Adware Vendor Tries To Dance Around Sneaky MySpace Installs
from the blame-anyone-else dept
Earlier this week, we noted that adware/spyware vendor Zango (formed out of the merger of two widely disliked adware firms) apparently had someone trying to convince MySpace users to add videos to their site that also just so happened to install some of their adware. It did give users a popup, but as the original security researcher noted, it wasn't clear that the popup was from Zango rather than MySpace -- and many users would just click it to see the video, not realizing they would be installing adware in the process. In fact, it seemed particularly egregious to push these videos on MySpace users, urging them to include the videos on their own profiles as a sort of free distribution force. At first, it seemed likely that this was yet another rogue affiliate that the company had promised were a thing of the past. Instead, it turns out that it was the company's own employee doing this -- in violation of MySpace's terms of service. The company admitted it was a mistake on an individual developer's part (blame the employee!) and then proceeded to basically attack the researcher who brought this mistake to their attention.
The researcher, Chris Boyd, hits back today with a detailed response pointing out the inconsistencies and ridiculous statements from Zango. First of all, it's amazing that they would make him out to be part of the problem, when all he did was point out to them what their own employee had done. Second, their claim about how the little popup they shove at people is perfectly clear is doubly amusing when you realize that they didn't even bother to read MySpace's own terms of service in setting these pages up. If they don't read the legal language when they see them, why do they expect everyone to read theirs? Furthermore, the company later admits that if it hadn't been an employee, but other users who went out and pushed these videos-with-adware through MySpace, they'd be perfectly fine with it. Given the company's long history with surreptitious installs and blaming security researchers every time they highlight yet another problem with the company's practices, is it really any surprise that this is happening?
Reader Comments (rss)
(Flattened / Threaded)
here is a big stick by kantankerus on Jul 12th, 2006 @ 5:56pm
people deserve what they get
or is it
people get what they deserve
i get so confuzzled
(reply to this comment) (link to this comment)
by Anonymous Coward on Jul 12th, 2006 @ 6:15pm
ban them from teh intarweb
(reply to this comment) (link to this comment)
by Anonymous Coward on Jul 12th, 2006 @ 6:21pm
i was infected with this. tough to remove. ended up reformatting because it will reinstall it's self
(reply to this comment) (link to this comment)
lol. by Sean on Jul 12th, 2006 @ 6:24pm
Anyone should know that if a Popup comes up, to close it instantly. If you are too stupid to know this, gtfo the Internet.
But also, Adware companies and Spyware ones, NEED TO DIE. They piss me off more than the idiots who get their Spyware.
(reply to this comment) (link to this comment)
What do you expect? by kjpweb on Jul 12th, 2006 @ 6:28pm
Well - as long no one really intervenes - sure they are going to place their crap wherever they find a place that they can get their hands on.
Take them to cleaners each and every time or even better - outlaw Spyware/Adware and place them in the same category as Viruses.
Make installing of software on users computers without clear consent a fellony. Elevate it to the status of breaking and entering - what it essentially is.
If there is no money to be made without the risk of incarceration - they will simply dry out and fade away.
And what MySpace is concerned - if they were fortifying again known threats, TOS violations - things like that could be easily detected. It is quite funny - that a 3rd party has to make them aware...
(reply to this comment) (link to this comment)
An afterthought by kjpweb on Jul 12th, 2006 @ 6:35pm
Addendum to "What do you expect?"
And why not take the manufacturer of products and those who offer the services pushed by Spy/Adware and have them take the heat, too. If you advertise and pay money for it - you KNOW EXACTLY - what you are paying for.
So they share the responsibility and should share the consequences - the harder - the better.
(reply to this comment) (link to this comment)
Re: lol. by Whateva on Jul 12th, 2006 @ 6:36pm
Anyone should know that if a Popup comes up, to close it instantly. If you are too stupid to know this, gtfo the Internet.
Sean, do you honestly believe that ANYONE who uses the internet and clicks on a popup is stupid and is somehow unworthy of using it? Do you have kids Sean? Older relatives or friends? It happens. Insulting the victem is not the way to go. Adware and Spyware are prevalant because they use highly deceptive techniques. But go ahead believing that anyone not as smart as you needs to "GTFO the internet". You're the kind of guy that would condone date-rape. "She should've known better."
(reply to this comment) (link to this comment)
what doesn't kill you?? by John on Jul 12th, 2006 @ 6:59pm
I suppose that these instances where spy/mal/ad ware infects our personal confusers without our permission or interaction, will toughen us and make us aware that "teh interweb" isn't a safe place. IMHO there should be legislation passed to punish these kinds of invasions. What would you do if someone installed an advertising banner on your car or house? BTW - Sean - I agree with whateva - take it easy on the innocent clickers, even I accidentally click on these sometimes (that's why I don't run as ADMIN)
(reply to this comment) (link to this comment)
i made a lot of money off of HAPPY99 by kantankerus on Jul 12th, 2006 @ 7:00pm
and i realized a long time ago Zango was a zinger. And i am not going to even get involved this time.
(reply to this comment) (link to this comment)
Shooting itself in the head... by firemeg on Jul 12th, 2006 @ 7:14pm
Myspace is shooting itself in the head here. Parents are already pissed about their under-16 year olds using the site, legislators are up in arms about it, Christian groups are having fits.... Now isn't the time to put this crap on their site, and certainly not a good idea to condone the "accidental" placement of the pop-ups.
Any press is good press might not hold true here. If parents who are a bit educated about the internet find out about this, is will be one more reason to keep their kids off Myspace. I know the thought of having to reformat my computer is another good reason to not allow my teenager on the site.
(reply to this comment) (link to this comment)
Zanger by charlie potatoes on Jul 12th, 2006 @ 7:26pm
I used Bear Share for a long time. It was great.. then a while back it began to act funny...yada yada yada, i reinstalled and lo and behold I had Zanger all over my pc.
Then they had the balls to tell me this was the price I had to pay to keep Bear Share...i reformatted to get them off. fuck, is this a great country or what? ass holes can legally vandalize my property...
surely one day in the future they will manage to gore the ox of some congressman and we will see our legistators in action...I get chills just thinking bout it.
(reply to this comment) (link to this comment)
by A chicken passeth by on Jul 12th, 2006 @ 7:51pm
Anyone should know that if a Popup comes up, to close it instantly. If you are too stupid to know this, gtfo the Internet.
Well, that's good advice and all, but there's some stuff today that CAN circumvent this technique. I suppose you haven't seen WinFixer, ErrorSafe and their clones yet.
What they do is code their download/page open/install events around the WindowClosing event as well (even going to the extent of catching the ALT-F4 or the End Task - Browser), so you can't escape _unless you disconnect from the internet_ or you outright disable all java/css/scripts in the first place.
And once you do, you'll never be able to post in a place like this unless you re-enable them, which places you in danger... again.
(reply to this comment) (link to this comment)
by Anonymous Coward on Jul 12th, 2006 @ 8:36pm
Where do u find such pop-ups as these? Only place i could guess is all those porn sites ppl enjoy looking at.... I havent run into any of these horrible pop-ups for a long time...
(reply to this comment) (link to this comment)
by Brandon on Jul 12th, 2006 @ 8:48pm
hmm i never get popups... GOGO Fire Fox!
(reply to this comment) (link to this comment)
The Answer. by Serta on Jul 12th, 2006 @ 8:54pm
I also haven't seen any of these pop-ups in a long time...since I quit using Internt Explorer.
And that is the answer, install Firefox and refrain from using IE at all costs...Amen.
(reply to this comment) (link to this comment)
by A chicken passeth by on Jul 12th, 2006 @ 8:57pm
Where do u find such pop-ups as these? Only place i could guess is all those porn sites ppl enjoy looking at.... I havent run into any of these horrible pop-ups for a long time...
I, too, thought that these idiots would stay at the questionable sites. But I found out I was wrong 2 days ago.
Google ErrorSafe and see which forums are complaining. Apparently an advertiser sneaked this POS into one of their Ads in the rotation. When that ad displayed: BOOM, popup heaven and a hell lot of angry ImageShack, LiveJournal and WoW Forum users.
Sure, the ad has been removed, but for some users the damage is already done.
I caught ErrorSafe last week and had a hell of a time removing it. Guess where I found it? Imageshack. Of all places. Unless a site isn't ad-supported, you WILL be in danger even if the site IS legit.
Tread carefully!
(reply to this comment) (link to this comment)
by A chicken passeth by on Jul 12th, 2006 @ 8:59pm
BTW: I caught ErrorSafe while using FireFox. I've since put it in my adblock list; it didn't come from Errorsafe.com so it wasn't caught in the first place. Meh.
(reply to this comment) (link to this comment)
Re: LMAO!!!! by steve-o on Jul 12th, 2006 @ 10:35pm
LMAO...Awesome, i feel the same way.They need to DIE!!!!
(reply to this comment) (link to this comment)
crap cometh, crap goeth by 10pound on Jul 12th, 2006 @ 10:45pm
4 things ya need
1. Firefox, opera or lynx if your whey nerdy
2. some common sense and web awareness
3. Adware/malware detect kits
4. a rootkit detector of some sort (like blacklight)
Oh crap, my bad, one more thing
a rope..........so we can string these jumping fucking shitbags up by their bozacs.
(reply to this comment) (link to this comment)
Re: Format??? by Nofreakingway on Jul 13th, 2006 @ 1:01am
I can't believe someone actually formatted thier PC because of this. I'm sorry, but if you don't know how to remove adware without simply reformatting, maybe it's time to leave the computer alone until you have a clue as to what you're doing with it.
Besides, YOU are half of the problem, seeing as you actually clicked on the damn popup in the first place. Yet another reason to license people to get online....
(reply to this comment) (link to this comment)
by A chicken passeth by on Jul 13th, 2006 @ 1:11am
but if you don't know how to remove adware without simply reformatting, maybe it's time to leave the computer alone until you have a clue as to what you're doing with it.
I think that's an unfair accusation, especially after having to deal with an Apropos infection that F***'d up a Norton Antivirus install so bad that it will never run properly ever again (BSODs with IRQL_NOT_LESS_THAN on system start unless running in safe mode), even with all the spyware code gone, even after a reinstall, even after a wipe with SymNRT.
I stopped short of reinstalling only because the boss didn't want to go through the trouble of reinstalling everything on his family laptop. I gave him AVG in the end, but the point is some issues simply require reinstalling no matter how you look at it.
I do agree with you about the license to surf thing, tho... the Boss's son just gave me 2 straight days of unpaid overtime.
(reply to this comment) (link to this comment)
Why... by Sanguine Dream on Jul 13th, 2006 @ 6:30am
aren't ad/mal/spyware illegal? Let's I come to your house right after you move in and introduce myself as a neighboor but when you let me I spray paint graffitti all over the inside of your house. Not only will you beat the daylights out of me but you can have me arrested too.
Just like ad/mal/spyware I acted under false pretense to trick you into letting me do what I want. So why is it that one will get me arreseted while the other won't? Your home and your PC are both actual physical property so there's not argument there. The government is trying regulate the internet (like tyring to ban online gambling and social websites at school) but none of the politicians say anything about ad/spy/malware.
(reply to this comment) (link to this comment)
Re: by grammar police on Jul 13th, 2006 @ 6:32am
for a guy who continually corrects people for grammar mistakes, "it's self" is about the most blatant error i've seen on techdirt. well done, hypocrite.
it's = it is
its = it (possessive)
itself = what you should have used.
thus endth the lesson
(reply to this comment) (link to this comment)
by A chicken passeth by on Jul 13th, 2006 @ 9:27am
@Sanguine:
I actually asked the same question about SPAM all those years ago. Then I realised one thing.
I noted that industries used another name for SPAM. It's called mass-mailing. According to the industry, it's completely different from SPAM and as such is "not illegal" unlike spam. It was only much later that mass-mailing was seen as SPAM, and companies started moving away from it.
If you look at the whole spyware thing, you'll notice that spyware quacks and waddles a lot like viruses. Here's the truth: spyware uses virus technology to spread; in effect spyware IS a type of computer virus. It's the industry trying to come up with a separate term to confuse people and cover their tracks.
They aren't completely successful in severing the virus link, tho. Up to now they still haven't decided whether a trojan is a virus (as it once was) or spyware (as some of them are now classified as).
Don't be fooled, they're all viruses. The ones who programmed them are just using legal loopholes, and they are continuing to use legal loopholes now... look at the way corporations are clamouring for the erosion of user privacy and locking down of their viral source code.
(reply to this comment) (link to this comment)
Re: The Answer. by Chris G on Jul 13th, 2006 @ 10:07am
Firefox alone will not stop pop-ups. Nor will any browser itself.
Your best option is to use a browser with a pop-up blocking feature and on top of that, use a extension/plugin such as NoScript, allowing only those scripts to run that you approve.
No amount of protection; pop-up blockers, spyware/adware/virus removal and protection programs or firewalls will provide adequate protection. That is fact and always will be. If anyone says using any one or more peices of software will be all the protection you need I suggest you tell them they are better fit for working at their local McDonalds.
Common sense is always your #1 form of protection. With that, you can protect yourself without any software or additional hardware forever. (We have not hit the point that users are that smart though). It's sad that most people with any level of IT knowledge are also too stupid to know how to protect themselves and on top of that claim they know everything or have the ultimate solution over every one elses.
(reply to this comment) (link to this comment)
Re: Re: Format??? by Caoboy on Jul 13th, 2006 @ 11:38am
You do know that there are many programs out there can just kill the comp outright and destroy any priveledges you have to access the compy. I have reformatted my compy numerous time to get rid of certain adware programs.
(reply to this comment) (link to this comment)
by Anonymous Coward on Jul 13th, 2006 @ 12:12pm
I got Zango and easliy removed it via my add remove programs...am I missing something here?
(reply to this comment) (link to this comment)
by A chicken passeth by on Jul 13th, 2006 @ 6:13pm
Well, you missed the fact that it phones home and installs without your knowledge.
The spyware I have mentioned earlier has NO ENTRY in add or remove programs btw.
(reply to this comment) (link to this comment)
Re: Why... by Franssu on Jul 14th, 2006 @ 10:55am
Because social networks are made for perverts, gambling is bad, but ad/spyware is just advertising business.
And business = good.
(reply to this comment) (link to this comment)
heyy baby by ashley on Oct 17th, 2006 @ 8:25am
heyy baby wad up wat u doin i yavz u
(reply to this comment) (link to this comment)
na by matt on Mar 20th, 2007 @ 6:59am
fgfghsfffff
(reply to this comment) (link to this comment)
jiggabooo'z by jiggaboooooo on Mar 29th, 2007 @ 1:31am
i h8 jiggaboo'ssss
(reply to this comment) (link to this comment)
KKK by KKK on Mar 29th, 2007 @ 1:34am
I wanna burn u niggas on the cross u dirty bastards!!!!!! Ahhhhh Die !!!! if i had ur dad i would have ur mom 2 Go and Blow ur dad!!!!! HAHAHAHA I am the dorning of a new age!!! start a WHITE REVOLUTION¬¬¬¬¬!!!!!!!!! ;-)
All my love KKK man
(reply to this comment) (link to this comment)
fuck that!!!!! by jaun on Aug 29th, 2007 @ 2:31pm
fuck the kkk!
yall are just a bunch of white losers!
lol
hahahaha!
it just makes me laugh
(reply to this comment) (link to this comment)
Add Your Comment