Tag Archives: Adware

Claria Goes Into Search

Claria, formerly Gator and allegedly the brief focus of Microsoft interest, has announced it is working on a new search engine technology which “goes far beyond analyzing links to pages and hypertext matching, and instead evaluates how consumers actually interact with search results when they are seeking information on the Web”.

I don’t claim to really understand what they’re doing here, but the press release seems to suggest that Claria would both collect extensive user data but also offer that aggregated data to users so they can better judge search results: Claria’s press release is here:

“Even in this early stage of technology, this represents a clear ‘step function’ improvement in search methodology and relevancy,” said Jeff McFadden, president and CEO of Claria Corporation. “Over time and with more users, these types of personalization technologies will allow consumers a richer, more customized online experience. For example, a college student and a business executive who are both searching for ‘hotels in China’ would appreciate vastly different results. Ultimately, this is the power that personalization can provide – with technology automatically customizing information for the consumer.”

Could be interesting, could be creepy. Certainly personalized search is the next hilltop to scale, and this makes some sense for Claria, who need to get out of the hole they’re in.

Microsoft and Claria: It May Never Have Been On, But Now It’s Off

It’s hard to know how serious this ever was but whatever, it’s now over, according to ClickZ News, who reports the Microsoft/Claria Deal Dead:

Microsoft has ended its acquisition talks with behavioral targeting firm Claria, ClickZ News has learned from a source close to the discussions. Another Microsoft source later confirmed that report.

A Microsoft staffer, who asked not to be identified, characterized the end of the talks as driven by concerns about a PR fallout that could follow a Claria purchase. That company has, in the past, been associated with spyware.

The source says Microsoft will likely consider buying other companies with behavioral targeting technology, but no one is “officially in scope at this time.”

Certainly Microsoft was losing some major PR ground with the rumour bouncing around, and it didn’t help that folk were noticing some (possibly coincidental) tweaking of its own Antispyware assessments of Claria/Gator threats.

Microsoft’s Antispyware Turns Neutral on Claria?

(Sorry, a few days late with this.) Further to the reports of talks between Microsoft and adware maker Claria (formerly Gator), spyware/adware expert Ben Edelman points to a website discussion that highlights an apparent conflict of interest should Microsoft Buy Claria: What would Microsoft’s own anti-spyware software make of Claria’s adware?

A Dozleng.com post reports that Microsoft’s Anti-Spyware Beta now recommends that users “ignore” Claria. To confirm this result, I downloaded Claria’s DashBar and Precision Time products, then installed MSAS, all on a fresh virtual PC that hadn’t previously run any of these programs. MSAS’s recommendation and default action was “Ignore.”

In contrast, when last I ran MSAS on a PC with Claria software installed, MSAS recommended removing these same programs. This is exactly the kind of conflict of interest I worried about three paragraphs above — but I didn’t anticipate how quickly this problem would come into effect!

There are some more comments collected here. One website, Sunbelt Software, which receives updates from Microsoft but has its own inhouse research lab, reports that the change in recommendation from Quarantine or Remove to Ignore took place on March 31. Sunbelt’s Alex Eckelberry writes:

At any rate, does this mean that Claria will, in fact, be purchased by Microsoft? Not necessarily. It could mean, however, that the two companies are working together in some other capacity, or that Claria has successfully lobbied Microsoft to change the default action. Or, it’s a simple oversight.

I can’t help feeling that if it was an oversight, it would have been corrected by now. And, as Ben Edelman points out, it’s not possible to check a list of Microsoft’s decisions on this kind of thing, where Microsoft lets users know what’s no longer being detect etc.. .

Compare Microsoft’s neutral ‘Ignore’ recommendation with nearly all other antispyware/adware programs that do, according to the Spyware Warrior website, detect Claria products, and, where they make a recommendation, suggest they be removed.

Bottom line? I’m with Ben: I think whatever bits of Claria Microsoft is interested in, conflicts of interest rear their head and the company’s efforts to burnish its image as security guardian will be lost, virtually overnight.

Porn Sites Aren’t Just About Sleaze Anymore

In case you needed a reason not to surf for porn, here’s one: Nearly all porn sites install some sort of spyware or adware on visitors’ computers, according to a survey released today by Eblocs.com, an anti-spyware vendor.

The study “entailed visiting 100 porn sites and running multiple anti-spyware software programs… to identify any Spyware contaminating the computers.” This spyware included data miners and trojans, while 15% of sites launched porn dialers (which hijack modems and then dial high-cost long distance phone numbers, racking up high phone bills for the user).

Of course Eblocs have an interest in saying all this, as they sell their own solutions to the problem. And 100 websites is not particularly representative of the massive Porn Web out there (I just typed ‘nude’ into Google and got 227 million hits). Those 100 websites could have been skewed towards the sleazier and nastier end of the market — and I’m not talking in terms of the quality of the pornography contained therein.

But nevertheless, I think Eblocs.com has a point. Porn and scams are becoming tighter bedfellows, accompanied by spammers, virus writers and the Russian mafia, as the Internet underground becomes more sophisticated. So it wouldn’t surprise me if more and more porn merchants were doing what they could while they could, loading as much nasty stuff onto a visitor’s computer while they’re browsing. Of course I’m not going to do my own research on this. But if you do, let me know how you get on.

Could The Fake Beheading Have Been Proven Earlier?

I know it’s easy to be smart after the event, but were there enough clues on the Internet for journalists to have figured out the Benjamin Vanderford video was a fake before AP and others published the news?

There were some clues, at least. From the video we were able to know his name and his home town, even his home address. From that checks on Google would have thrown up the following at the very least:

  • Him, or someone with the same name, was running for office:  A piece on The Examiner website on May 31 mentions “Benjamin Vanderford, 22-year-old political independent, musician and video-game programmer” as being a District 4 candidate and a member of something called the Candidates Collaborative.
  • sfbulldog, an online resource for politics and the arts, also mentions Vanderford, or someone with the same name on May 22, who was, according to the author H Brown, “smarter than me (not saying a lot, I know) … has great web site and hell of a sense of humor. Fine young writer. A future in politics if he’s serious and could shock everyone if his web site catches on.” Unfortunately the website address mentioned is not cited. (It was possibly this one, mentioned on the Northeast Intelligence Network in its early assessment of the video but not cited. The link itself is no longer active.)

Already, however, we’re getting a picture of someone who seems likely to be the Vanderford in question, since he’s from that town, appears to be the same age, and is the only Benjamin Vanderford in San Francisco area. He’s also a guy with a sense of humour, running for office, smart and with a website worth checking out. What’s he doing in Iraq, and why is there no mention of that fact?

That, I suspect, should be enough. Did any journalists try calling his home to confirm? Vanderford says he had circulated the video on P2P networks such as KaZaA for several weeks. Would a savvy journalist have been aware of this? Perhaps not. But as the The San Francisco Chronicle points out, usually material which is gathered from the Internet carries qualifying phrases. But this time the fact that the video had appeared on a Islamic website that has in the past posted communiques and videos from Islamic radical groups appeared to be enough to convince several news agencies to go ahead.

Bottom line: Any material that appears on the Internet should be checked, wherever it appears. In this case, with the guy’s name and address so clearly stated, it would seem to make sense to make some rudimentary checks first before announcing he has been killed.

WhenU’s Popup Victory

WhenU, now known as Claria, has won what it calls an “important decision for the entire Internet industry” in its motion to enjoin the Utah Spyware Control Act, passed in March. WhenU had argued the Act “affects legitimate Internet advertising companies and therefore violates the First Amendment and dormant Commerce Clause of the United States Constitution, among other laws”. (Here’s a CNET story on the verdict.)

If I understand the ruling correctly (and this is based largely on Ben Edelman’s assistance), the judge has ruled that, in this particular law, Utah was unconstitutional in trying to limit popups, while it was within the constitution in trying to outlaw spyware — or more specifically, software that is installed without a licence and lack a proper uninstall procedure. As the judge did no want to break the act in half he ruled in favour of a preliminary injunction for WhenU. Ben, who works as a consultant for the Utah government, reckons WhenU could lose on appeal, since under Utah law, the judge “is obliged to regard the act as ‘severable'” — in other words, that he can keep parts and discard parts.

Avi Naider, WhenU’s Chief Executive Officer, meanwhile, is celebrating his victory. “Spyware is a problem and we want to put an end to it,” he says in a press release. “WhenU supports appropriate anti-spyware legislation at the federal level, but unfortunately Utah’s Act also impairs legitimate Internet advertising.”

WhenU Addresses Its Image Problem

The whole WhenU story gets weirder and weirder.

Last week Ben Edelman, the privacy hound, pointed out that the besieged pop-up provider WhenU was ‘cloaking’ itself. This means, in Ben’s words, ”using prohibited ‘cloaking’ methods to make search engines think certain WhenU servers offer content of interest to readers seeking certain search terms, when in fact the servers merely redirect readers to articles favorable to WhenU.” The result: ”WhenU elevates the visibility of sites it selects, while pushing critics’ sites lower in search engine rankings.”

Google and Yahoo have since removed from their listing all WhenU sites involved in the scheme. WhenU, for their part, have blamed an outside company for the move: “WhenU hired an outside Search Engine Optimization firm to legitimately enhance our search engine rankings. These issues were brought to our attention today, and we immediately addressed the situation and instructed the outside firm to reverse their actions. We anticipate being relisted at the major search engines shortly,” says Avi Naider of WhenU.

Now Ben has spotted something that WhenU may find harder to explain away: WhenU has, he says, stacked copies of more than two dozen news articles on at least 12 of its websites in an apparent attempt to create a “boost in visibility of this pro-WhenU content, at the expense of content critical to WhenU”. These websites include a dizzying smorgasbord of names, including whenubuild.com, whenuchat.com, whenyoucook.com, whenudecorate.com, whenulearn.com, whenumail.com, whenuretire.com, whenusleuth.com, whenusurf.com, whenyouinvest.com, and whereuinvest.net.

Of course there’s nothing wrong in itself with doing this, although the intention seems to be clearly the same as the earlier the move — to improve search results for webpages referring positively to WhenU. But as Ben points out: “Research has yet to determine whether WhenU has authorization to make these article copies, but the articles mention no such authorization. The articles also lack ordinary statements of copyright by their respective publications.”

I’ve sought comment from WhenU on this, and will post anything once I receive it. At first glance it does appear that WhenU are taking desperate measures in the face of public criticism and legal challenges. It will be interesting

Phishing And The Pop-up

Speaking to Well Fargo Online’s Wendy Grover this morning, I realised there’s a dimension to the debate about pop-ups that hadn’t occurred to me before: Phishing.

The central argument used by companies such as Wells Fargo in their long-running litigation against the likes of WhenU and Gator (now Claria) is that they confuse the user. These services, they say, hoodwink the user into downloading software that will track their browsing habits and, in the case of WhenU, replace existing ads on a website with their own. Surveys, Wendy Grover says, baffle the end user who didn’t know the software was installed and believe the pop-up ads they do see are from the website itself, not WhenU.

Until lately this was all a little academic. Privacy issues were at the fore. But now that banks and financial institutions are being targeted by sophisticated scammers who create convincing looking emails and websites to fool users into entering their passwords, it no longer seems so. If users are confused about the origin pop-ups on banking websites, then it illustrates their vulnerability to being duped by an entirely fake website. Wells Fargo themselves have been the target of several phishing expeditions.

Customers, we have to acknowledge, do not know exactly what’s going in their browser, and while educating them helps, misleading programs adding third party content don’t.  ”It’s very important that customers know where they are and where they’re entering their information,” says Grover. I’d tend to agree.

Popups Never Die, They Just Mutate

In response to my post yesterday, a reader suggested that with the proliferation of pop-up ad blockers in browsers and toolbars, who needs to worry anymore about ‘contextual’ ad services like WhenU?

Since I installed the Google toolbar, I’ve forgotten what a pop-up looks like. Since I installed Win XP SP2, the “pop-ups blocked” counter on the Google toolbar hasn’t moved. In a few years, you’ll be writing a column called “Remember Popups?”

Not quite yet, unfortunately. Ben Edelman, an expert on privacy issues and a critic of services like WhenU, tells me: “WhenU doesn’t use these methods at all. Rather it uses client-side software, and popup stoppers just don’t stop this. And they can’t, easily, given 1) the way popup stoppers work, and 2) the way WhenU works.”

I’ll be looking more at this in a future column, but for now, yes, popups as we know them needn’t be much of a bother. But meantime the contextual ad industry continues, with companies like Popstitial (looked at in another earlier post) and IntelliTXT (looked at here) raising the bar.

Utah, WhenU And Pop-Up Poaching

The spyware war continues.

Ben Edelman, an expert on spyware, reports that “WhenU, a major provider of programs that show pop-up ads according to users’ web browsing activities, yesterday filed suit seeking that Utah’s Spyware Control Act be declared void and invalid.” WhenU effectively poaches browser real-estate by plopping its ads above those of others without the permission of the website.

Ben says: “I’ve followed the act and believe it would provide substantial assistance to consumers facing an increasing barrage of pop-up ads.”

It’s an interesting issue: If Utah’s new act kicks in, will it just be folk like WhenU who will be affected? On Monday, April 19, the FTC will hold a workshop on spyware, Ben says. Here’s the agenda (PDF) and written comments, along with Ben’s own (PDF).