Slashdot Mirror
Yahoo Anti-Spy Favors Yahoo's Adware Partners?
prostoalex writes "Yahoo's new browser toolbar is advertised to clean out adware and spyware from the user's PC and from the sound of it is a good tool to rely on. Not so, says eWeek, whose Matt Hicks notices that Yahoo excludes by default two popular adware/spyware applications - Claria (ex-Gator) and WhenU.com - Claria has commercial bonding with Yahoo! Inc."
Does anyone else find it humerous that Yahoo! is carrying the story?
Yahoo is not the first to pull this stunt. At one time, Norton Internet Security (I think it was NIS2000, specifically) had known holes in the firewall component for different spyware applications. After enough people pitched a fit, they have since closed those holes (supposedly).
A love beyond compare...
Why would I install a "toolbar" to clean out spyware? Shouldn't I use an application dedicated to that?
-Letter
Claria is one of the most prevalent and intrusive spyware programs out there. It's a major omission to not handle it.
This just shows yet another benefit of open source software. When a publicly traded corporation is solely behind the development of a closed product, don't be suprised when they try to protect their interests, at the consumer's expense.
The Technonaut
You mean that thing that was really cool back in 1995 but has become the net equivalent of a tourist trap?
I haven't even visited the site in years, literally. Do people still use that? Between the slanted stories on the front page and the increasing use of flash on the site, they drove me away a long time ago.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
Wonder how much they charged for that little "Feature" to Claria and whomever. It would be very Microsoft of them.
There'a always a catch, I think this might be true with AOL's spy blocking software too. After all they are "corporations" with an obligation to their shareholders. Advertizing makes a chunk of their revenues, and they aren't going to choke that golden goose, are they? For now I am sticking with Adaware.
Activists United
Just like you can't report Launch.com e-mail to your Yahoo! mail account as spam. Of course, Launch.com is actually part of Yahoo! now.
lexbaby
"Be Brave, Be Loyal, Be True." -- Hawkeye Pierce
Ook, let's hold on a minute...AND RTFA (Again)! Yahoo's toolbar uses PestPatrol for its' spyware application, and even the article states that "On its Web site, PestPatrol does categorize software from Claria as adware." But later states that - "In a test of PestPatrol's free, online scanning tool, eWEEK.com confirmed that it does detect the presence of Claria's GAIN software automatically." Hmph, I says...I don't think (I dunno, maybe I'm not into the /. conspiracy theory mentality yet ;) ) Yahoo! is behind this, it smells like an issue with the PestPatrol software....But who knows?
Not everyone is out to get us, people....
My MythTV HowTo
Some antivirus or anti-spam software may not detect a virus/spam that its competitors do, but the next day the situation is reversed. Which one is better? Ditto anti-Spyware. Install the Yahoo toolbar if you think it will help. You should still use other tools though.
If the suspicions raised in the article are true however, I do think there is an ethical question here that should play some part in your decision.
Do you or your partner snore? - Visit www.snoring.com.au
Gator/Claria is classified as 'adware' (as opposed to spyware) by the toolbar, and all adware by default is not blocked.
The toolbar will block them, it requires users clicking on a checkbox somewhere in the options. This makes it just a bit less sleazy.
Additionally: In a desperate attempt to fuel Yahoo's status as a search engine, the new Yahoo! toolbar blocks google.com via the hosts file...
Or not.. :)
The main problem with all of this is "where do you draw the line between spyware, adware, and software?"
Unlike viruses or worms, it's not at all clear where the line is between "good" and "bad." It may be that Claria has a valid business model, in which case they have a strong case that their software shouldn't be lumped in with the likes of clientman, or other truly nasty spyware. Certainly, their business model is not illegal today. (Of course, I personally don't like it, and would never use their software.)
Should Yahoo include "windows update" or "redhat update network" in their list of spyware?
These applications are out of control. To trick a user into installing (and sometimes, installing without asking) software that slows down the machine and floods them with pop up windows is worse then spam. At least with spam, you can delete it quickly.
In addition to this, I cannot count the number of times family members or neighbors have called me up asking for me to help them remove TONS of this junk from their machines. Its even worse when you have to update software just to remove the junk that has been installed. Some of these applications even force you to install other software to remove the offending software. This is ridiculous.
People trust Yahoo. For Yahoo to put a program out there on the market, and do this kind of thing on purpose? That is a pretty crappy thing for a company to do. I have lost what little respect I had for Yahoo..
Cyris
What goes around, comes around.
Actually, I've come across 3 spyware XPIs so far. One of them simply downloaded their .exe, ran it, and installed their IE spyware on your system.
The other 2 actually manipulated the Mozilla DOM, and as they were written in java, they can work just fine in OS X, or Linux.
Thats only cos SF.net rejected my project :(
Wow, I should not post when knackered.
The first (and only) time I used this product to scan for xx-ware it found Claria and removed it.
What I am I doing right/wrong?
Cant we make anti-spyware apps that flood the spyware collection systems with LOADS of useless data?
Kinda makes spyware apps useless if they have to spend $$$ on extra bandwidth to handle the new data and $$$ on CPU Cycles to sort through the Krud.
hehe - and then watch as a new business of "anti-flood" filters are built for the spying companies!
Namely, "fun/amusement" applets -- think applets like "XEyes". Yes, I will admit, when I was in college I used to get a kick out of running things like "BartEyes" (A Bart Simpson knockoff of XEyes), and although I have outgrown them, My mom still likes her "Felix", a cat that walks around on her screen.
Felix is the last amusement applet I will ever let my mom run. I only let her run it now because it predates spyware being trojaned into these little applets. Today, I don't trust ANY fun/amusing "applet" because IMO they all potentially carry a spyware payload.
Sadly, I have noticed that this trend of spyware payloads has begun to move itself into mildly useful, free utitlity applets as well -- I have heard of a weather reporting applet and a time server synchronization applet carrying nasty payloads. I suppose it won't be much longer before the majority of nifty utilities from places like tucows.com are suspect.
I think sometimes that we live in sad times.
slashdot is really really losing it. I've seen
more FUD this week than I've seen all last month,
maybe all year.
The tool does not favor "Yahoo's partners", as a
*30 second skim* of the f'in article tells you.
It simply doesn't scan adware by default. If
you click the box to scan adware, it does detect
Yahoo's partners products. The article isn't
clear on whether the product removes the adware.
The controversial part, read carefully now, is
that it detects *spyware* by default. It's
*adware* that isn't detected by default. They
shouldn't do one and not the other. I'm sure
I speak for all consumers here when I say, no
consumer, not a one, cares about the distinction.
(And the distinction is fuzzy at best anyway.)
Their product favors "adware", and some "adware"
producers are Yahoo partners. It's not as if,
like the slashdot article tries to imply, that
some adware is detected but not Yahoo's partners'.
It's like email viruses. You only get infected if you act like you don't care about getting infected. OR, if you act stupid. For about 4 years I have run Ad-Aware maybe a 4 times, and all I get as a result is few tracking cookies. And I Do use the internet more than average, I can tell you that. But then again, I am european ;)
:)
People get spy/ad-ware by doing stuff on the net. It's like walking in desert and finding oneself being thirsty but alas no water to drink.
Anti malware tools are like that water in the desert. Byt who the heck told you to go into that desert.
If you don't know what will happen from "yes", don't click on it. Preferably don't even click on "no". Kill the process
Off-topic? Goes with the motive, your honor...
(Nightshift and nothing to do, I admit)
-Is the meaning of life vanity, or is vanity the meaning of life?
Wasnt it Yahoo that changed the "subscription" settings on all their current (at the time) email users to have them "opted-in" to all their spam partners not too long ago?
Fool me once...
...Rob
The American Dream isn't an SUV and a house in the suburbs; it's Don't Tread On Me.
This is wrong, NIS did not make holes in the firewall for spyware. NIS had a method for applying preset rules to known programs so they would work without the user needing to be an expert. You and I might know that a web browser needs to access outbound on port 80, as well as FTP rules, but Joe User doesn't.
.EXE name to apply the rule, and it was quickly discovered that you could rename a malicious program to use the same name of a known good program and take advantage of those rules. This was quickly fixed by adding a digital signature database that tracked each known good EXE (each version released wherever possible) so that only the real programs could take advantage of this functionality.
This is a great way to make a firewall usable for novices, but it had a flaw. It used the
A couple of people saw the preset rules when NIS was originally released and made the assumption that since they listed a bunch of programs, there must be spyware in there. This was not true, and the NIS team watched those new rules like a hawk to make sure that no bad guys got in.
How do I know this? Because I worked on NIS 2000 2.0 and had the privilege of leading the NIS 2001 through NIS 2004 quality assurance team.
FUD is not something that Microsoft has a monopoly on, as the parent post proves, well meaning but wrong end users can dish it out too.
Yahoo's lawyers obviously do. The fact that the "Adware" category isn't set for removal by default is Yahoo's fuckup - the fact that Gator is in that category is probably a decision made by their lawyers.
What's far more insidious is likely to be all the bots/spyware/trojans that will, by next week, be disabling this portion of Yahoo's product the moment they find it just like viruses go after virus scanners and several trojans spyware programs go after Ad-Aware/Spybot/etc already.
Here is a screenshot that shows how simple it is to remove adware using the tool.
Yahoo Anti-Spy
The article makes it sound like you have to go clicking through a bunch of option screens, but the truth is that removing adware is exactly one click more complex that simply running the program.
You guys are so ready to excoriate Yahoo, but all they've done is provide a free, easy-to-use tool for common users to delete crap from their computers. So what if they rely on the user to click *one cleary labeled check box* to delete software created by Yahoo's own business partners?
Keep in mind that the program has no negative side effects...even according to the progam's critics, its worst sin is a sin of omission.
It seems to me that if they really wanted to do something about these companies they could start by not accounting for 31% of their profits.
Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
This is typical yahoo!. I have a love hate relationship with yahho! since they have quite a few good, free, services. Things like free fantasy sports, of which just about any other system with that much organization has gone pay in some way. (Yahoo does have pay for extra functionality.. but if you have some whits about you and like looking at stats and figure out some points on your own .. you don't need it.) Also Free e-mail, of which i like using.
.. it tells you where to go once you've actually started geting this spam.
.. So i open it, and low and behold i see some relation to yahoo. I'm pissed now. I mean this is spam .. and they say the block spam or at least put it into a BULK folder for if you wanna view it you can .. or you can just empty. So i say to myself, "I'm gonna show you, I'll mark this as spam". To my suprise and very much anger the message WAS FREAKING SET IN SUCH A WAY that the spam blocker said the message was innelligable to be blocked!!!!
.. i found about as many ad director e-mail addresses, VP's addresses, and a couple of other higher Uppermanagement e-mail addresses i could find. I put them all in the to: block of an e-mail forward with a Screenshot of the unblockable and forward of the message and wrote a concise but very vehement message to them all about how i thought their company was being hypocritcal with such actions.
.. and i won't bitch anymore. 2. other people bitched like i did, and they stopped that stupid shit.
Now with that said the reason it doesn't suprise me is cause of an incident i had with Yahoo! mail's spam blocker quite a few months ago.
1. They have by default in a setting list thats not really related to your e-mail account a list of ON BY DEFAULT e-mail ad lists that you get put on. In their defense
2. This is the Kicker. I started getting some other e-mails from Yahoo.com affiliates and themselves. I was kinda suprised it didnt come up in spam bin, cause it wasn't really obvious it was from yahoo. I was confused
After this incident i rooted around on yahoo's website
So since then.. i've never gotten anything from yahoo like that... either 1. they put me on a special list so i don't get it
Who makes you Sig?