Slashdot Mirror
No Honor Among Malware Purveyors
metalion writes "True to the saying 'no honor among thieves,' adware company, Avenue Media, is finding that competing adware company, DirectRevenue, is detecting and deleting their software. Now Avenue Media is crying foul and have filed a lawsuit against DirectRevenue stating that DirectRevenue 'knowingly and with intent to defraud, exceeded its authorized access to users' computers.' DirectRevenue acknowledges that it may uninstall competing applications in its user license agreement. A researcher at Harvard University, Ben Edelman, reasons that 'Once the computer is infected with 10 different unwanted programs, the person is likely to take some action to address the situation.' Just how far will adware companies go to continue to attempt to bombard us with their ads?"
We all have been complaining about malware for years. . .
Now they are complaining about themselves.
When does it stop?
-nB
whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
Maybe they will destroy each other in an orgy of program deletion :D Neverthought spyware would be spyware removal . . . . .
My Portfolio
Reminds me of the stories of people calling the police because someone stole their weed.
God spoke to me.
" Just how far will adware companies go to continue to attempt to bombard us with their ads?""
When ads are burned into BIOSes.
We should require by law that when a spyware application installs itself, it must uninstall another spyware application without damaging the host system, and further that it put itself into add/remove programs. Then we should just shoot the bastards that don't comply. Oughta solve the malware problem...
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Just how far will adware companies go to continue to attempt to bombard us with their ads?
A) As far as they think they need to go
B) As far as they are allowed to go and remain on the right side of the law
C) As far as they need to go despite the law
D) All of the above
E) Profit?
F) CowboyNeal
I want to drag this out as long as possible. Bring me my protractor.
great idea, put all the malware to fight, and the survivor gets to be deleted by spybot.
More fun than core wars
Now if only we could make these malware programs only target other malware programs and not the operation of the PC...
We could have a little battlebots competition! The Amazing Bonzi takes on reigning champion THE GATOR.
That way, competition would again benefit us, the regular consumer.
:)
Personally, ad/malware is one of the rare reasons I would encourage less strict weapon laws...
-Is the meaning of life vanity, or is vanity the meaning of life?
If they succed with the lawsuit against DirectRevenu , what does that mean for software like ad-aware?
Sometimes you just wish that both sides can lose...
Two programs fighting for dominance on my computer? Brings me back to my AOL on Windows days.
Ironic that they file a lawsuit of thier program being removed when they didn't (explicitly) ask permission to get there in the first place. Maybe we all should just download Virtual bouncer to clean off our systems....oh, wait....
I hope they win the lawsuit. If they were to get the courts to agree that hiding malicious wording in the EULA is fraud then that would be a nice boon to shutting some of these people down.
In fact, just about any attack on the concept of click-through EULAs is pretty good in my book. Scream "contract!" all you want, they're bad for me personally and bad for the industry. Consent and informed consent are two different things and it appears the industry has completely abandonded any pretext of the latter.
TW
www.eFax.com are spammers
It's nice to think that at least one adware purveyor is going to be inconvenienced by this little tussle, but it's not so uplifting when you consider that the choice of winners is "adware company #1", "adware company #2", or "lawyers who represent adware companies".
I'd like nothing better than to see two spyware companies destroy one another in a glorious battle to the death, but I'd much rather they NOT do it on MY harddrive.
And is my mom and other not-so-savvy users granting said authority in the first place? This suit seems riddled with assumptions that it was legal in the first place to install such software.
And since when has malware displayed any EULA - or any UI, for that matter?
I think AvenueMedia deserves to be compensated for this. Let's give their owners the nicer of the two jail cells.
Am I the only one who thought of MAD magazine's Spy Vs. Spy when I read this? Didn't they both end up killing eachother everytime?
I wondered how long we would have to wait for this to happen. I always imagined it would be university students or black-hats. I never imagined it would be spammers/spyware authors trying to kill each other's programs.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
Perhaps also of interest:
After DirectRevenue removes competitors' programs from users' disks, it also transmits extensive information about users' computers. Among the information: MAC address, Windows Product ID, all running tasks, and registry entrise for certain additional competitors (Gator, 180solutions) and removal programs (Ad-Aware, PestPatrol) if installed.
Comment removed based on user account deletion
Two ads enter one ad leaves!
There can be only one!
Gah.. my brain.
We have, It's called Linux.
Mozilla is the key along with a system that is better suited to internet attachment.
The government which is strong enough to protect you from everything is strong enough to take everything from you.
Enough shit like this and no Judge will ever take an EULA seriously.
What spyware writers need to do now is add the following features to their code:
- Random mutations
- Breeding and crossover with other spyware programs so that chunks of similar malicious code are exchanged
- A fitness evaluation function
The fitness evaluation should take into account:I have personally observed -- and recorded in screen-capture videos -- the software of both plaintiff and defendant, installed through security holes.
See e.g. Who Profits from Security Holes?.
Clearly, its the customer who is giving the other application permission to uninstall the exisitng malware. The vendors of the other application have no influence or stake in the agreement between the exisitng malware authors and the user. The only party that can breach the agreement is the user.
So, the users should be punished for violating the copyright on the software they didn't want in the first place, and was installed without their knowledge.
Barring use of some Windows based Spyware prevention tools (most of which aren't free for corporate use), mirgating to some combination of Mac OS X and Linux would end virtually all of this and then I could charge them for stuff like implementing cool new tools for them to use instead of upkeep of a broken system. Of course, these are the same customers who won't try FireFox because it "just doesn't feel right"???
I'm truly torn between my ethics and the need to keep up my income in a crap economy.
A lady in El Paso gets a telemarketing call. She says no, repeatedly. Telemarketer ignores her, repeatedly. She hangs up, forcefully.
She later gets a letter saying:
So, we have:
OK, I move that we commit all advertisers to institutions for the criminally insane, right now.
Any seconds?
www.eFax.com are spammers
Users are sued for deleting malware off their computer? where do you go from here?
IANAL, but this is /. :P
Most 1st world legal systems (not sure whether the U.S. qualifies any more) have a "fine print" legal exemption - you can't put something onerous into an agreement and then try and hide it via tactics like fine print, or clicking through 76 pages, etc. Such clauses can be invalidated in the court.
Basically, you can't put stuff in the fine print that a "reasonable" person wouldn't expect to be agreeing to in the context of the agreement being reached.
Unlike a real parasite, malware's goal isn't just to survive and reproduce - it goal is to generate revenue. I don't see how a company can generate revenue by secretly installing truely benign software on your system.
Just how far will adware companies go to continue to attempt to bombard us with their ads?
I remember reading this short story once about an ad-infested world where there were ads on every available surface. On your toilet paper, on your pancakes, on every square inch of wall, *everywhere*. One image was the protagonist attempting to shave (with difficulty) by looking through a letter "O" on his mirror. He finally gets fed up and he meets a woman who offers him a secret place to go to get away from ads for a few hours at a time. The twist was that the tiny one-room ad-free apartment was actually a government-run re-education facility to brainwash "ad-hating dissidents" to start accepting ads again.
Anyone know this story or remember the name? Now that us TiVo people are considered TV thieves, I'm starting to feel the story to be prophectic.
"Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
I think you are confusing a symbiotic relationship with a parasitic one. In a symbiotic relationship, each gets somethign out of the relationship, so there is no need to complain. A Parasite, such as a tapeworm, does harm the host over time
I reject your reality
Why, that'd be by making their software take up very little space, ONLY monitor, for example, what web sites you are visiting (something that should take very little CPU time, or could even be scheduled to run in the wee-hours, and then, again in the wee-hours, reporting back to it's home company.
Said home company could then gather up all the data, find out what sites are being visited the most, and direct their 'customers' to advertise at said sites.
If done properly, even 10 of these types of programs should not be noticable...
Or something...
Off to the patent office with me! Gotta patent the idea before them aweful software companies steal it!
bork bork bork!
I thought that there *was* honor among thieves, the contradictory nature of the statement "There is honor among thieves" giving it its resonance.
Not quite. A parasite, by definiton, is an organism that harms its host. According to something I read a long time ago, there are three types of cohabitating organisms. A parasite harms its host, a symbiont benefits its host, and a commensal neither harms nor helps its host. It's the last one you were thinking of.
In trying to clean a laptop yesterday I used Ad-Aware SE. At the end of its scanning process it allows you to select what to remove. When I got to this point one of the malwares took control of Ad-Aware quickly and added itself to the ignore list. I found this quite amazing. Part of the ignore was some of CWS, but there were other things there as well. I was able to scan again and remove the ignores. This new trend is mildly disturbing.
Hoyty
Windows itself isn't too bad if you are behind a firewall. I have several WinXP machines behind a simple NAT firewall and I have never had a problem. Simply keep it patched, Substitute IE/Outlook/Office for Mozilla/OpenOffice.org and you are good to go.
I have been running this for 3 years and every time I run a virus scan, it always comes back negative. It's nice because I don't need to pay the Symantec-McAffee tax every year. People always ask me whay virus program I use and they are very puzzled when I say "I don't need one".
Mozilla/OpenOffice need a retail box to put on the shelves in the antivirus section at BestCircuitDepotUSA, along with a little common sense about Internet useage on the back of the box.
Remember, You are unique...just like everyone else.
>> Or 32nd as the case may be, to say:
>> Serves the fuckers right
Geesh. I was about to mark you as redundant before I posted this but then realized that you're claiming to be the 32nd one to post it, not the 1st.
*goes off looking for another person claiming to be the 32nd poster of Servers the **** right so he can mark them*
Wait, I posted.
Drat. Darnit. (^&(^*&^*
Mark me up/down according to your sense of humour.
There's a gorilla from Manilla whose a fella that stinks of vanilla and has salmonella.
Not benign - there's nothing much benign about malaria, for instance. It's not about not affecting your host, it's about not killing it, and that's true of malware as much as it is of a biological parasite.
In about 1995 I worked for a telemarketer. Yeah, I know. Anyway, I sat in a meeting once with some people from a trendy ad agency. They said one of the best ways to market things on the Internet was to visit newsgroups and message boards (what we now call blogs), and ask a question as one user, then provide the answer as another. The answer, of course, would advertize Our Fine Product.
I told them that was lying, and that it was wrong. They looked at me blankly. I may as well have been speaking Latin. I then explained a bit about Internete culture, and the negative feedback of spamming newsgroups. That, they could comprehend, but they didn't think I knew what I was talking about. Their model worked - and it wasn't lying, it was just business.
The mindset of people who spam, sell banner ads, use covert marketing, and advertize on Channel One is (to overgeneralize): whatever it takes to make money.
It doesn't matter what is "right" or "wrong" - rightness and wrongness are a matter of degree, and that degree is measured by a cost-benefit equation. If the
(likely revenue) > X% + sum of (potential costs * likelihood of each)
that's good and "right", otherwise it's bad and "wrong". 'X' represents the amount of margin you could make off some other investment.
The thing that distinguishes telemarketers and spammers is that negative feedback from non-customers doesn't bother them.
sigs, as if you care.
...but this just made my christmas! Since Santa seems to think I have been a good boy, I have a few more things to ask for...
1) A video tape of rival gangs of spammers getting in knife fights over ISP bandwith 'turf'.
2) Microsoft's Yakuzza getting irritated with SCO's failures to bring down Linux, and doing drive-bys shootings to the board menbers.
3) George Bush Jr. getting in a sissy slap-fight with John Ashcroft over the pronunciation of the word 'Nucular'.
HA! I just wasted some of your bandwidth with a frivolous sig!
Somebody flunked biology class. A real parasite is not benign to the host. That sounds like a symbiote. Parasites by their nature take the resources from a host for their own. When was the last time you saw someone with a tapeworm that had no symptoms? How about ameobic dysentery? Does that sound like benign? Perhaps Giardia Lamblia? No? They cause severe disturbances to the host including fevers, bleeding, diarrhea and vomiting. Check your info.
Whoever wins, we lose.
I've wondered for years when someone would write the first true 'genetic algorithim' based worm/virus. It would be a fantastic and alternately, horrible landmark in computer science.
However, there is no point in designing a fitness evaluation. In real natural processes, the fitness evaluation is competition for resources. The only reason why it has to be introduced into modeled simulations is that there is no real competition in a model unless you include it. The real fitness evaluator of a virus is how easily it can spread, how hard it is to detect, and how difficult it is to remove.
HA! I just wasted some of your bandwidth with a frivolous sig!
When I got my IBM ThinkPad X31 about a year ago, I figured I might as well try to boot Windows just once to see what kind of hardware-specific tools IBM supplied. (Trying to get a refund for an operating system I did not want was not possible, since IBM made it clear, that if you did not agree to the licenses of all the supplied software, you were free to return the laptop, which, of course, was not an option.)
I didn't get very far, though. Before it would boot (acutally, install Windows from a restore parition) the software wanted my to agree to two click-through EULAs, one from Microsoft and one from IBM. The funny part is that the license texts, which would have required tens of pages each if printed for sure, was displayed in two tiny text areas, only three text lines high. There was no option to save or print the licenses, and, if I call correctly, there was even some music playing in the background.
The point is, noone is intended to read these texts. I'm not sure what implications that has for the validity of this kind of licenses in various jurisdictions (IANAL etc), but the whole situation is just weird.
(Needless to say, I powered off the machine at that point and net-booted a Debian installer.)
Blog Ho
I think all the EULA's are out of control as to how much control and ownership these companies have over your PC and what right's we as owners of the PC should have reserved.
I keep hoping someday, someone, somewhere will really bring all these EULA's that we are all subjected to each and everytime we install something, under a microscope and start really questioning the legality of said EULA's.
Just my 2 cents...
someone needs to write one, then we can really test the legality of this spyware "it's (hidden) in the EULA!" crap.
Avenue Media is claiming "tortious interference with contract" on the grounds that DirectMedia is interfering with their contractual relationships with their customers. This is in addition to their Computer Fraud and Abuse Act claim. The rationale, presumably, is that if they can show some kind of illegal act under the Computer Fraud and Abuse Act, their "tortious interference" claim might go somewhere.
Some anti-spyware group might want to file a friend-of-the-court brief. The best possible ruling would be that both parties are violating the Computer Fraud and Abuse Act, and therefore DirectMedia cannot claim to come to court with clean hands.
True, it is more tricky than some programs to remove, but if you are able to figure out how to set up Linux, you are certainly smart enough to go google on how to remove it from start up. I don't really understand your concept of a firewall. Make it so tight that you can't even get on Internet? What kind of piss poor firewall are you using. Most firewalls allow you to block based on application. The notice pops up that messenger is trying to access the net, you say deny, tell it to remember that setting, you are done. Amazing, I still have Internet access.
As far as never knowing because Windows is proprietary...that's a load of bullshit too. Stick a sniffer in between your box and the net. An old PC with Linux and ethereal installed will do. Watch the traffic. There is no way that they can hide anything proprietary or open source. So when was the last time you read through the whole kernel to make sure it was doing what you expected it to do?
Support a great indie game: http://www.abaddon360.com
And don't think the latter is a perfect solution. I've seen sites prompt me to install .xpis into Firefox. The damage potential of the latter is slightly reduced compared to ActiveX, but you can bet that if there was no useful reason to be sending them, the authors wouldn't be wasting their time sending them.
I gave a neighbour access to the Internet via my DSL connection and wireless network a few months ago and all but revoked her access within two or three months because I had to clear up her PC of malware twice. Her son had been browsing certain dubious websites and had installed the malware, fed up of constant prompts to install it and under the assumption he had to to view the content. NAT is not enough to secure a PC.
You are not alone. This is not normal. None of this is normal.
We have, It's called Linux.
I hate it when people give an answer like this. You do realize that as soon as the majority of the computing population begins to use Linux or some other variety of open source, that the assholes that create and release viruses and spyware/adware will start writing such things for Linux. The only reason they don't do so now (well, they do, but it isn't nearly as common as Windows malware) is because Windows dominates the market, mainly because the average person won't use Linux because they don't know how or want to recompile the kernel everytime they want to upgrade their video card.
No one cares what your captcha was
Houston TX, USA