Google: Unwanted Software Is Worse Than Malware

An anonymous reader writes from a report via The Stack: A year-long study between Google and New York University has determined that unwanted software unwittingly downloaded as part of a bundle is a larger problem for users than malware. Google Safe Browsing currently generates three times as many Unwanted Software (UwS) warnings than malware warnings -- over 60 million per week. Types of unwanted software fall into five categories: ad injectors, browser settings hijackers, system utilities, anti-virus, and major brands. While estimates of UwS installs are still emerging, studies suggest that ad injection affects 5% of browsers, and that deceptive extensions in the Chrome Web store affect over 50 million users. 59% of the bundles studied were flagged by at least one anti-virus engine as potentially unwanted.

It took a year to figure this out?

These college studies are almost always a huge waste of time/money. I think less of both parties for these "findings".

Re:It took a year to figure this out?

And in that time, they failed to categorise ad injectors as malware.

Re:It took a year to figure this out?

[diamondmagic]

It took a study to figure out the magnitude of the problem.

The number being 20% or 80% could mean the difference between spending a thousand or a million dollars on the problem.

Re:It took a year to figure this out?

[arglebargle_xiv]

I'm a big confused here though, is Windows 10 "unwanted software" or "malware"? The study doesn't really make it clear.

Re: It took a year to figure this out?

Someone should talk to Oracle's Ask toolbar installed about this.

Re:It took a year to figure this out?

[Cro+Magnon]

I'm a big confused here though, is Windows 10 "unwanted software" or "malware"?

Yes, it is.

Hypocrisy

If Google truly believed this, they would use the licensing of Google Mobile Services to force manufacturers of Android devices and carriers to stop loading up the devices with unwanted software. As long as Google keeps tolerating the bloatware, they are hypocrites. This "do as I say, not as I do" attitude of Google is quite common and is a massive departure from not being evil.

Re: Hypocrisy

Quit whining. If you don't like the tracking and the bloatware, you can by a phone with a different OS that doesn't have those things. Windows Mobile and iOS are alternatives. If you keep buying Android phones, you're not sincere, either.

Re: Hypocrisy

[Xenx]

It almost sounds like you're saying the problem doesn't exist on WM or iOS. I can tell you that iOS comes with multiple apps I don't care about. I don't know enough about WM to make that claim. However, I do know that different people want different things. It wouldn't shock me if some people don't like all the stock apps for WM.

Re: Hypocrisy

[johanw]

Windows mobile is dead. Even the bloatware makers ignore it. If you root Android, you can easily remove bloatware like Hangouts and the like.

Re:Hypocrisy

[sexconker]

If Google truly believed it, they wouldn't pay people to bundle Chrome (or their toolbar, or their search engine preference, etc.) into installers for shit.

Re:Hypocrisy

[lgw]

If Google truly believed this, I could update Flash without the risk of unwanted Google software if I forget to uncheck some boxes. Heck, Google might be a lot more serious about getting Flash off the web if they weren't using it as a (worse-than) malware vector!

Re: Hypocrisy

If you root Android, you can easily remove bloatware like Hangouts and the like.

And you can easily brick your phone or fuck it up in some other way. Such as ending up with a phone that won't install new apps.

Re: Hypocrisy

And you can get hit by a car walking across the street... And you can slip in the shower and brain yourself...

Re: Hypocrisy

[tepples]

If you sell your phone that you cannot root and use the money to buy a phone that you can root, the second phone will almost certainly have less CPU, RAM, and storage. Is it still an upgrade?

Re: Hypocrisy

It wasn't that long ago google was bundling their search toolbar and their browser with downloads. Now if you try it they block you.

Re: Hypocrisy

[mcswell]

"Windows mobile is dead." Well, I hope not. A year or so ago, I ditched my old Android phone for a Nokia with Windows8, and I much prefer Windows to Android. Many reasons, but one of them is exactly apps that you're told you shouldn't remove from Android, lest it go belly-up. I've had no such problem on my Windows phone.

Re:Hypocrisy

[mcswell]

And I wouldn't get ads from Google telling me Chrome is better for searching (it isn't) every time I do a search in a competing browser. And I mean *every* time.

Re:Hypocrisy

[taustin]

Given how many other things that Chrome comes bundled with, usually with "make default browser" pre-checked, what do you expect?

Re:Hypocrisy

[Palinchron]

If Google truly believed this, three quarters of the Android base operating systems would be individually installable and removable packages.

Re: Hypocrisy

Yes

Re: Hypocrisy

[rsborg]

"Windows mobile is dead." Well, I hope not. A year or so ago, I ditched my old Android phone for a Nokia with Windows8, and I much prefer Windows to Android. Many reasons, but one of them is exactly apps that you're told you shouldn't remove from Android, lest it go belly-up. I've had no such problem on my Windows phone.

You get the opposite problem - very few worthwhile apps, or native experiences.

Re: Hypocrisy

Obviously that depends on your definition of "upgrade", so what is yours?

Re: Hypocrisy

[SeriousTube]

You say that like braining myself would be a bad thing.

Re: Hypocrisy

[mcswell]

I have all the apps I need/ want. Not sure what "native experiences" means. I've lived with Mayan natives in Mexico, does that count? They didn't have cell phones, though.

Re: Hypocrisy

[cfalcon]

> iOS comes with multiple apps I don't care about

What basic utilities does Apple include that you don't want?

Re:Hypocrisy

If Google truly believed this, they would use the licensing of Google Mobile Services to force manufacturers of Android devices and carriers to stop loading up the devices with unwanted software. As long as Google keeps tolerating the bloatware, they are hypocrites. This "do as I say, not as I do" attitude of Google is quite common and is a massive departure from not being evil.

Buy an unlocked, international phone. Or even better, a Nexus phone.Carrier bloats are there because they are subsidizing the phone so you can get them "cheaper" in front. You (and your wallet) have options.

Re: Hypocrisy

> iOS comes with multiple apps I don't care about

What basic utilities does Apple include that you don't want?

Mail, map

Re: Hypocrisy

[Mondor]

Watch Windows Phone losing more apps from 1st of October this year. Since many, if not most, developers have abandoned the sinking ship (because, you know, good developers are writing software for money, and there's no money in WM), Microsoft added some policies for app certification to make the market alive. However, not everyone cares about that and failure to re-certify the app till the end of September will un-publish these apps.

And, indeed, there is enough bloatware in Windows Phone too, both Nokia (RIP) and HTC. Well, especially HTC.

Re:Hypocrisy

As long as Google keeps installing their bloatware. FTFY!

Re:Hypocrisy

Especially the Google apps, the only thing I want is the Play Store, all the other crap is just that, I don't want the rest installed by default and uninstallable because it's burned into the factory side of the rom.

Re:Hypocrisy

But it does seem that Google has kneecapped Firefox on their maps, opening the same map link on firefox brings it to a crawl, doing the same in Chromium it responds lightning fast. They're possibly pulling a GenuineIntel in the ICC compiler hack here to either load shitty scripting or add wait times to either the browser or server side when Chrome isn't detected.

Re:Hypocrisy

As long as Google keeps tolerating the bloatware, they are hypocrites.

Then by your standard the entire FOSS community are hypocrites too. Free software is like free speech, some people are going to use it to say things that you don't like, but that doesn't mean that you have to pull an Apple and control everything with an iron fist to protect against uses that you don't like. The antidote to crapware is to offer something better, which Google does with their Nexus line of products.

Re: Hypocrisy

[Opportunist]

Yes, because the first phone owns you, but you own the second one. Personally, I prefer to be the owner of something crappy to being the property of something awesome.

Re: Hypocrisy

[Xenx]

I can only remember hiding apps that I didn't want. I really don't care enough to find an iPhone to figure it out. Quick list would be things like iBooks, stocks, podcasts, safari.

Re:Hypocrisy

While I fully expect that Google is going with the typical corporate response of not giving a shit about what is best for the end user I can't say that I'm particularly fond of your reasoning here.

You see it all the time in comments sections on news sites. Whenever a crime has occurred people want immediate justice. If the perpetrator isn't punished immediately people feel that he didn't get punished at all. No time to wait for the case to be tried in court.

In a similar fashion Google just found out that unwanted software is a problem. You can't expect them to have acted on this new knowledge retroactively or that they will stop the behavior within a week.
You can argue that they should have known better to begin with but clearly they didn't.
The only thing to hope for now is that they actually take this new insight seriously and don't renew their deals about bundling Chrome everywhere but the contract might last until the end of the year as far as we know.
Events like this calls for a "remind me in a year" notification before getting outraged over the hypocrisy.

Re:Hypocrisy

[Big+Hairy+Ian]

Never mind that does anyone remember the google toolbar that used to get bundled with just about everything!

Re: Hypocrisy

[Blaskowicz]

For what it's worth, I read a clickbait article that says iOS 10.0 will let you delete built-in apps you don't care about.
Minimum hardware specs are the iPhone 5 and iPad 4 though.

I still thinks it's a bit "evil" (lack of freedom and all) but I grew a bit sympathetic to the iPhone users, which include many students and proletarian.

Re:Hypocrisy

[AmiMoJo]

Chrome doesn't bundle any other software. Proof: go try the official download right now. Not the dodgy Softpedia one, this one.

The only third party component it includes is Flash player, which is built in to the browser and updated along with it. It doesn't install Flash on your system or in other browsers, it's just an internal plug-in.

Re:Hypocrisy

[DrXym]

Google tried to launch Android "silver" handsets which were basically stock Android devices free of crapware (except Google's own of course), but the interest wasn't there from OEMs to buy into it. So we're stuck where we are.

Personally I couldn't really give a damn about crapware if only it wasn't baked into firmware and eating up space that could be in the user partition. I don't see why it can't be installed to the user partition so it can be removed completely if the user chooses to remove it.

Re: Hypocrisy

[DrXym]

Some Apple apps are moving out the firmware. I suspect that's because they're running short of space and are freeing some up by moving less core apps out to user-land.

Re:Hypocrisy

[AmiMoJo]

Are you confusing Google for McAfee? Flash comes bundled McAfee "security scan" which is really just an advert for their shitty anti-virus. They also seem to be bundling some Intel crapware these days.

Re:Hypocrisy

[Blaskowicz]

Nexus must be a special brand, perhaps one that caters to the US mostly. When I got to my go-to web retailer, there's ton of brands in the list, even Xiaomi, Meizu, Acer, Asus etc. but no Nexus.

So.. you can buy whatever, unlocked, with no carrier bloat. It's better, but you have smartphone-vendor bloat to worry about then, or the possible lack of updates, alternate ROM, rooting method. And Google bloatware, for example if you don't have a gmail account, why have a gmail app at all?

Re: Hypocrisy

[edtice1559]

This got modded into oblivion, but Google does not install bloatware on Nexus-branded devices. iOS devices can definitely be bought with only the Apple software. Now some of it feels like bloatware but that's not the discussion here. And apple seems to be getting better in that area too, not forcing their software on you. The problem is that non-carrier devices are expensive and people would rather get the bloatware subsidy. But even this is a far cry from things that install surreptitiously after purchase.

Re:Hypocrisy

My first reaction was "what ads is he talking about".
Tried a bit, and got a funny (?) result.

Even when I type google.com in the address bar, it redirects straight to google.be here.
Not a trace of those ads as long as I stay on google.be.

As soon as I click the "use google.com" link at the bottom of the page, the URL changes, and in less than a second the first "better in chrome" advertisement is there.
*Every* time, just like mcswell says.

Re: Hypocrisy

IOS 10 will let you "delete" those. Available to do in the betas. Though it doesn't free up any space and They have yet to a a way to chose alternate default.

Re: Hypocrisy

They removed Podcasts a while back, but added it back. The "deleting" feature really just makes them inaccessible. According to Apple, those apps do not use much space all together.

Re:Hypocrisy

[lgw]

Every flash update want to install Chrome and/or some Google searchbar trash. Presumably if you already use Chrome you get some different, additional malware by default.

Re: Hypocrisy

[q4Fry]

This got modded into oblivion, but Google does not install bloatware on Nexus-branded devices.

As an owner of a Nexus 5, I call bullshit. I have Google Books, Google Music, Google+, Google Movies, Google Newsstand, and Google Games, not to mention the applications I actually want like Gmail and Maps. I also have "News and Weather" and probably some other ones I can't identify. None of them can be uninstalled without root.

Re: Hypocrisy

[present_arms]

He's a Brit, braining yourself does not mean putting a brain in your head.

Re: Hypocrisy

[david_thornley]

Apple tries to give users a reliable and safe experience, at the cost of some freedom. This is a trade-off, and I don't blame people for choosing which they want.

Re: Hypocrisy

[david_thornley]

In what way does my iPhone own me? It mostly does what I want it to, as do my Android tablet, Windows 10 laptop, and Ubuntu desktop. Different devices for different purposes, not all of which require full control of the device.

Re:Hypocrisy

[david_thornley]

Nexus is the Google brand, and comes with less crapware than most Android devices. (Google doesn't manufacture them, AFAIK, but buys the equipment from companies that do and rebrands it.)

Re: Hypocrisy

[Xenx]

I saw that as well. I'm glad they're at least taking steps to improve on that front.

Re: Hypocrisy

[Opportunist]

If you don't have full control, all you have is privileges that can be revoked whenever the actual owner so pleases.

Re: Hypocrisy

[david_thornley]

That wasn't the claim. The claim was (to put it in more specific terms) that my iPhone owns me. I'll admit I don't have full control, and if Apple ever did act way out of character I'd likely regret that, but it doesn't own me. I can ditch it any time I like, if I see fit, and get something else.

Re:Hypocrisy

[toddestan]

I don't have Google's shovelware installed on my computer, but going to https://get.adobe.com/flashplayer/ in IE yields an offer to install both Chrome (and make it my default browser) as well as Google Toolbar. Going to that same URL in Pale Moon or Firefox I get the McAfee offer.

Re:Hypocrisy

[toddestan]

No, but tons of other software comes bundled with Chrome. Including Flash Player itself, though I think only if you download it from IE. Chrome is exactly the kind of unwanted software Google is talking about.

Re: Hypocrisy

[Opportunist]

"I can stop at any time" is a claim I heard before. :)

But seriously. Can you? Can you really just do without a cellphone anymore?

Just Like

[Virtucon]

Yeah like come bundled on every Android device and oh BTW which rely on Google location tracking, snooping and other APIs.
Facebook et al. shouldn't take rooting to get rid of them, stop the bloat abuse.

Re:Just Like

Just like the way niggers are unwanted wetware!

Re:Just Like

Where, oh where, can I get Google Toolbar and Google Desktop Search?

Re:Just Like

> Just like the way niggers

AC racist, can you answer me a few questions?

1)- Why the spamming of slashdot? If you actually want to be racist, there's places on the internet that will welcome you with open arms. Maybe it is getting harder to google them, but they are the same places for like a decade, you could pls go.
2)- Are you legit racist, or are you just trying to shut down places that still allow open discussion? Trying to send a message about how if uncensored speech is dangerous by roleplaying a danger yourself?
3)- Whichever flavor of tyranny you back, do you feel at least a little bad, like in the part of your soul that would be a conscious if you didn't suppress it?

Re:Just Like

you can also disable them without rooting, on some phones such as samsung. ...but you do need to use the mdm api's to do it with a key provided by samsung... doesn't void the warranty though.

also windows 10 updates.

they are the worst.

what kind of an UPDATE is it if it installs back all the software i just removed on purpose. that's not an update.

Re:Just Like

[drinkypoo]

Yeah like come bundled on every Android device

Uh no. When you buy your Android device from a telco, sure. When you buy it direct, like I did with my Moto G 2nd, no. It had zero crapware. Just some Motorola apps which were easy to remove, and which actually did stuff.

Facebook et al. shouldn't take rooting to get rid of them, stop the bloat abuse.

Stop buying phones from carriers, noob

stop letting carriers force there builds on you

stop letting carriers force there builds on you and let people load the base roms with out that BS.

Re:stop letting carriers force there builds on you

stop letting carriers force there builds on you and let people load the base roms with out that BS.

Tablets and phones are computers without a keyboard. Companies should be prohibited from selling computers you can't replace the operating system on. If you have to flip a setting where it makes you acknowledge with every boot that you are running an unapproved load, fine, but don't make it difficult or needlessly risky. The only exception might be things with software defined radios or such, and then you should, as you say just be able grab a clean copy of the core OS with that functionality.

Captain Obvious?!?

All malware is unwanted software. Not all unwanted software is malware.

Re:Captain Obvious?!?

[tomhath]

That depends on what the meaning if "is" is. Any software I don't want that wastes my time by displaying ads or using machine cycles is malware.

Re: Captain Obvious?!?

I want unwanted software to stay unwanted, so that if I do want unwanted software, I can still unwant the wanted software when I want it unwanted!

Re:Captain Obvious?!?

In my book ad-injection software is the very definition of malware. It sits on your hard-drive, wastes CPU cycles, ruins your web-surfing experience, opens dog knows how many security holes, and if my (albeit very limited) experience with such software is any guide takes active steps to prevent un-installation up to and including a re-installation script for when you finally think you've finished the exorcism.

If that's not malware then I don't know what is!

Re:Captain Obvious?!?

All unwanted software takes space on my disk and if it also consumes CPU and bandwidth like the Facebook app then I classify it as malware because it steals resources from me.

Re: Captain Obvious?!?

[Zontar+The+Mindless]

Apps Guy, is that you?

Re:Captain Obvious?!?

[Opportunist]

Any unwanted software is malware. The least damage it does is to take up space in your storage that could instead be used for something useful.

Windows 10 Unwanted Software

"Google and New York University has determined that unwanted software unwittingly downloaded as part of a bundle is a larger problem for users than malware"

I figured that out when I had the Windows 10 update go in with Cortana and all the other "Apps" that I didn't want.

Re:Windows 10 Unwanted Software

[Sperbels]

You're overlooking perhaps the biggest unwanted software....Windows 10 itself.

Re:Windows 10 Unwanted Software

lmao. Never heard that one, buddy. You are so funny.

Re:Windows 10 Unwanted Software

[penguinoid]

It's hard for unwanted software to hit all 5 major categories, but apparently not impossible.

Types of unwanted software fall into five categories: ad injectors,

Windows 10, now with ads served directly from your operating system

browser settings hijackers,

Edge+Bing, of course.

system utilities,

a whole operating system, in fact

anti-virus,

Windows Defender

and major brands.

Microsoft is as major as it gets

Re:Windows 10 Unwanted Software

[Opportunist]

Windows 10 isn't so bad. Switch out the UI for that of Win 7, remove the spying and you essentially have Windows 7 with longer support and a new DirectX version.

Which is pretty much what I'd want instead of having to deal with Mint now.

Re:Windows 10 Unwanted Software

[iampiti]

But the problem is precisely that the mobile-like UI and apps, Cortana, the spying and all that crap are considered by Microsoft as essential features of Windows 10, and thus your chance of getting the version you describe is zero.

Re:Windows 10 Unwanted Software

With the anniversary update, you CANNOT disable Cortana and Bing.

Re:Windows 10 Unwanted Software

[Opportunist]

That was pretty much the point, yes.

The Sp00k Who Shagged Me

65535 â December 21, 2013 4:38 AM

https://www.schneier.com/blog/...

@ Jackson

Your concern about the Cryptome report does raise serious questions. When carefully read the Cryptome report touches on the subject of finger printing TOR users via a BT backdoor.

The Crytome report also speculates that major CA's instantly transmits copies of clients SSL/TLS Certificates to the NSA and possibly GCHQ when purchased. This is quite troubling.

I will note that CSO acknowledges that:

'On the issue of the USDOD IP address referenced by the paper's authors, that block of addresses has been used by many firms over the years. It's a valuable piece of IPv4 real-estate that is often enabled internally by an ISP after they've gotten permission from the Defense Information Systems Agency (the part of the USDOD that manages networks and infrastructure).

Just last year, Sprint was using IPs internally from that block for their mobile network. So the fact that BT would be using it too isn't a shock to network engineers who have seen the paper.

'In short, one security expert told CSO, the usage of 30.x.x.x /8 doesn't really imply NSA monitoring at all. In fact, he added, "If you want a non-routable IP that won't break when using it, [the] DOD is your best choice."'

http://www.csoonline.com/artic...

But the Cryptome report goes much farther. It indicates that a simple ping test can detect the backdoor. Next you can telnet into the modem and see the actual configuration and un-hack the device (assuming altering the firmware doesn't violate BT TOS agreement - causing your service to terminated).

http://cryptome.org/2013/12/Fu...

[Cryptome pdf page 39]

"Easy Confirmation

"Step 1.

"Remove Power from the modem and disconnect the telephone line.

"Step 2.

"On your PC (assumed Linux) add an IP address 192.168.1.100 i.e:

#
ifconfig eth0:1 192.168.1.100 up

"Step 3.

"Start to ping 192.168.1.1 from your PC i.e:
#
"ping 192.168.1.1

"Step 4.

"Connect a network cable to LAN1

"Step 5.

"Plug-in the power cable to the modem and wait for about 30 seconds

"for the device to boot, you will then notice:

"64 bytes from 192.168.1.1: icmp_seq=115 ttl=64 time=0.923 ms
"64 bytes from 192.168.1.1: icmp_seq=116 ttl=64 time=0.492 ms
"64 bytes from 192.168.1.1: icmp_seq=117 ttl=64 time=0.514 ms

"You may notice up to ten responses, then it will stop.

"What is happening is the internal Linux kernel boots [inside of the modem], the start up scripts then configure the internal and virtual interfaces and then turn on the hidden firewall at which point the pings stop responding.

"In other words, there is a short window (3-10 seconds) between when the kernel boots and the hidden firewall kicks in.

"You will not be able to detect any other signs of the hidden network without actually logging into the modem, which is explained in the next section."

The second step is telneting into the BT modem/router is show on page 40 to 44. The "un-hack" is on page 45 forward.

Other notable Cryptome pages include:

"All SSL Certificates Compromised in Real-Time" page 22

"Theft of private keys" page 24

"Tor User/Content Discovery" page 26

@ ron41, see TOR discovery from the Cryptome link. There is a fingerprinting method to determine TOR users.

"Covert International Traffic Routing" page 27

"Secure your end-points" page 30

"I'm an American, does this apply to me" page 35

@ *others who care, the paper indicates that NSA is using the very same technique and can discover TOR users (if this is true it is troubling).

Re:The Sp00k Who Shagged Me

[Zontar+The+Mindless]

Dude, check the date--the rest of us knew about this 3 fucking years ago. Can you stop posting it to every story already?

take a hint google.

[bloodhawk]

Perhaps then google you will take note of your own study and stop bundling shit in with lots of other product installs that nobody wants. hint if I wanted your fucking browser I would have gone and installed it.

Re:take a hint google.

[swillden]

Perhaps then google you will take note of your own study and stop bundling shit in with lots of other product installs that nobody wants. hint if I wanted your fucking browser I would have gone and installed it.

What software is Chrome bundled with? Are you talking about the licensing of the Google Android apps as a group, or something else?

Re:take a hint google.

[bloodhawk]

It is bundled with a shitton of software from Avast to Adobe Reader and it is nearly fucking always ticked to install by default so you have to actively opt out.

Re:take a hint google.

This install Chromium, dumbass. Why are you even on /.? Shilling for Apple, trolling, MS zealot?

Re:take a hint google.

[Opportunist]

But that's something different! Everyone loves our browser so it's not unwanted. We just completed an internal study and 99% of the people asked said they love Chrome, 1% could not be reached because the survey webpage requires Chrome to run.

Re:take a hint google.

[bloodhawk]

I would not be caught dead using shit from Apple retard and installing chromium won't stop Google bundling its garbage with every app it strikes a partnering deal with. grow a brain retard.

Re:take a hint google.

[drinkypoo]

This install Chromium, dumbass.

Nice sentence, asshole.

Why are you even on /.? Shilling for Apple, trolling, MS zealot?

Why are you even breathing? Please stop.

Re:take a hint google.

[houghi]

And not only add it, maker it unpossible to remove it unless you root your device.

Re:take a hint google.

No it isn't. What trashy 3rd party site are you downloading Chrome from? Get it straight from Google and it's just a browser with an internal plugin for flash that only it uses.

Re:take a hint google.

You have it backwards. Installing Chrome doesn't install other software, but installing other software installs Chrome.

Re:take a hint google.

[Bite+The+Pillow]

Some assjack blocked his source code downloads for desktop Firefox. So I went to get Chrome, thinking it was browser sniffing or something. And it took 3 different attempts to download. One did nothing, I got an installer that would only crash, then a zero byte installer.

Finally used IE, which spawned one of those things where you can't just download, probably ActiveX bullshit.

I cancelled that, opened wget, and everyone is happy. And yes the download works on chrome mobile, and HTC's shitbrowser from years ago, both with js disabled. So I don't know why desktop Firefox was blocked.

Point is, chrome was just not trustworthy. If I can't virus scan an installer after a few days of quarintine, I usually won't let it run.

Re:take a hint google.

[swillden]

The AC's poor grammar and word choice aside, he seems to be saying that Adobe bundles Chromium, not Chrome. Are you sure it's Chrome?

I don't have access to a Windows machine or I'd check myself.

Re:take a hint google.

[bloodhawk]

It bundles Chrome and google toolbar, definitely not chromium

Hypocrisy

Also, Fuck you Oracle

"Pestware"

[Tablizer]

There's no clear-cut distinction between malware and problematic software that tricks you into using or installing it through various shades of misleading techniques, or carries with it unpleasant side-effects even if it has a useful side. I thus lump them all together under "pestware" to avoid a vocabulary or categorization debate.

Unwanted software is worse than malware

That's rich, coming from a company which spends so much money bundling Chrome with as many software installers as it can.

Re:Unwanted software is worse than malware

*terminates GoogleUpdate.exe* I don't know what you're talking about *terminates GoogleUpdate.exe* Google never does this!!!

Games, too.

I bought a "humble bundle" that added several games I never would have bought to my Steam account.

It was terrible. All those hours I had to spend getting those games completed...

Re:Games, too.

[Opportunist]

Steam forced you to install those games, they ran by default and you could neither uninstall them nor keep them from restarting when you kicked them out of RAM?

That's harsh.

Wait, what?

[93+Escort+Wagon]

"Types of unwanted software fall into five categories: ad injectors, browser settings hijackers, system utilities, anti-virus, and major brands."

How are the first two items not classified as malware? Perhaps the real problem is you're too close to the source, Google.

Re:Wait, what?

[swillden]

"Types of unwanted software fall into five categories: ad injectors, browser settings hijackers, system utilities, anti-virus, and major brands."

How are the first two items not classified as malware?

They're not classified as malware because maintaining clear and firm definitions is a good thing. Malware is software that actively tries to harm the user (steal from them, hold their data for ransom, etc., take over their machine for arbitrary future badness, etc.). Showing ads or directing the user to a different -- but still effective -- search engine, etc., are bad, but they're a lesser form of badness, and it makes sense to me to give them a different name.

But, maybe I'm just pedantic. Well, no maybe about it. I also dislike it when people mix up trojans, viruses and worms. They're different things and have distinct names for a reason, damnit!

Re:Wait, what?

[Dutch+Gun]

That's because, from Google's perspective, you have to read that line: "money injectors, money generating hijackers, system utilities, anti-virus, and major brands."

You can understand how they'd have trouble seeing those first two items as a bad thing.

Re:Wait, what?

[93+Escort+Wagon]

Okay, if we're going to be pedantic - by definition, malware would be just a subset of "unwanted software", wouldn't it? I can't imagine anyone wants malware, after all...

Any software which takes surreptitious action in the interests of some third party and contrary to what the end user would reasonably expect to happen qualifies as malware, in my opinion.

Re:Wait, what?

[swillden]

Okay, if we're going to be pedantic - by definition, malware would be just a subset of "unwanted software", wouldn't it?

Per the literal meaning of "unwanted software", sure. But clearly this term was coined here to identify a category that isn't malware, but yet isn't wanted.

I can't imagine anyone wants malware, after all...

I work with a bunch of people who avidly seek out all the malware they can find, actually. To analyze, not to run, but they definitely want malware, the more the better :-)

Any software which takes surreptitious action in the interests of some third party and contrary to what the end user would reasonably expect to happen qualifies as malware, in my opinion.

And you're welcome to your opinion, but don't be surprised if the industry doesn't redefine long-established terms just because you think they should.

Re:Wait, what?

Any software which takes surreptitious action in the interests of some third party and contrary to what the end user would reasonably expect to happen qualifies as malware, in my opinion.

Actually this is almost word-for-word *exactly* how my employer defines "malware".

Re:Wait, what?

The long-established definition of malware absolutely includes browser settings hijackers. There's no reasonable debate about that. It's overriding the user's settings. Malware.

You can maybe debate about ad injectors, but there's a reason that "display unwanted advertising" is in the wikipedia definition for malware.

I'm going to go ahead and advance the notion that malware was always the nonspecific term for software that is both unwanted and detrimental. The specific terms include keyloggers, viruses, trojan horses, adware, hijackers, worms, ransomware, etc..

Re:Wait, what?

[Alumoi]

That's because, from Google's perspective, you have to read that line: "not our injectors, not our hijackers, not our system utilities, not our anti-virus, and other brands."
Fixed it for you.

Re:Wait, what?

[xtsigs]

They're not classified as malware because maintaining clear and firm definitions is a good thing. Malware is software that actively tries to harm the user (steal from them, hold their data for ransom, etc., take over their machine for arbitrary future badness, etc.). Showing ads or directing the user to a different -- but still effective -- search engine, etc., are bad, but they're a lesser form of badness, and it makes sense to me to give them a different name.

But, maybe I'm just pedantic. Well, no maybe about it. I also dislike it when people mix up trojans, viruses and worms. They're different things and have distinct names for a reason, damnit!

That is your definition of Malware. Many consider ad injectors and browser hijackers as damaging, so they also fall under the malware definition. System utilities than run in the background and interrupt, slow, or compromise my work day is damaging. Anti-virus software that pops up every 5 minutes and costs me several days and many reboots to remove is damaging. Something that does not work the way in which it was designed to work is damaged.

Generally speaking, if we buy a product expecting it perform to certain specifications, and then that performance is in way compromised, we consider it damaged and will exchange it for a working copy or our money back. When it comes to our computers and other devices, we just live with it.

I agree that we shouldn't confused trojans, viruses, and worms. That doesn't mean that we should let other "unwanted software" slide. It is unwanted for the reason that it compromises the behavior/performance of our tools. Hence it is malware (i.e. bad software).

A weed is any plant that I don't want. Malware is any software that gets in my way.

Re:Wait, what?

[drinkypoo]

They're not classified as malware because maintaining clear and firm definitions is a good thing. Malware is software that actively tries to harm the user (steal from them, hold their data for ransom, etc., take over their machine for arbitrary future badness, etc.). Showing ads or directing the user to a different -- but still effective -- search engine, etc., are bad, but they're a lesser form of badness,

Ads and sketchy sites are often malware vectors. A piece of unwanted software which delivers malware is itself malware.

Re:Wait, what?

[AmiMoJo]

They clearly do see them as a bad thing as they have gone to lengths to block them. There used to be a vulnerability in all browsers where local applications could just install plug-ins and change settings files. Chrome blocks that now, so locally installed plug-ins are ignored and settings are encrypted to prevent tampering.

Re:Wait, what?

[sabbede]

I support your pedantry, but to the OP's other point about Google being too close they do still have a toolbar. Not malware, but certainly unwanted and utterly useless.

Re:Wait, what?

[allo]

the point is not the correct name, but the correct handling. They may still be called ad injectors, but my anti virus should eliminate them.

Does spybot s&d still exist?

Re:Wait, what?

No, you're a fucking company employee (and you should always identify yourself as such) parroting the fucking company line; oh, and that's an ->AD- company, by the way.

Since you have no objectivity whatsoever in any discussions relating to Google and advertising, your comments are just needlessly wasting pixels.

Not iPhone is not same as Android--AT ALL

Android lets the phone company add unremovable adds.

My android phone has about 25 applications I can't remove, unless I wanted to root it.

IPhones do not come with AT&T or Verizon or Sprint garbage ware.

And by saying "Oh I like Android and hate Apple so I'll say iPhone has lots crapware too" is deflecting from the true concerns about all the forced crapware on Android phones.

Google says "your check is in the mail".

Re: Not iPhone is not same as Android--AT ALL

Just disable the apps. It'll be like they weren't installed and will be unable to launch.

Can you do that with Stocks by Yahoo or Weather by the Weather network on i devices?

Re: Not iPhone is not same as Android--AT ALL

Zombie crapware always comes back. Cannot delete, over and over I've deleted cache, turned off the apps allowed by goog/samsung and THEY ALWAYS come back. I don't own this device, I just paid for it.

Sure....

... that's why I keep getting pestered to install Chrome every time I update Flash (on a work PC, no Flash unless it's your PC and you pay me to use it! haha)

Anyway, I'll know if this is true when I am forced to update Flash again next time... I'm not holding my breath.

let's break that down lol

What is "major brands"? What if a major brand is also a utility or anti-virus? Anti-virus can also be categorized as a utility. So basically you have 2 types of unwanted software: malware and anti-virus. Fake anti-virus can be malware. Now we're left with just 1 type of unwanted software; MALWARE. Therefore all unwanted software is malware. Yeah someone is making lists just to make lists.

It depends how you define "worse"

[mark-t]

Do you define worse as being simply larger in scale, and affecting more people in undesired ways? Or do you define worse as being a larger headache for those who must deal with it?

If the former, I'd agree. Unwanted software certainly affects more people, but if the latter, I'd have to dissent, and suggest that accidentally having malware get into your system is going to pose a much bigger problem for the end user than unwanted software is ever likely to represent.

Hey Google, you miserable twat

Does unwanted software include unwanted "upgrades" of increased permissions and general increased snoopiness of apps as part of a so-called security update? Google is famous for doing that.

I don't upgrade the apps on my smart-phone because of that issue. Am I at increased risk for being hacked? I dunno, but there isn't really anything I can do about it if I don't want to lick Google ass.

Microsoft malware springs to mind

Buy a new Android phone in Germany and it comes pre-loaded with Microsoft spyware, erm Office. You cannot uninstall it, it starts every time a new data connection is made and it sends data. Lots and lots of data. You can see the packets it sends with Wireshark. Some of it OneDrive (Microsoft's cloud app) which I never used or signed up for, but some of it Office.

I have NEVER USED OR OPENED THEIR APP. It came pre-installed, com.microsoft.office.Word is even started, and that one has camera and mic access. WHY THE FUCK does it start in the background with all those permissions??

Plug it into a drone and it pops unwanted error message to tell you you've plugged it into a PC that isn't a Windows PC.... as if plugging an Android device into a non-Windows PC is an error.

FFS, Fuck off Microsoft with your spyware and malware. Nobody wants you. Get the hint from Windows 10 takeup.

Re:Microsoft malware springs to mind

you could... buy your phone from say Belgium or Poland or anywhere else in the EU you know.
you could... flash it with Cyanogen Mod
you could ... not buy Android

Re:Microsoft malware springs to mind

"you could... buy your phone from say Belgium or Poland or anywhere else in the EU you know."

I didn't know it was pre-loaded with Microsoft crapware (Samsung A series). How would I know which countries have Samsung phones preloaded with their MS crapware?? I cannot root it let alone flash it. As to not-buying Android, I assume that's what Microsoft wants when it pays Samsung to include their malware on the handset. Most people won't notice its spying on them, but they will notice the bandwidth its burning through and the battery power its using, and the 'error' messages when they plug it into a drone, or non Windows devices. I assume that's what Microsoft intended, make Android worse to make their own product seem better.

Why should *I* be required to fix an obvious piece of spyware from them?

Nobody warned me it came preloaded with Microsoft's crap and that that crap would run all the time, and be blocked from uninstalling! Why should *THEY* be able to get away with that? Why can't I uninstall their crap? How are Microsoft allowed to get away with that?

Re:Microsoft malware springs to mind

[Zontar+The+Mindless]

How would I know which countries have Samsung phones preloaded with their MS crapware??

You can add Sweden to the list, unfortunately.

What pisses me off is that, following a recent update, Skype on Android now insists on running continuously, and restarts itself after I've shut it down in the process manager. There's no longer any Exit option in the program, either. WTF?

Re:Microsoft malware springs to mind

[cfalcon]

> Why should *I* be required to fix an obvious piece of spyware from them?

Play Microsoft games, win Microsoft prizes.

Of course, you shouldn't be required to do that. But you *should* be aware enough of the state of the industry, as a slashdot poster, to be familiar enough with the various downsides of each phone alternatives. Maybe you give up privacy, maybe you give up security, maybe you spend a lot, maybe you give up functionality. There's a rainbow of bullshit here, and you have to pick your least hated fucking color.

Re:Microsoft malware springs to mind

Google could not be hypocrites, but here we are.

The true reason for Google

[jeti]

If we can't have Java, we kill it.

Re:The true reason for Google

How pathetic. Think that up all by yourself? Java would be dead outside a minority of legacy business applications had Google not used it in part for their own stack.

Unwanted software?

[Sardokaur]

By unwanted software do you mean Google Chrome and Google Toolbar? That stuff is really bundled in many things. Please stop bundling it.

Time for the pot to clean itself

[simplypeachy]

Such as Google Chrome installing as default browser, Google Toolbar installing to IE?

Re:Time for the pot to clean itself

[sabbede]

Hey! That toolbar gives you the valuable convenience of being able to search right from a box at the top of your browser!

Maybe in some mythical perfect future, browsers will be able to search from the address bar. Until that fantastical day arrives, the Google toolbar will remain a necessary extension.

Wow look who is talking

[Ilgaz]

You almost introduced unwanted, bundled software to the developers. Chrome doesn't count because you are supposed to be cool& nice guys? I don't think so.

Business Model

Google was never a hardware or software company. It's Big Data.

And Steve Jobs was right, their "Don't Be Evil" is bullshit.

Pot meet kettle

"A year-long study between Google and New York University has determined that unwanted software unwittingly downloaded as part of a bundle is a larger problem for users than malware."

You mean like when Google Chrome used to be bundled with all kinds of programs like Avast and Adobe Flash players? (still is, according to some comments)

APPS!

Only apps are wanted! Only LUDDITE software is unwanted. And you can install an app to app your unwanted LUDDITE software out! APPS!

Erratum in title

[philofaqs]

(Don't call me) Shirley the ": " in the title should be 's

Major brands?

[sabbede]

As in McAfee? Is Conduit being considered a major brand?

I hate Conduit.

Google is the main culprit

The Google toolbar is the one I see the most on machines. Talk about unwanted software.

Unwanted software bundled to installers ...

[allo]

Unwanted software bundled to installers ... ... like browsers?

bundled Google software

How about bundled Google software in Android?

What, like Chrome?

[Reziac]

Because about a month ago, Chrome installed a new version of itself without asking, without permission, and the first hint I had (since I don't use the nasty thing unless I have to) was a new icon on my desktop. (Didn't even put it in a sane location. It's somewhere down in User Application Data.)

Apparently if you have Google Talk installed, this is what Google does behind your back.

Re:What, like Chrome?

[toddestan]

Chrome installs a couple of services on Windows that run all the time and will keep updating Chrome even if you never use it. Those services aren't specific to Chrome, you'll get them if you install Google Earth and probably Google Talk too.

You can try stopping those services, but I've found that launching Google Earth will often turn them on again (can't say anything about Chrome or Talk because Earth is the only Google program I have).

Re:What, like Chrome?

[Reziac]

Yeah, I found that with Earth too... tho that had ceased to be an issue because Earth won't run anyway. But this automatically installing (NOT updating -- it installed entirely new and left the old install alone) wasn't happening til this little escapade, and I think the last time Earth ran before it decided not to was about a year ago. So the updater hadn't run since then.

But then I installed Talk, and yep, that's when the new Chrome dates to. Hadn't thought to look in Task Mangler and kill GoogleUpdate. :(

I'd be fine with it asking, or at least informing me that if I want to run X, it will update Y. But this doing it *entirely* behind my back -- that put Google on my permanent shit list.

GOOGLE THE US SPY AGENCY? SERIOUSLY Mr. Schmidt?

They only want wanted malware but not unwanted malware now???

FUck

The title has it wrong

[hoggoth]

Weird title and summary. Unwanted software that installs itself by riding along unnoticed with real wanted software thus tricking you into allowing it to install, then making your system do bad things you don't want it to do...? That's IS malware.