Tag Archives: Rogue software

A Free Zone Alarm?

For firewalls, I always recommend Zone Alarm from ZoneLabs. To my mind it’s still the best and most intuitive firewall around. But most people only need the free version. And that’s where the problem is. Why do ZoneLabs make it so hard for ordinary users to download it?

Readers and friends who have tried to download the free version often seem to run into problems, and download the ‘free trial’ version or some other less-than-free version of the software. As I recommend Zone Alarm, and thought that ZoneLabs had agreed to make this easer after earlier complaints, I thought I should check it out.

It’s true that it’s not easy. The Free ZoneAlarm and trials link is there in the top half of the screen, but it’s below another ‘freebie’, a Spyware Detector (more of that anon). The list of ZoneAlarm Security Products that are now available does not include a link to the free version, and the big link to the ZoneAlarm Security Suite page which dominates the top half of the screen contains no links to the free version. Neither does the download page. So unless you happen to see the link on the homepage, you’ve pretty much lost the chance to get the free download.

And even then, should you make it to the ‘Free Downloads’ page, you’ll have to scroll down to the end of the list, past five other mentions of the word ‘free’ to find the free version. Made it that far? You still have to skip past another tripwire before you make it home without removing your wallet. The first link on that page is to a link: FREE! Scan My PC for Spyware Before Downloading ZoneAlarm® (Recommended) that sounds, to a casual user, almost part of the download process. (What they don’t tell you is that the scan is for free, but you’ll have to shell out $30 to remove the ‘spyware, keyloggers, cookies, adware, browser help objects and other pests’ that the scan will find. My scan found 48 items of ‘spyware’ — all but two of them cookies, which is pushing the definition a little. (The other two were MS Media Player ID files, which are worth removing, according to CA and Kephyr.)

This is a shame because, while I can understand ZoneLabs need to make a buck, the free version is an excellent shop window for ZoneLabs. And users shouldn’t be misled by ‘recommended’ links to other software that looks free, but isn’t really. Bottom line: If you’re not educating the user but trying to get their money through stealth or obfuscation, then you’re not part of the solution.

More On Trusting Google’s Sponsored Links

Further to my earlier post about whether one can trust Google’s Sponsored Links, here are some notes from a chat with Ben Edelman, an expert on spyware:

Ben says legally it’s a difficult area: For Google, the sponsored links are just ads, not any kind of endorsement at all. But users have the sense that Google won’t accept ads from fraudsters, and users rely on this notion of quality. From users’ perspective, Google is breaking its own policies and failing to live up to its good name.”

Ben’s advice to users interested in a sponsored link:

  • Do not trust sponsored links as to spyware removal applications;
  • Do not trust sponsored links too much in general. For some keywords, merchants and sites are self-authenticating — clearly ford.com is who it is. But don’t take presence on the sponsored link list as a good indicator of trustworthiness. Sponsored links can be bought. In contrast, Google’s organic results (the ones at the left of Google search results) are not for sale. The organic results can (mostly) only be earned by putting up good web sites and getting others to link to those sites.

I asked him, whether it was his impression that rogue anti-spy is a growing industry, or more generally, software that claims to do one thing, but does another (instead of, or in addition)?

Ben’s answer: Yes. and those who need/seek spyware removal are, demonstrably, at particular risk of being taken advantage of. They’ve already been taken advantage of, may be easier to trick gain. [They] are feeling vulnerable, in a hurry to get software to fix their problems etc

Very good point. And good advice. Don’t be in a hurry to fix a problem if rushing it may make it worse. Don’t trust a link just because it’s on a Google page. (That goes for all links, but as Ben points out, a high link on the main Google search results list is there because a lot of people have visited it; a link on the right is there because someone has paid for it.) And think hard before you install anything, and ask yourself: Is this going to make my life easier? Or harder?

Porn Sites Aren’t Just About Sleaze Anymore

In case you needed a reason not to surf for porn, here’s one: Nearly all porn sites install some sort of spyware or adware on visitors’ computers, according to a survey released today by Eblocs.com, an anti-spyware vendor.

The study “entailed visiting 100 porn sites and running multiple anti-spyware software programs… to identify any Spyware contaminating the computers.” This spyware included data miners and trojans, while 15% of sites launched porn dialers (which hijack modems and then dial high-cost long distance phone numbers, racking up high phone bills for the user).

Of course Eblocs have an interest in saying all this, as they sell their own solutions to the problem. And 100 websites is not particularly representative of the massive Porn Web out there (I just typed ‘nude’ into Google and got 227 million hits). Those 100 websites could have been skewed towards the sleazier and nastier end of the market — and I’m not talking in terms of the quality of the pornography contained therein.

But nevertheless, I think Eblocs.com has a point. Porn and scams are becoming tighter bedfellows, accompanied by spammers, virus writers and the Russian mafia, as the Internet underground becomes more sophisticated. So it wouldn’t surprise me if more and more porn merchants were doing what they could while they could, loading as much nasty stuff onto a visitor’s computer while they’re browsing. Of course I’m not going to do my own research on this. But if you do, let me know how you get on.

Get With The Process

Johan Malmberg of Uniblue Systems, makers of Windows system utility WinTasks, tells me they’ve launched a new site, www.processlibrary.com, which is “a free service site that provides the user with detailed information about every common process. In the recesses of most computers, 20-30 invisible processes run silently in the background. To know what every process is doing is the best way to ensure that the system is clean from adwares, spyware, viruses, trojans and other unwanted processes.” Processes, by the way, are programs but may not be visible unless you look under the hood of what is going on. They could be a print spooler or some other system widget.

The website is a good place to start if you think there’s something weird going on in your computer and you’re not sure what it is. If you’re using XP or Windows 2000, hit Ctrl-Alt-Del, then the Task Manager button, the Processes tab, and take a look at the list of processes, or ‘Images’, in the column. There will be quite a few odd-sounding names, but if anything jumps out at you — or is sucking up lots of memory (‘Mem Usage’) or chip power (‘CPU’) then jot down its name and enter it into the search field in the ProcessLibrary.

If it comes back and tells you have a nasty on your computer then you should set about removing it.

Spyware? Not My Problem, Says Business

Maybe the problem of Internet security isn’t educating users to be more vigilant, it’s about persuading companies that there is a problem.

A survey (PDF file) released today by California-based Secure Computing Corporation found that that “only 25 percent of businesses recognized spyware as a major problem”. This despite studies that show spyware is a problem: A study by EarthLink, for example, showed that the average PC has 28 spyware programs, while a report by Dell found that spyware accounts for 12 percent of all PC desktop support calls. Today’s survey, meanwhile, reported that 70 percent of respondents saw spyware as either no problem or a minor problem.

The same with file-sharing: 90 percent of businesses saw file-sharing software as not a major problem, and a surprising 40 percent saw it as “no problem.” Same results with instant messaging and personal e-mail accounts 90 percent saw IM as no problem or a minor problem, and 80 percent felt personal e-mail accounts were no problem or a minor problem.

(I tend to see IM and personal email as not so much a security problem as a productivity one, and even then it depends what they’re doing on it. IM can be an excellent way to share information that benefits the user professionally, as can email. But there do need to be security safeguards in place.)

Anyways, it does seem pretty shocking that companies still don’t understand the dangers of spyware. Maybe when more targeted spyware brings a rival company to its knees through massive corporate data loss, espionage or draining its accounts they’ll take more notice.

WhenU’s Popup Victory

WhenU, now known as Claria, has won what it calls an “important decision for the entire Internet industry” in its motion to enjoin the Utah Spyware Control Act, passed in March. WhenU had argued the Act “affects legitimate Internet advertising companies and therefore violates the First Amendment and dormant Commerce Clause of the United States Constitution, among other laws”. (Here’s a CNET story on the verdict.)

If I understand the ruling correctly (and this is based largely on Ben Edelman’s assistance), the judge has ruled that, in this particular law, Utah was unconstitutional in trying to limit popups, while it was within the constitution in trying to outlaw spyware — or more specifically, software that is installed without a licence and lack a proper uninstall procedure. As the judge did no want to break the act in half he ruled in favour of a preliminary injunction for WhenU. Ben, who works as a consultant for the Utah government, reckons WhenU could lose on appeal, since under Utah law, the judge “is obliged to regard the act as ‘severable'” — in other words, that he can keep parts and discard parts.

Avi Naider, WhenU’s Chief Executive Officer, meanwhile, is celebrating his victory. “Spyware is a problem and we want to put an end to it,” he says in a press release. “WhenU supports appropriate anti-spyware legislation at the federal level, but unfortunately Utah’s Act also impairs legitimate Internet advertising.”

The Perils Of Anti-Spyware

Further to an earlier post about whether you could trust a software provider enough to buy anti-keylogging and anti-spyware programs from them if they also sold spyware and keyloggers, here’s an interesting list from Spyware Warrior: programs that claim to be spyware removers but in fact install spyware.

Most of these have a commercial bent, but it’s not too far-fetched to wonder whether such programs could not become the vehicles of choice for folk with more criminal intent, stealing passwords or other personal data from your computer. Indeed, according to this posting, expired website domains of legitimate anti-spy software are sometimes taken over and then used to pedal spyware or dialers (programs that make your computer phone overseas to expensive services).

The bottom line: Be very careful what programs you install on your computer. And nowadays that doesn’t just mean dodgy ‘free’ programs, but even programs that claim to do serious things, like remove spyware. If in doubt, check the company’s homepage, then their Registration information, and then do a Google search of the software’s name to see whether other folk are complaining about it. Then decide whether you want to install it.

Utah, WhenU And Pop-Up Poaching

The spyware war continues.

Ben Edelman, an expert on spyware, reports that “WhenU, a major provider of programs that show pop-up ads according to users’ web browsing activities, yesterday filed suit seeking that Utah’s Spyware Control Act be declared void and invalid.” WhenU effectively poaches browser real-estate by plopping its ads above those of others without the permission of the website.

Ben says: “I’ve followed the act and believe it would provide substantial assistance to consumers facing an increasing barrage of pop-up ads.”

It’s an interesting issue: If Utah’s new act kicks in, will it just be folk like WhenU who will be affected? On Monday, April 19, the FTC will hold a workshop on spyware, Ben says. Here’s the agenda (PDF) and written comments, along with Ben’s own (PDF).

New: Gator Changes Name, But That’s All

 A rose by any other name? CNET reports that Gator, the controversial advertising software and e-wallet company, has “changed its name to better reflect its business in behavioral marketing”. The change, CNET says, distances the company from a name that has become synonymous with “spyware”–that is, ad-tracking software that can be installed surreptitiously.
 
Despite landing such Fortune 500 advertisers as American Express and Target, the company has had difficulty dispelling the negative connotations of its software. It also has faced several lawsuits for its advertising practices. In recent weeks it has gone on the offensive, launching a legal offensive to divorce its name from the hated term ‘spyware’, with some success. In response to a libel lawsuit, antispyware company PC Pitstop has settled with Gator and pulled Web pages critical of the company, its practices and its software.

Software: See Ya Later, ‘Gator

 Here’s one way to get rid of spyware and adware — software that’s inveigled its way onto your computer and is phoning home on your browsing habits, usually to throw unwanted ads onto your screen. interMute, Inc. has released a new version of SpySubtract, that detects and safely removes spyware and security threats, which includes a special feature to wipeout software from Gator Corp. – a major Web pop-up advertising company that uses spyware technology to profile and target users.
 
SpySubtract’s free version allows PC users to easily detect and remove spyware. For $29.95, users can upgrade to SpySubtract PRO, which provides spyware database updates to protect against newly discovered spyware and worms.