Anti-Spyware Vendor Partners with Spyware Company?

Tuxedo Jack writes "eWeek reports that the anti-spyware vendor Aluria Software has partnered with WhenU of 'WhenUSave' and 'SaveNow' infamy. They've removed WhenU from their spyware/malware definition lists, certified their applications as safe, and they deny that money was involved. As a result, SpywareInfo and many other anti-spyware sites are delisting Aluria's 'Spyware Eliminator' from their lists of preferred software. Is this a dangerous trend for anti-spyware? Or are we just witnessing a natural evolution? I sure hope it's neither - I like my Windows boxes junkware-free, thanks (oxymoron noted)."

Dangerous Trend

[pholower]

This is a dangerous trend. Given the majority of these ad/spyware companies don't care what their products do to the "users" computer, they can leave security holes unnoticed and allow exploits without the user even knowing there is a flaw in their computer. Windows updates can only do so much, and with companies releasing software that intends to help the user, but instead can hurt them. All the while the user is unaware. This makes me sick. Let's support the companies that work off of donations and have open source programs. This is the only way to prevent this from spreading to all of the favorite anit-ad/spyware programs.

Re:Dangerous Trend

[erick99]

I use Adaware SE and SpyBot which I run manually once a week, each. I have Webroot's Spy Sweepter which stays in memory and provides a good level of "live" detection. Between the three programs it has been a long time since I've had a adware/spyware program on my desktop. However, it has only been through the use of all three that I have gotten to this point. I haven't found a program that will accomplish this by itself, either free or for fee. PC Magazine ran a comparison of spyware removal programs recently and came to about the same conclusion. They did rate AdAware SE as the best program, though.

like anti virus companies

reminds me of the age old question of whether anti virus companies created virii just to keep their own operations alive.

Re:like anti virus companies

[Chairboy]

You mistyped 'age-old DUMB question'.

It's just not economical. There are plenty of virus writers already out there, because it's just too easy and there are so many computers, it happens. If an antivirus company was discovered to have done this even ONCE, then their entire business would be destroyed instantly.

Are you getting enough oxygen?

Re:like anti virus companies

[null+etc.]

This "age old" question is perhaps the stupidest conspiracy theory I've ever heard. Corporations go to great lengths to avoid lawsuits, and I can't imagine that any successful antivirus company would risk losing all of their money in a class action lawsuit by pulling such a stupid move. Why would an antivirus corporation risk writing viruses? There are plenty of socially stunted 15 year olds to do that.

BTW the pural of "virus" is "viruses". Look it up on google.

Re:like anti virus companies

[plover]

But you're dodging reality by handwaving it away as "stupid conspiracy theory".

It's happened here. I'm from Minneapolis. You may know that we get snow around here in the winters. Remember, snowfall means fender-benders, and body shops hereabouts live for the winter repair season. One mild winter an employee of a local bodyshop was found guilty of driving around the city in a beat-up old wreck, sideswiping parked cars in an attempt to give his business enough work.

Just because you "can't imagine" unethical behavior doesn't mean it won't happen. What makes you think Aluria was a "successful" company, turning a profit? When it comes time to making sure the bank has enough money to cover payroll on Friday afternoon, desperate people have been known to turn to desperate measures. Actually, we have some measure of their desperation already -- they're partnering with WhenU (which is indeed scumware no matter how you classify it.)

I'm not saying Aluria or any antivirus company is guilty of anything criminal. I am saying that some people are more desperate than you might think, and that they may take an unethical route to drum up more business.

If you think this is bad

Symantec's upcoming "Sobig aint so bad" campaign promises to really ruffle feathers. I smell a payoff.

Been there, done that

[blowdart]

How is different from virus vendors stopping reporting on "corporate" keyloggers?

"(oxymoron noted)"

Gee, thanks for pointing that out, for a second there I thought Slashdot was promoting a Micro$oft product (you see, I substituted a dollar sign the "S", I'm FUNNY!)

WhenUGetSued...

[LostCluster]

One problem that these anti-spyware programs are bound to run into is claims that a "spyware" program is a "legitimate business to consumer marketing connection enabler" by its makers. Afterall, in most cases the user has "agreed" to allow these programs to run by installing something without fully reading the terms of service.

That may be the reason why this group caved... not that money changed hands, but the threat of a lawsuit was waived around.

Re:WhenUGetSued...

[lordkuri]

That may be the reason why this group caved... not that money changed hands, but the threat of a lawsuit was waived(sic) around.

ah yes... free market indeed... as long as you have enough money, you can wave some papers at another company, and intimidate them into submission. We really need something to hold these companies (and their lawyers) accountable for this kind of crap.

-lk

Re:WhenUGetSued...

[kawika]

Show me your proof that "in most cases the user has 'agreed' to allow these programs to run." I can certainly find proof to the contrary.

Take a look at these screen shots of the Bearshare install that includes WhenU and tell me it is reasonable to expect a user to press page-down 45 times to read the license.

Users are not aware they are running WhenU because the company works hard to keep them ignorant.

Lavasoft too

[hoborocks]

This happened with lavasoft too, right? They started some consortium on spyware and then left it when it was evident that evil practices were going on... Perhaps there needs to be a legal definition of spyware before vendors will keep constant as to their aims? The problem is with defining it is that the somewhat arbitrary nature that's necessary will backfire and be abused *cough cough DMCA cough cough*.

Re:Lavasoft too

[plover]

Those who forget the past are doomed to repeat it. NoCeMs, anyone? It was an early usenet attempt to deal with spam. But it quickly became a game, played between the spammers and the antispammers. And it never really caught on in the mainstream.

To be useful, a list such as this becomes public. If it allows for anonymous entries, it will quickly be poisoned by spyware authors putting in legitimate entries such as word.exe, outlook.exe, etc. If it's poisoned and damages legitimate users' computers, it will prompt a quick outcry and a quicker death.

But if it's privately maintained (as in having secret moderators blessed with crypto keys that have to sign entries) other things have to be considered. First, moderators who become publicly known will find themselves subject to lawsuits and legal harrasment (see the spywareinfo.com site for an example of someone who has bee harrassed non-stop.) So secrecy becomes paramount. The other is that the software can't become too cumbersome to use for the average Jane and Jack Doe. Trust me, Aunt Margaret doesn't want you to explain how to verify and add trusted public keys to her keyring -- she only wants "the popup thingies to stop".

Yes, it would be possible using newsgroups to distribute signed updates anonymously. And it would be possible to keep the keyholders secret, and to allow for keyring updates to add and delete moderators. But someone has to take the risk of hosting and distributing the software, and that public entity is going to be the target of every spyware author's DDoS attacks simultaneously. Legitimate hosting services won't want to touch it. Would you voluntarily sign a contract that virtually guarantees you'll be the victim of a 30,000 machine zombie attack?

It's also going to take some seriously experienced crypto + Win32 coders to write a perfectly secure client first time around. And once it's written, the next issue is the "who updates it?" battle. The original author will wisely keep the master key private, but he or she may not want to put out the hundreds of monthly updates required. (Ask Patrick Kolla, the author of Spybot S&D, how much time he has to put into researching spyware, checking for signatures, and providing removal code and instructions.) It's a full-time task that will probably take a group of analysts and coders. (An anonymous submission process won't work, because the spammers are certain to poison that well, too.) Finally, how do you vette all these coders and analysts to make sure you don't accidentally let in the next Spamford Wallace?

Sorry to be so negative, but it's a huge undertaking with lots of risk and almost no chance of payback. Only a big established company with lots of backing could afford something like this. There's your answer! Get IBM to sponsor it, they're always looking for goodwill projects, and anything to twist the knife in Microsoft makes them happy. That, plus they have more lawyers than Manhattan has taxicabs.

not a new trend.

[exhilaration]

This sounds a lot like when Microsoft allowed certain paid spammers to avoid Hotmail's spam filters.

Solution: stick to vendors that can be trusted. Use Spybot and Ad-Aware.

Re:not a new trend.

[FatherKabral]

http://www.lavasoftsupport.com/index.php?showtopic =44037 Check this thread out from Lavasoft's own forums..."Hotbar" and "not a threat"...used in the same context? That's like using "not evil" to describe "Satan"!!! Perhaps Lavasoft is another one getting ready to sell out...?

as unimportant as Aluria may seem....

[wo1verin3]

(and for those that don't RTFA) .... they are the backend behind AOL's anti-spyware application which is means potentially millions of users are affected by this.

Profitability

[fembots]

Wasn't it not long ago we had this story about Yahoo Anti-Spy Favors Yahoo's Adware Partners?

I think in long run, anti-badthings services are going to be influenced by the bottom line. Spyware/spammers can make enough to feed themselves and pay for these services to 'certify' them.

As end-users, we need to be educated to prevent these installations in the first place.

Open Source Anti-Spyware

[LegendOfLink]

Does this mean the only anti-spyware solution we can trust is or should be open source?

I would think yes.

Anybody else?

Test them all

[MoeMoe]

I think it might be a good idea for an online tester to get a hold of all the popular Adware/Spyware removers and test them out side-by-side to figure out who "forgot" to block a given companies ads... Atleast then we could figure out who's on our side and who's on theirs...

Aluria... who?

[g_adams27]

Can't say I've ever heard of Aluria's Spyware Eliminator. I've got my triumvirate of anti-spyware tools, and I'm satisfied:

• Spybot - Search and Destroy
• Ad-Aware SE Personal
• SpywareBlaster

No need to limit yourself to just one, either - run all three!

Not that it relieves my nausea..

[nathan+s]

..but to be fair, Aluria says that they're concerned with "malicious spyware." If you RTFA, they indicate that they felt that the disclosure practices and what-not are all above-ground.

Not that this helps people installing without scanning the EULA and getting nasty little "gifts," but it's hardly malicious if you agree to it.

*Disclaimer* I have no idea what exactly WhenU does, never had it on my system. If it IS malicious, then immediately discount this post. Regardless, I'll be busy vomiting from my over-exposure to advertising in general.

Risk of corporate keyloggers.

I used to run a pretty big e-commerce site, and had a customer who'se credit card info was stolen off of one of those "corporate keyloggers".

Apparently the keylogs weren't secure and someone inside the company stole his credit card info when he made a (work related) purchase from Amazon.com on his own credit card.

If you're at work and not using your own laptop or a Knoppix disk, make sure you only use a corporate credit card when ordering online.

Personally I think he should have sued his employer, but he wanted to keep his job.

Re:Oxymoron noted? Puh-leaze

[GlassUser]

Bah, IE is great. You just have to flip one switch to keep it from prompting to install activex programs. And that's only so you don't accidentally click yes. And even then, if you're not logged in as an administrator (and you shouldn't be any way) then you won't have any of these problems.

fake anti-adaware

[Andr0s]

Bah.

Since I started using adaware tools, I learned I could rely only on Spybot and Ad-Aware. Obviously, many others noticed their reliability too - just try googling for either of two, and see how many pages you can find with fake installers - some sites even distribute AdAware installations with modified malware definitions and crippled update, so your AdAware might even refuse to detect malware on your PC.

To me, it all smells so familiar... Just as M$ loves to force, bribe, coax or cajole software producers into specialising their products for Windows compatibility, so do too the malware distributers seek their fifth collumn... Similarities are far from passing.

Spyware/*nix

[RAMMS+EIN]

Spyware will become a serious threat to operating systems of choice as well, once they become a bit more popular. It's exactly the kind of software that operating system level security cannot stop, namely, software willingly (if not knowingly) installed by the user.

Seeing that a lot of software for *nix systems needs to be installed as root, spyware could potentially bypass any OS security mechanisms, and there will be no end to the potential damage.

I think this situation needs addressing. Distributions supporting and simplifying installing software by regular users (as opposed to systemwide installation by the superuser) would be a good first step, with many additional benefits.

WhenU is certainly malware

[dtfinch]

I've caught shareware sites bundling my software with WhenU malware, without my permission, and without giving clear indications to users, causing problems for my customers and endangering my reputation.

I consider any program that sits in the background and pops up ads while the bundled application is not running to be unwanted malware.

What?

[canfirman]

Am I missing something when I read:

WhenU President and co-founder Avi Naider said the industry is falling on previous prejudices and lumping legitimate adware in with malicious spyware, failing to see the changes WhenU has made. (my bold)

How about NO ADWARE? The reason I got a spy/mal/adware remover was to be free from ALL adware. I don't want anybody pushing products on me when I'm on-line.

It seems Aluria has forgotten why they built an adware application in the first place.

Not in monopolies

[gad_zuki!]

If what you say is true, windows would have 1% of the marketshare by now.

We're dealing with end users here, not experts. They just want something that works and expect their anti-virus company and anti-spyware company to deliver the goods.

What good is branding when the company in question used to be called Gator? They simply changed their name. So long bad PR!

Its cronyism and its killing IT. The entire spyware phenomenon can be traced to activex, which exists to tie the browser to the platform.

That said, I've been running into a lot of OSX converts. They got sick of windows and bought a used iMac for next to nothing or 999 for an ibook with some promotion. My next machine will be an iBook too. With Mozilla and Firefox telling lazy web designers and those who make corporate policy to pay attention to standards, the shift will be even easier.

Aluria de-listing WhenU isn't the biggest concern.

[BillX]

In arguing about the recent actions of Aluria, the discussion will inevitably be steered toward whether WhenU (is, is not) malware/spyware/crapware/*ware, i.e. whether it is right or wrong for Aluria to decide they don't fit Aluria's definition of a threat, and de-list WhenU. This conveniently sidesteps larger and much more ominous issues:

1) The amalgam (Aluria+WhenU) is now a competeting product to other spyware removers. (Aluria+Whenu) could more legitimately bring suit against AdAware/Spybot/etc. for the "anti-competitive" practice of removing WhenU.

As Eric L. Howes notes,

"It now appears that the Aluria scanner is actually bundled or integrated into the WhenUSearch Toolbar. In other words, by removing the WhenUSearch toolbar, other anti-spyware vendors will effectively be removing a competing anti-spyware product. Still worse, WhenU itself is now a competitor to other anti-spyware vendors."

2) The amalgam (Aluria+WhenU) can worm onto a click-happy user's system due to its existing title of "spyware eliminator", and summarily remove competing ad-belchers from that system (how convenient!). Now WhenU's promotions aren't being drowned out by Gator/Claria, Bargain Buddy and all their other popup-spewing friends you are likely to find on a spyware-prone (read: novice user) computer.

Do note that AOL is partnered with Aluria; AOL version 9 bundles Aluria Spyware Eliminator--so we're talking about a potentially enormous market here.