- This topic is empty.
-
Posts
-
Here is the latest scumware update by Ben Edelman:
Greetings, and thanks for asking for updates about my research. It’s been some time since I last wrote, so this note will be longer than most —
reporting projects I’ve been working on recently, and summarizing what I’m
planning for the coming months.* Lengthy, one-sided, and poorly-formatted Gator licenses. Gator’s 5,900+
word, 63 page license is presented with almost all its section headings
merged into body text, and without bold-face type to delimit its headings.
Users who manage to read the license find some surprising terms: For one,
users must not use third-party tools (like Ad-Aware or Spybot) to remove
Gator. Also, users must not use packet sniffers to investigate what
personal information Gator tracks and sends. Screenshots and more analysis:Gator’s EULA Gone Bad
http://www.benedelman.org/news/112904-1.html* Unwanted software installed through security holes. When users complain
of unwanted software on their PCs, I usually suspect they’ve been tricked
into pressing Yes or Accept on some pop-up purporting to request their
“consent.” But sometimes software truly does install without any warning
whatsoever, and without any consent whatsoever. I’ve made a video showing
such an occurrence, installing programs including 180solutions,
BargainBuddy, and ISTbar without any user notice or consent. Write-up,
screenshot, and video:Who Profits from Security Holes?
http://www.benedelman.org/news/111804-1.html* Software installed even when users specifically decline. Grokster, a P2P
filesharing problem, is known to install a large bundle of software if users
press “Accept.” But in my testing, Grokster also installs unwanted software
— two different programs — even if users press Cancel. My write-up and
video:Grokster and Claria Take Licenses to New Lows
http://www.benedelman.org/news/100904-1.html* Update on proposed anti-spyware legislation. It now seems unlikely that
federal anti-spyware legislation will be passed this term. That’s probably
for the best, in my judgment, since the proposed legislation was too weak to
make things better. Indeed, Claria supported the legislation. (Claria’s
lengthy and poorly-presented license, as discussed above, would seemingly be
largely permitted under the proposed legislation.) But the federal
legislation could be worse. I consider California’s recently-passed bill
even more ineffective. Relevant links:Initial analysis of proposed federal anti-spyware legislation
http://www.benedelman.org/news/100904-1.html#bAnalysis of California anti-spyware legislation
http://www.benedelman.org/news/092904-1.htmlIndex of proposed anti-spyware legislation
http://www.benedelman.org/spyware/#legislationIn closing, a bit on my plans for the coming months: More testing of
programs that interfere with affiliate commission tracking. More testing of
“second-tier” spyware programs — whose installation methods are even more
outrageous and whose effects are even more damaging. Measurement of the
performance effects (speed reduction, bandwidth requirements, etc.) of
selected spyware programs.Please send suggestions, and please do keep in touch!
Ben Edelman
benedelman.org
