Advertisers May Face Ridicule For Adware

An anonymous reader writes "A ZDNet article reports that the FTC may be gearing up to humiliate companies that advertise via adware." From the article: "The FTC would publicly announce and publish the name of a company that advertises using adware that installs itself surreptitiously on consumer PCs or using spyware, Leibowitz said. He would recommend publicly shaming advertisers to the other FTC commissioners if the adware problem doesn't decrease, he said."

Free advertising?

"The FTC would publicly announce and publish the name of a company that advertises using adware that installs itself surreptitiously on consumer PCs or using spyware..."

Thereby granting said company immense public exposure and advertising...

That's a start..

[slashkitty]

They should also complete the loop and list companies that get paid to advertise Adware. High on the list of those companies is Google. I believe that they make millions advertising adware on their search results and through their adsense network. I'm sure that Yahoo and other big ad networks are also to blame. Worse yet, they are often misleading. Searching google for spyware removers gets you ads for more spyware!!!

Forget the advertisers

[Khyber]

Publically shame the company responsible for producing the spyware/malware/adware/rootkits as well! Then shame every company that chooses to advertise or use those products themselves (For example, F4I should be shamed, with many many references to Sony's crap thrown in as relevant pieces of the puzzle) and then slam the NAMES of the people that wrote these programs, so the entire PUBLIC is aware of the malicious and annoying people.

Is that all?

[voice_of_all_reason]

I would've gone the "drawn and quartered" route myself

I think this is a very good idea

[ZorroXXX]

When the government fears the public, you have democracy.
When the public fears the government, you have tyranny.

Perhaps a weak analogy, but if companies started seriously fearing public opinion - as opposed to say Sony BMG[1] - that would certainly be a good thing.

Fear of the public will stimulate healthy competition (and not under the table/behind closed doors competition).

[1]
Most people, I think, don't even know what a rootkit is, so why should they care about it?
--SonyBMG manager Thomas Hesse

Re:I think this is a very good idea

[IAAP]

...but if companies started seriously fearing public opinion ...

They won't. The public has too a short of a memory.

We, as 'smart' users need to Class-Action

[brxndxn]

The lot of us that hates spyware the most need to get a couple Class-Action lawsuits going against the adware/spam companies and the companies that benefit from them. Isn't it already illegal to install backdoors and software that users did not authorize? Isn't it already illegal to take control of a computer (called hacking, right?)??

Why do the makers of worms/viruses get huge criminal punishments and the companies that make money off of adware get 'embarassment'?

If these were reputable companies in the first place, the old adage of "All publicity is good publicity" would not apply. We, as 'smart' users, owe it to the rest of the computing community to do our research, find out who is involved, and sue them until they bleed red.

Hell.. we could get a Wiki going of spyware (if there already isn't one), and which companies are involved, what addresses, countries, etc.. And then start hiring some lawyers to make lots of money off of our suffering..

I don't wanna be the one to start it, though. Fucking fuck. This porno site just popped up and Internet Explorer crashed. I gotta go.

Not entirely.

[jd]

First, there's a possibility that the FCC will charge for some names, or not include them at all - especially if asked by a nice gentleman with a large check in his hand. Second, said gentleman may also nicely request certain competitors be listed to damage their credibility. The FCC can always say it made a mistake, or claim that a media outlet added to the list.

(Name-and-shame suffers from two big problems. First, there's no actual requirement for there to be any evidence of Adware. The FCC doesn't have to prove a case to anyone, it only has to write down a name. Second, if a name is put down that shouldn't be there, redress will be next to impossible. The media outlets can claim - justifiably - that they're not responsible for official statements from Government. I know of nobody who has sued the Federal Government in civil court for slander or libel, and they've probably got immunity to such suits anyway.)

Actually, there is a better method and the Supreme Court provided it. The Government is allowed to seize private land for the purpose of boosting the economy in a region, under a recent interpretation of Eminent Domain. Adware companies damage the Internet economy. It would seem to follow that the Government can seize those companies and sell them to other, less malign, individuals. (It's less messy than the hung-drawn-and-quartered method someone else proposed, too.)

How about aiding and abetting?

Here's a better idea:

1. Spyware/Adware is essentially unauthorized use of a computer system. I'm pretty sure this is well-defined as a criminal act. (the electronic equivalent of breaking and entering)

2. Paying Adware companies to partake in their venture via advertisement = aiding & abetting, or conspiring to commit illegal acts, or whatever you want to call it.

This "public shaming" by the FTC is laughable. They'd have been better off doing NOTHING than doing something that all but concedes that they have no power (or at least no political will) to actually stop these acts that they obviously disapprove of.

Another idea for companies...

[graveyardduckx]

What's to stop companies for putting bogus ads up for other companies to get those companies on everyones' shit-lists?

Antispyware activism

[Jaypcross]

One technique that seems to get under spyware author's skin is when you bother them at home or on some other form of their own turf. When my best friend and I were leading the charge against Xupiter we spent countless manhours tracing the network of entities responsible for the software and staged multiple phone calls to the home residences of business partners, requests for information from ad affiliates, etc. Lots of WHOIS cross-referencing and corporate document searches but it was worth it to genuinely make life uncomfortable for these guys. Saied Yomtobian called me every dirty name in the book when all I did was ask a few questions about his son being listed on a corporate document for "Xupiter, Inc." listed with the California Secretary of State. It was common practice for us to track down the responsible parties and publish transcripts of our findings. Would be interesting to know the legality of publishing recorded phone calls between angry end users and spyware authors. I think the path to a spyware-free web is public humiliation of the offenders. A multitude of websites already exist toward this end but I think some good old-fashioned activism should be done and its progress published for the world to see. Another thing I did a year or so back was trace the money trail of a piece of spyware that hijacked Google search results. Upon infection I identified the ad affiliate responsible for the hijacked ads inside some source code, documented our findings to the affiliate and got them to terminate their contract with the spyware vendor. It was a good week or two before the vendor (Clientman/Odysseus Marketing) found a new affiliate. I'd guess that that cost them a lot of money in lost ad revenue. I like the idea of a continually updated Wiki where people can collaborate and take action. http://www.wired.com/news/infostructure/0,60694-1. html?tw=wn_story_page_next1

Best way to attack spyware adware companies

[WillAffleckUW]

is to attack their CEOs salaries, bonus, options, benefits, and retirement plans.

Nothing else will change their behavior.

Um, I don't WANT to live in FEAR

[WillAffleckUW]

When the government fears the public, you have democracy.
When the public fears the government, you have tyranny.

Sorry, I'm an American, born in America, of American parents and grandparents and my dad and grandad served in the USAF.

I don't want to live in Fear.

And right now, we sure as heck don't have democracy here.

That said, I'm not sure I trust the Bush Regime to use this to go after real spyware firms - they're just as likely to use it as yet another excuse to spy on American citizens' private data stored on their private computers, pretending to be "looking for spyware".

So, while on the surface this sounds like a good idea, there is no way I'm trusting those people to "do good". So far all they've done is lie to me.

i hate spammers

[user24]

and i don't care if you mod me -1 offtopic, troll or flamebait. some things have to be said and i need to rant.

i run a small website, this website has a few user comment areas. the comments are in plain text only. if you enter html, it gets stripped. urls are not converted into links.

people have been automatically spamming the site with links to phentermine and god knows what else, so I implemented a CAPTCHA solution that I wrote in PHP. they now spam me with broken html to bypass the captcha*. never, ever has any of their spam actually turned into html. no users have ever clicked their links, because there are no links to click. these guys just don't get it.

My point is that they'll continue spamming uselessly forever, they won't care about this 'public shaming' because they're the lowest of the low already.

blargh. i give up, i really do.

* i only ask users to pass the captcha if it looks like a url they're entering; i think captchas are annoying so i try to allow people to comment without having to enter one.

fines? jail?

[dfgchgfxrjtdhgh.jjhv]

why not fine these guys? surely that'd be better than funding their advertising campaigns

Standard form of reply applies here

[A+Life+in+Hell]

Your post advocates a

( ) technical (x) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(x) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
(X) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
(X) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
(x) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

( ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
(x) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(x) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

( ) Sorry dude, but I don't think it would work.
(x) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!