Slashdot Mirror
Yahoo Anti-Spy Favors Yahoo's Adware Partners?
prostoalex writes "Yahoo's new browser toolbar is advertised to clean out adware and spyware from the user's PC and from the sound of it is a good tool to rely on. Not so, says eWeek, whose Matt Hicks notices that Yahoo excludes by default two popular adware/spyware applications - Claria (ex-Gator) and WhenU.com - Claria has commercial bonding with Yahoo! Inc."
Does anyone else find it humerous that Yahoo! is carrying the story?
Yahoo is not the first to pull this stunt. At one time, Norton Internet Security (I think it was NIS2000, specifically) had known holes in the firewall component for different spyware applications. After enough people pitched a fit, they have since closed those holes (supposedly).
A love beyond compare...
Why would I install a "toolbar" to clean out spyware? Shouldn't I use an application dedicated to that?
-Letter
Claria is one of the most prevalent and intrusive spyware programs out there. It's a major omission to not handle it.
This just shows yet another benefit of open source software. When a publicly traded corporation is solely behind the development of a closed product, don't be suprised when they try to protect their interests, at the consumer's expense.
The Technonaut
You mean that thing that was really cool back in 1995 but has become the net equivalent of a tourist trap?
I haven't even visited the site in years, literally. Do people still use that? Between the slanted stories on the front page and the increasing use of flash on the site, they drove me away a long time ago.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
Wonder how much they charged for that little "Feature" to Claria and whomever. It would be very Microsoft of them.
There'a always a catch, I think this might be true with AOL's spy blocking software too. After all they are "corporations" with an obligation to their shareholders. Advertizing makes a chunk of their revenues, and they aren't going to choke that golden goose, are they? For now I am sticking with Adaware.
Activists United
Should we take this news as a shocker, or is it somehow expected in commercial sense? Yahoo can probably claim those businesses are not considered spyware from its point of view, hence no removal.
And how long? How long before we start seeing Anti-Spam filters have built-in mechanism to let associates' spam emails through, even if you blacklisted them.
Rock that crushes, Paper & Scissors that don't matter.
No known commercial spyware for OS X or Linux
The next pasture is always greener
1) Write spyware
2) Team up with Yahoo!
3) ???
4) Profit!
Just like you can't report Launch.com e-mail to your Yahoo! mail account as spam. Of course, Launch.com is actually part of Yahoo! now.
lexbaby
"Be Brave, Be Loyal, Be True." -- Hawkeye Pierce
Ook, let's hold on a minute...AND RTFA (Again)! Yahoo's toolbar uses PestPatrol for its' spyware application, and even the article states that "On its Web site, PestPatrol does categorize software from Claria as adware." But later states that - "In a test of PestPatrol's free, online scanning tool, eWEEK.com confirmed that it does detect the presence of Claria's GAIN software automatically." Hmph, I says...I don't think (I dunno, maybe I'm not into the /. conspiracy theory mentality yet ;) ) Yahoo! is behind this, it smells like an issue with the PestPatrol software....But who knows?
Not everyone is out to get us, people....
My MythTV HowTo
Some antivirus or anti-spam software may not detect a virus/spam that its competitors do, but the next day the situation is reversed. Which one is better? Ditto anti-Spyware. Install the Yahoo toolbar if you think it will help. You should still use other tools though.
If the suspicions raised in the article are true however, I do think there is an ethical question here that should play some part in your decision.
Do you or your partner snore? - Visit www.snoring.com.au
Gator/Claria is classified as 'adware' (as opposed to spyware) by the toolbar, and all adware by default is not blocked.
The toolbar will block them, it requires users clicking on a checkbox somewhere in the options. This makes it just a bit less sleazy.
Additionally: In a desperate attempt to fuel Yahoo's status as a search engine, the new Yahoo! toolbar blocks google.com via the hosts file...
Or not.. :)
The main problem with all of this is "where do you draw the line between spyware, adware, and software?"
Unlike viruses or worms, it's not at all clear where the line is between "good" and "bad." It may be that Claria has a valid business model, in which case they have a strong case that their software shouldn't be lumped in with the likes of clientman, or other truly nasty spyware. Certainly, their business model is not illegal today. (Of course, I personally don't like it, and would never use their software.)
Should Yahoo include "windows update" or "redhat update network" in their list of spyware?
These applications are out of control. To trick a user into installing (and sometimes, installing without asking) software that slows down the machine and floods them with pop up windows is worse then spam. At least with spam, you can delete it quickly.
In addition to this, I cannot count the number of times family members or neighbors have called me up asking for me to help them remove TONS of this junk from their machines. Its even worse when you have to update software just to remove the junk that has been installed. Some of these applications even force you to install other software to remove the offending software. This is ridiculous.
People trust Yahoo. For Yahoo to put a program out there on the market, and do this kind of thing on purpose? That is a pretty crappy thing for a company to do. I have lost what little respect I had for Yahoo..
Cyris
What goes around, comes around.
I can't wait to install it on my Konqueror browser.
"Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain
"Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain
The first (and only) time I used this product to scan for xx-ware it found Claria and removed it.
What I am I doing right/wrong?
Cant we make anti-spyware apps that flood the spyware collection systems with LOADS of useless data?
Kinda makes spyware apps useless if they have to spend $$$ on extra bandwidth to handle the new data and $$$ on CPU Cycles to sort through the Krud.
hehe - and then watch as a new business of "anti-flood" filters are built for the spying companies!
Namely, "fun/amusement" applets -- think applets like "XEyes". Yes, I will admit, when I was in college I used to get a kick out of running things like "BartEyes" (A Bart Simpson knockoff of XEyes), and although I have outgrown them, My mom still likes her "Felix", a cat that walks around on her screen.
Felix is the last amusement applet I will ever let my mom run. I only let her run it now because it predates spyware being trojaned into these little applets. Today, I don't trust ANY fun/amusing "applet" because IMO they all potentially carry a spyware payload.
Sadly, I have noticed that this trend of spyware payloads has begun to move itself into mildly useful, free utitlity applets as well -- I have heard of a weather reporting applet and a time server synchronization applet carrying nasty payloads. I suppose it won't be much longer before the majority of nifty utilities from places like tucows.com are suspect.
I think sometimes that we live in sad times.
This also bleeds into the issue that people have with EULAs: No one ever reads them.
The GAIN Trickler and other similar programs are very often installed legally and volutarily by users themselves. Oftentimes installing the software is predicated upon accepting these "malicious" programs. If a user has in fact agreed to install software, it may be (and yes, I'm playing the devil's advocate here) a perfectly logical step to avoid uninstalling it.
Imagine if the toolbar uninstalled program updates, patches, and other things automatically installed. We'd hate it. Of course, we're only complaining because it's not doing what we want; however, I don't think we should freak out at Yahoo. The program still operates within the scope of its definition.
slashdot is really really losing it. I've seen
more FUD this week than I've seen all last month,
maybe all year.
The tool does not favor "Yahoo's partners", as a
*30 second skim* of the f'in article tells you.
It simply doesn't scan adware by default. If
you click the box to scan adware, it does detect
Yahoo's partners products. The article isn't
clear on whether the product removes the adware.
The controversial part, read carefully now, is
that it detects *spyware* by default. It's
*adware* that isn't detected by default. They
shouldn't do one and not the other. I'm sure
I speak for all consumers here when I say, no
consumer, not a one, cares about the distinction.
(And the distinction is fuzzy at best anyway.)
Their product favors "adware", and some "adware"
producers are Yahoo partners. It's not as if,
like the slashdot article tries to imply, that
some adware is detected but not Yahoo's partners'.
It's like email viruses. You only get infected if you act like you don't care about getting infected. OR, if you act stupid. For about 4 years I have run Ad-Aware maybe a 4 times, and all I get as a result is few tracking cookies. And I Do use the internet more than average, I can tell you that. But then again, I am european ;)
:)
People get spy/ad-ware by doing stuff on the net. It's like walking in desert and finding oneself being thirsty but alas no water to drink.
Anti malware tools are like that water in the desert. Byt who the heck told you to go into that desert.
If you don't know what will happen from "yes", don't click on it. Preferably don't even click on "no". Kill the process
Off-topic? Goes with the motive, your honor...
(Nightshift and nothing to do, I admit)
-Is the meaning of life vanity, or is vanity the meaning of life?
Give me the patience that I need
h ttp://w ww3.yahoo.com/
To keep my piece of mind,
And with life's cares, I hope, Dear God,
Some happiness to find.
Let me google but for today,
Not worrying 'bout Ads ahead,
For I have trust that You will see
Gator and friends, all of them dead
Give me the courage to face the web's trials
And not from adware or spyware run,
Let me keep this thought in mind,
"My will, not Yahoo's, be done."
Oh I miss the yahoo I knew.
http://web.archive.org/web/19970201021647/
Quem a paca cara compra, paca cara pagará.
Wasnt it Yahoo that changed the "subscription" settings on all their current (at the time) email users to have them "opted-in" to all their spam partners not too long ago?
Fool me once...
...Rob
The American Dream isn't an SUV and a house in the suburbs; it's Don't Tread On Me.
AllAdvantage.com was one of those late-90s .com's with an incredible business plan that turned out to in fact not be credible enough to last. For those who never heard of it, it was the idea that users would run a "toolbar" on the bottom of their screen at all times, and then the company would send the users a monthly check for their cut of the ad revenue for the ads they were exposed to.
Sure, this was adware to the nth degree... but all of the users either knew or should have known what they were getting themselves into and they were on the financial take for their part in the scheme.
Of course, the major anti-malware products weren't around back then to weigh in on their opinions on these things. But, it's an interesting call. Nobody was ever tricked into installing this program, so would it be the duty of an anti-malware program to attack such a program, or just let it be?
http://www.safer-networking.org/
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
This is wrong, NIS did not make holes in the firewall for spyware. NIS had a method for applying preset rules to known programs so they would work without the user needing to be an expert. You and I might know that a web browser needs to access outbound on port 80, as well as FTP rules, but Joe User doesn't.
.EXE name to apply the rule, and it was quickly discovered that you could rename a malicious program to use the same name of a known good program and take advantage of those rules. This was quickly fixed by adding a digital signature database that tracked each known good EXE (each version released wherever possible) so that only the real programs could take advantage of this functionality.
This is a great way to make a firewall usable for novices, but it had a flaw. It used the
A couple of people saw the preset rules when NIS was originally released and made the assumption that since they listed a bunch of programs, there must be spyware in there. This was not true, and the NIS team watched those new rules like a hawk to make sure that no bad guys got in.
How do I know this? Because I worked on NIS 2000 2.0 and had the privilege of leading the NIS 2001 through NIS 2004 quality assurance team.
FUD is not something that Microsoft has a monopoly on, as the parent post proves, well meaning but wrong end users can dish it out too.
yahoo mail (you can actually get *gasp* POP3)
You can POP3 your Yahoo mail, but it requires paying $30/year. I want to do this, but am scared about the automatic renewal. There is no option to have it automatically stop at the expiration date. The consumer would not lose anything since the account would revert to the normal free webmail until another payment was received, and they could easily send reminders before and after the expiration.
I had Geocities and Yahoo mail. Geocities always allowed POP3. After Yahoo bought them, I merged the accounts and was able to POP3 from both accounts. Then Yahoo started charging. I received an email advertisement about the "new service" every time I tried to POP3.
I dislike that Yahoo's webmail does not work in Mozilla as well as MSIE. I wish they would hire some good standards-aware web developers. Their spam filter works very well, but did not work with POP3 the last time I used it. The spam would be in the Junk folder in webmail, but there was no option to exclude the Junk folder from POP3.
---
I use Yahoo's movie listings and their maps. Mapquest's maps do not appear in Mozilla (with my settings?), and Yahoo's maps do.
I spend my life entertaining my brain.
Yahoo's lawyers obviously do. The fact that the "Adware" category isn't set for removal by default is Yahoo's fuckup - the fact that Gator is in that category is probably a decision made by their lawyers.
What's far more insidious is likely to be all the bots/spyware/trojans that will, by next week, be disabling this portion of Yahoo's product the moment they find it just like viruses go after virus scanners and several trojans spyware programs go after Ad-Aware/Spybot/etc already.
Here is a screenshot that shows how simple it is to remove adware using the tool.
Yahoo Anti-Spy
The article makes it sound like you have to go clicking through a bunch of option screens, but the truth is that removing adware is exactly one click more complex that simply running the program.
You guys are so ready to excoriate Yahoo, but all they've done is provide a free, easy-to-use tool for common users to delete crap from their computers. So what if they rely on the user to click *one cleary labeled check box* to delete software created by Yahoo's own business partners?
Keep in mind that the program has no negative side effects...even according to the progam's critics, its worst sin is a sin of omission.
It seems to me that if they really wanted to do something about these companies they could start by not accounting for 31% of their profits.
Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
This is typical yahoo!. I have a love hate relationship with yahho! since they have quite a few good, free, services. Things like free fantasy sports, of which just about any other system with that much organization has gone pay in some way. (Yahoo does have pay for extra functionality.. but if you have some whits about you and like looking at stats and figure out some points on your own .. you don't need it.) Also Free e-mail, of which i like using.
.. it tells you where to go once you've actually started geting this spam.
.. So i open it, and low and behold i see some relation to yahoo. I'm pissed now. I mean this is spam .. and they say the block spam or at least put it into a BULK folder for if you wanna view it you can .. or you can just empty. So i say to myself, "I'm gonna show you, I'll mark this as spam". To my suprise and very much anger the message WAS FREAKING SET IN SUCH A WAY that the spam blocker said the message was innelligable to be blocked!!!!
.. i found about as many ad director e-mail addresses, VP's addresses, and a couple of other higher Uppermanagement e-mail addresses i could find. I put them all in the to: block of an e-mail forward with a Screenshot of the unblockable and forward of the message and wrote a concise but very vehement message to them all about how i thought their company was being hypocritcal with such actions.
.. and i won't bitch anymore. 2. other people bitched like i did, and they stopped that stupid shit.
Now with that said the reason it doesn't suprise me is cause of an incident i had with Yahoo! mail's spam blocker quite a few months ago.
1. They have by default in a setting list thats not really related to your e-mail account a list of ON BY DEFAULT e-mail ad lists that you get put on. In their defense
2. This is the Kicker. I started getting some other e-mails from Yahoo.com affiliates and themselves. I was kinda suprised it didnt come up in spam bin, cause it wasn't really obvious it was from yahoo. I was confused
After this incident i rooted around on yahoo's website
So since then.. i've never gotten anything from yahoo like that... either 1. they put me on a special list so i don't get it
Who makes you Sig?
Is there any good reason to use POP3 over IMAP, aside from some services not offering IMAP access?
POP3 allows downloading your inbound mail to a local client. The only choice is whether to delete the mail from the server at the time of the download or let it remain on the server (useful when using a temporary client.)
IMAP replicates your entire mail file (email and folders) to clients. You use more space on the server and all clients, but your mail looks the same on all PCs.
If you only use one PC, then POP3 is fine. If you use one PC as the master, and occasionally want to check your mail from other PCs, then POP3 is fine. If you are putting your mail into another system that allows mail replication, then POP3 is good because it empties the other servers.
If you use multiple clients and want to maintain your folders, then either use that last option, or use IMAP.
---
I have mail pulled from several sources into my Lotus Notes mail file, which is then replicated between my home systems and several internet servers for redundant access from anywhere, including webmail. I use POP3 to pull the mail from all other systems. My mail database sorts it into folders depending on where it originated.
IMAP was designed to grant Notes-like abilities to email. If you want a distributed system and do not have Notes, then IMAP is a good alternative, as long as your mail servers support it. (Lotus Notes servers support webmail, POP3, IMAP, and Notes replication, so you can use your Notes infrastructure with every standards-based mail client.)
I spend my life entertaining my brain.