I don't think it's unreasonable for people to want to be aware of things that their computer is doing that they might take issue with and still retain a sane level of functionality.

That might be done through legal means, through OS-level functionality restriction, or through malware removal software, but expecting people to either accept spyware or not use their computer is not, I think, reasonable.

Repeat after me (and link to this page)

Claria is spyware.

CLARIA is spyware.

Claria IS spyware.

Claria is SPYWARE.

What is Claria? It's spyware!

please spam the f*uckers

http://www.claria.com/contact/

Re:Spyware has ruined a whole sector of free softw

[0x0d0a]

Speaking of which, I'd say that Tucows should ban the inclusion of any software that is spyware-based, and clearly label anything that is adware based.

"Bundling with" adware/spyware counts as use of adware/spyware -- that old loophole, where dishonest software companies used an InstallShield installer and "included and installed by default" Gator or similar should never be accepted by users again.

Yahoo webmail

[solprovider]

AC asked what does not work as well in Yahoo webmail using Mozilla as MSIE.

The RichText (HTML-email) functions are different. The MSIE version uses IFRAMES and provides more functionality than appears in Mozilla.

I detailed this in previous posts. I do not send HTML mail, but my father (a non-techie I convinced to use Mozilla as his main browser, and who is a good evangelist for Mozilla) complains about having to switch to MSIE because of this.

He currently runs Windows98SE. He is about to receive his new triple-boot PC: Windows98SE, RedHat, and Slackware.

---
I have Mozilla only accept images from the originating server. That is probably what is causing problems with MapQuest. That is not a "wrong" configuration, just a safe one. So I use Yahoo Maps.

New light on a (tired) story

[Morgan302000]

Yahoo's product isn't as controversial as eweek made it seem. In fact, Larry Seltzer at eweek just posted a related story saying we ought to give Yahoo "a break" http://www.eweek.com/article2/0,1759,1606431,00.as p. Some people want the adware given the functionality that comes with it, but they can always decide to delete it later. Yahoo seems to be giving folks recourse here to re-consider what might have been a bad decision in the first place, so at least give Yahoo credit for that much.

Re:New light on a (tired) story

[Samson821]

Here here! Yahoo has a track record of being forthcoming re privacy (mother's maiden name, first pet's name, etc.) -- sometimes (and increasingly), the responsibility has to shift to the user. That's a fact of life -- and Yahoo is still giving them a way out. This is way overblown.

altruism by definition precludes profit

[waspleg]

let me help, from dict.org:

altruism
n : the quality of unselfish concern for the welfare of others

emphasis mine

Lock down the browser...or use Lynx

[iamcf13]

Disable java, javascript, (and all other scripting) and activex and you're golden. If that isn't enough, use a text-based browser like Lynx or use a time-consuming web-to-email interface if those still exist....

The Solution is Simple

[ajs318]

I've never used these so-called "browser toolbars" because they seem to only work on inferior browsers (= MS Internet Explorer) on toy OSes (= Windows), upon neither of which would I waste a precious CPU cycle; so perhaps I'm not the fittest person to comment here.

But how come, when people install these things, they don't just do the nearest thing to what I would do when installing a package with functionality I didn't want: edit the source code with whatever Windows has instead of vi, and comment out all the spyware-ish bits, before they do whatever Windows does instead of make? Maybe they could even do whatever Windows does instead of diff to create a patch, and offer that for download from their own site.

If people aren't smart enough to do that, they probably deserve the consequences.

Re:Spyware has ruined a whole sector of free softw

[Moraelin]

"Sadly, I have noticed that this trend of spyware payloads has begun to move itself into mildly useful, free utitlity applets as well"

If you think it's only beginning, you are sadly mistaken.

E.g., way back, the standard way to get BackOrifice was to be tricked into downloading some nice little application. Except it was wrapped in a wrapper that BO-ed your computer.

Even farther back in time, before the Internet worms and email viruses, in the days of proper .exe viruses and boot sector viruses, that was the _only_ way for a virus to propagate. If you wanted to start an infection, you had to get people to execute an infected program. Somehow.

L33t warez sites were in both cases one of the main ways to get either a virus or BO (or an equivalent), packed as a serial number generator or as some cracked exe or whatever. I.e., again, the malicious payload was disguised as something completely different.

Nothing new under the sun, eh?

(Incidentally, the practice of spyware calling home also dates back from those days. As dynamically allocated addresses made BO and such less useful than a static IP, plugins were written to 'call home' and tell the script kiddie the new IP address. E.g., if my memory doesn't fail me, the Butt Trumpet plugin.)

Or rather, only one thing is relatively new: malware used to be the exclusive domain of script kiddies and other low life lamers. And everyone considered them to be lowlife lamers.

Now we have corporations basing their whole business model on the exact same kind of tools and mechanisms that those script kiddies used. And insisting that it should somehow count as legitimate, just because it's done by a company.

To me, they're still lowlife lamers.

Sounds perfectly logical to me...

[The_REAL_DZA]

...after all, what was it Jesus said about a house divided against itself?

DOES NOT SUPRISE ME!!!!!

[Monofilament]

This is typical yahoo!. I have a love hate relationship with yahho! since they have quite a few good, free, services. Things like free fantasy sports, of which just about any other system with that much organization has gone pay in some way. (Yahoo does have pay for extra functionality.. but if you have some whits about you and like looking at stats and figure out some points on your own .. you don't need it.) Also Free e-mail, of which i like using.

Now with that said the reason it doesn't suprise me is cause of an incident i had with Yahoo! mail's spam blocker quite a few months ago.

1. They have by default in a setting list thats not really related to your e-mail account a list of ON BY DEFAULT e-mail ad lists that you get put on. In their defense .. it tells you where to go once you've actually started geting this spam.

2. This is the Kicker. I started getting some other e-mails from Yahoo.com affiliates and themselves. I was kinda suprised it didnt come up in spam bin, cause it wasn't really obvious it was from yahoo. I was confused .. So i open it, and low and behold i see some relation to yahoo. I'm pissed now. I mean this is spam .. and they say the block spam or at least put it into a BULK folder for if you wanna view it you can .. or you can just empty. So i say to myself, "I'm gonna show you, I'll mark this as spam". To my suprise and very much anger the message WAS FREAKING SET IN SUCH A WAY that the spam blocker said the message was innelligable to be blocked!!!!

After this incident i rooted around on yahoo's website .. i found about as many ad director e-mail addresses, VP's addresses, and a couple of other higher Uppermanagement e-mail addresses i could find. I put them all in the to: block of an e-mail forward with a Screenshot of the unblockable and forward of the message and wrote a concise but very vehement message to them all about how i thought their company was being hypocritcal with such actions.

So since then.. i've never gotten anything from yahoo like that... either 1. they put me on a special list so i don't get it .. and i won't bitch anymore. 2. other people bitched like i did, and they stopped that stupid shit.

In related news...

Ad-Aware now detects SpyHunter as Spyware

Can you say Google Toolbar?

[AcornWeb]

Yet another reason to use the Google toolbar instead. Granted, you have to run Ad-Aware first, but better safe than sorry.

MOD UP

thank you very much

This isn't the only issue Yahoo flip flops on!

[celerityfm]

From reading the article you get the feeling that one hand doesn't know what the other is doing over at Yahoo-- while they are offering antiadware/spyware programs, they simultaneously support Claria/Gator through their Overture pay per click advertisment subsidiary.

But this isn't the only issue that Yahoo is two faced about-- They are also very conflicted over pay for inclusion in their search engine:

"The difficulty with [pay for inclusion] hasn't changed, as you can see using current material from Yahoo:

'Yahoo...today announced that it has created a more comprehensive and relevant search experience for users through the deployment of its own algorithmic search technology' --Yahoo Press Release, Feb. 18, 2004

Sounds like good news for searchers. But wait! What are advertisers being told about Yahoo-owned Overture Site Match, which feeds paid inclusion content into Yahoo's search results?

'Eliminate guesswork: Ensure that your pages are reviewed and included in the search index quickly and refreshed frequently. No waiting for search engines to find your site or guessing which content will be included.' --Overture Site Match product page, May 18, 2004

On the one hand, searchers are told that Yahoo has a comprehensive and relevant search engine, which you'd also assume means it's fresh. On the other hand, site owners are told that Yahoo's search engine apparently just guesses about what to include and may not refresh that content frequently.

Is it any wonder that Yahoo's gained bad press after unveiling its new programs? Either you have a great search engine or you don't. Trying to play it both ways simply doesn't fly."

Personally I think they've kept the pay for inclusion because they've got thousands and thousands of people paying for it and they don't want to kill that revenue stream-- even though they are perfectly capable of functioning without it like Google.

This feeling also applies to their continued partnership with Gator/Claria-- it makes them too much money to dump them.

Finally-- Does Gator's name change to Claria remind anyone else of Phillip Morris' failed name change to Altria? Name change or no, they'll never live down their sleezy reputation that they EARNED themselves.

Keep fighting the good fight!

Re:This is not a first - even for Yahoo

[drinkypoo]

They've done this at least twice that I can remember, both times it was a front page /. story. Something makes me want to say three times but I have no clear recollection, kind of like Ronald Reagan.

Alltheweb.com is dead my friend...

[celerityfm]

I'm sorry to say it, but Yahoo castrated Alltheweb.com's search results and replaced them with the same Overture/Inktomi results that you get from MSN and Yahoo searches. By the way they also did the same thing to Altavista :(.

I'm still hoping that some of the technology from Alltheweb will get integrated with Inktomi but for the most part I haven't read anything about major changes to the Inktomi algorithm yet so I'm assuming that they let Alltheweb die a quiet death. Maybe someday we'll alltheweb style improvements to the yahoo/inktomi engine, but until then:

RIP ALLTHEWEB.

Could be an oversite

This could just be an oversite on Yahoo's part. This is the first version with anti-spyware and I don't believe they are writing the anti-spyware software themseleves.

Everyone know how version 1.0s sometime ship. Look at the gaming market...

Here is the point you missed

[Overly+Critical+Guy]

I was making a point about the complete double-standard around here, where it's okay to violate RIAA and artist copyright holder rights, and Slashdot even makes cheeky jokes about P2P piracy, but if a company dares violate the copyright of the GPL, it's suddenly a big headline article and everyone gets up in arms.

It's a double standard--apparently copyrights are only a big deal when it comes to the GPL and not when it comes to violating someone else's rights on Kazaa, which is some sort of imagined "gray area" on Slashdot.

Re:Here is the point you missed

[gurps_npc]

You are correct it is a double standard.

We get upset when hugely profitable companies steal stuff do other illegal stuff at the expense of worthy, under-paid programmers to make a profit on it.

We do not get upset when individuals ignore a corrupt law that tramples over fair-use rules in order to catch criminals that make NO monetary profit who are stealing from some of the most corrupt companies around.

The RIAA does not represent artists. It represents recording companies, producers etc. Have you SEEN their contracts? They continue to have clauses that state "The company shall only pay the artist based on 90% of sales, to account for an estimated 10% breakage." Yes, LP's had about 10% breakage. CD's have a breakage rate of less than 1% but the scum-bags still rip off the artists. And this is only ONE of severl ridiculous clausses of the standard contract.

The truth is that if P2P stopped entirely, I doubt the artists would get 10% more in sales. If the RIAA and their companies vanished today and the artists went to CD-BABY and similar services, the artists would end up making more money.

Re:Here is the point you missed

YHBT. YHL. HAND.

Love,
Overly Critical Guy (aka bonch)

me in louder voice than the AC that said it:

[kunudo]

"maybe you could show us the url/code so those that do understand JS can take action against it?"

Re:me in louder voice than the AC that said it:

Here is one.

That will be included in a web page with something like:

<script language="JavaScript" type="text/JavaScript" src="http://public.searchbarcash.com/v2/prompt.php ?c=1&p=9FD0986F08B7A3A88B59EE08A1D1934967FEF1419B0 66DF507A34BF0E0481783698566F3B68DF40448AC9A8309A1D E98CFEADAA19AB062C96BF6FCB02431F41783FD95A9751819B 0D69E4766069F882D40938F635FA9C5E34D3FAA84DC818401D 6DE0D8818FE60E4F0CAC3638AA07AB3EC36C9F96DC232EBC4C 884963972446AAFECB8026C6FE467D0">

Re:Spyware has ruined a whole sector of free softw

[aardwolf204]

I too used to like those amuzing proggies, but now I'm near afraid to download a NO-CD crack for a game I purchased, or a serial generator for an old game I lost the cover for. Spy/Ad/Mal/ware is filthing up the net way too much. My evidence follows:

Exibit A:

A friend of mine and I decided to play with PhotoShop and 3D Studio one night and come up with wallpapers. We've all done it hu? After completing our masterpieces we decided to give something back to the community so we uploaded our works to ThemeXP.org. This at the time new website was gaining popularity and looked innocent enough to give our art away to. It wasnt until almost one year later that I checked on my friends wallpaper on ThemeXP.org at this location and found that not only was the wallpaper doing alright having been downloaded 758 times, but the wallpaper had been encapsulated in spyware! A WALLPAPER, WITH SPYWARE! WTF have we come to. The site had a note at the bottom which said:

* This author has generously allowed us to wrap this file to help keep our costs down.

My friend does not remember clicking any checkbox saying it was ok to shit on his wallpaper with crapware, but then again nor does he remember not checking a box. At this point it doesnt really matter, it wasnt that good of a wallpaper. I dont feel sorry for my buddy, I feel bad for the 758 people who downloaded the crap-ridden wallpaper.

NIS 2000 DID pre-allow ADS from a long list

[NetSurferHI]

Yeah, but while NIS touted its ad-blocking, cookie blocking, etc. features, it came with preset "allow" rules for a long list of advertizers.

On top of that if you wanted to upgrade you had to uninstall the previous version, which removed the changes you made (such as blocking those slime^H^H^H^H^Hethical businessmen NIS had so thoughtfully enabled sending you ads) and when you installed the new version, it of course re-installed those nasty "permit" rules.

I stopped using it because I felt it was dishonest to say you are selling me ad blocking and then have a list of companies (who probably paid NIS) who are pre-approved to send you ads etc. Now I use CA's firewall/av/ad blocking which also blocks web bugs and does not sell you out by preconfiguring certain sites to be able to send you ads.

Symantec/Norton lost all of my trust because of this and I could not recommend that anyone use their products. If they would do this to you, what else would they do without telling you? This behavior is right up there with Intuit's adware requirements in Quicken which breaks Quicken if you remove the adware.

Caveat emptor

POP3 vs IMAP

[solprovider]

Is there any good reason to use POP3 over IMAP, aside from some services not offering IMAP access?

POP3 allows downloading your inbound mail to a local client. The only choice is whether to delete the mail from the server at the time of the download or let it remain on the server (useful when using a temporary client.)

IMAP replicates your entire mail file (email and folders) to clients. You use more space on the server and all clients, but your mail looks the same on all PCs.

If you only use one PC, then POP3 is fine. If you use one PC as the master, and occasionally want to check your mail from other PCs, then POP3 is fine. If you are putting your mail into another system that allows mail replication, then POP3 is good because it empties the other servers.

If you use multiple clients and want to maintain your folders, then either use that last option, or use IMAP.

---
I have mail pulled from several sources into my Lotus Notes mail file, which is then replicated between my home systems and several internet servers for redundant access from anywhere, including webmail. I use POP3 to pull the mail from all other systems. My mail database sorts it into folders depending on where it originated.

IMAP was designed to grant Notes-like abilities to email. If you want a distributed system and do not have Notes, then IMAP is a good alternative, as long as your mail servers support it. (Lotus Notes servers support webmail, POP3, IMAP, and Notes replication, so you can use your Notes infrastructure with every standards-based mail client.)

Re:POP3 Yahoo email if receive ads

[solprovider]

Revise my history. This applies to Yahoo.com. I never tried the uk website.

1. I had Geocities and Yahoo email. I could POP3 from Geocities so I used that as my non-work address.
2. Yahoo bought Geocities. I merged the accounts and Yahoo allowed POP3. I started using the Yahoo address, since I worried that the Geocities address might disappear.
3. Yahoo.com requires receiving weekly advertisements to allow POP3. The justification was that the users were not visiting the website. Please ignore the free marketing of all those myname@yahoo.com addresses increasing the awareness of Yahoo, but Yahoo was still on top then. I still used Yahoo as a main address.
4. [Spring 2002] Yahoo.com requires money for POP3. You also get larger inboxes! (They are almost useless if you download your mail regularly.) I used other email domains to avoid Yahoo.

---
I have a variety of addresses at my own domains, so my Yahoo address is not used much. It serves as my permanent address for people who lose contact with me, and for testing other mail systems.

Same song different drummer

[Sazarac]

This isn't so much a new thing. SRC Technologies in Hilliard, OH makes a spyware remover called SpyBouncer that checks for adware and malicious spyware. The same parent company also sells KeyLogger, a program that does just that-- it logs all keystrokes (including passwords, SSNs, credit card numbers, your pr0n searches, etc.) into a hidden file for retreval later. I sent a message to the SpyBouncer tech support group asking if it will remove KeyLogger. No response. One could take that to mean "No". Kinda like the fire department selling white phosphorus grenades to children, IMHO.

I think that's a great idea!

[reverendG]

Aside from the bandwidth-sucking-up-considerations, I love this idea! It would be like when you try to download things from eDonkey, there's just a bunch of worthless shite, or trying to read your email.

what do they say in that new chronicles of riddick movie? Sometimes you have to fight evil with a different type of evil.