Techdirt. Stories filed under "misleading"

Why Are Y Combinator And Andreessen Horowitz Backing A Drive-By Toolbar/Adware Installer?

Tim Cushing — Wed, 16 Jan 2013 15:35:09 PST

Raise your hand if you love bundled toolbars and other assorted suspiciously-acting software installing itself on your computer when all you thought you were installing was a Java update or some other unrelated program. No, go ahead. Yeah... that's none of us.

Bundled toolbars and the like are considered "necessary evils" by those hoping to monetize something they're otherwise offering for free. But to the average computer user, they're annoying, devious bits of software that do fun things like hijack your default search or plant a row of links you'll never use in your Favorites bar. And that's when they're not doing more nefarious things, like delivering all sorts of browsing data to who knows where or, worse yet, running an unasked for "virus scan" and holding your computer hostage until you purchase the software from some shady third party.

Knowing the preceding to be an actual, provable fact, why on earth would respected entities in the tech community like Y Combinator and Andreessen Horowitz get in bed with a startup whose sole purpose is to "monetize" installs by bundling unwanted adware, toolbars or worse with its clients' programs?

That's the question Long Zheng at I Started Something is asking.

Many people in the technology startup community have very high regards for Paul Graham and Y Combinator, the exclusive seed accelerator program in Silicon Valley which has under its belt acclaimed successes like reddit, Airbnb and Dropbox. There’s equal standing for Andreessen Horowitz, a private equity investment company with notable alumni such as Groupon, Instagram and Skype.

Now those people and companies have put their most valuable support – money, experience and brand – behind “InstallMonetizer“, a company that describes itself as a “windows based software monetization platform”. Very carefully selected words.

Now, there's nothing wrong with being a "software monetizer" who bundles products for clients with the software of others, other than the fact that your business method is highly unpopular with most computer users and that your financial success is usually dependent on the ignorance of those on the receiving end of opt-in/opt-out dialog boxes. In and of itself, not illegal or evil... just unwelcome.

No, the problems begin when your privacy policy can't even agree with itself as to whether InstallMonetizer is providing personal information to its clients, something Rafael Rivera discovered when reading through the company's typo-laden fine print:

Consumers Receiving Product Recommendations- We review the consumer’s pc for existing software. This is done to provide the consumer an advertiser software which they currently do not have installed on their computer. This information is not stored in order to maintain consumer’s privacy. We gather personally identifiable and may include information regarding your geo-location, ip address, operating system, language setting and information regarding whether recommended advertiser software has been accepted, downloaded, installed and any reason for failure installing. None of his information is personally identifiable.

But that statement seems to be false, on top of being nearly unintelligible. As Long Zheng points out, its own website clearly states (with pictures!) that it gathers IP and MAC addresses and makes them available to its clients.

So, all this information is/isn't gathered and is/isn't turned over to InstallMonetizer's clients, so there's nothing to worry about because the company takes rigorous security precautions...

We endeavor to take security measures to guard against unauthorized access to the systems where we store your data. This includes internal reviews of our data collection, storage, and processing practices and security measures and physical security measures.

and sends your unencrypted login data to you via a third party mailer...

Long doesn't question the fact that some software developers will find services like this a useful way to generate some additional income. What he does want to know is why respected entities like Y Combinator would back a startup that actively makes computing worse.

I’m not going to delve into the technical aspects of crapware – its effects on system performance, reliability and satisfaction are pretty well documented. The fact that there is a thriving ecosystem of “crapware, adware, spyware” removers is enough evidence it’s a significant issue.

Perhaps more importantly, I strongly believe crapware installers among other foul practices have eroded the trust of the Windows app ecosystem as a whole.

What used to be a fairly standard flow of app discovery has turned into a minefield of misleading download links on websites, defaulted checkboxes or sneaky install crapware buttons in position of “next” in wizards and browser homepage overrides. And it just takes one wrong click to have irreversible consequences.

Last but not least, disregarding the moral factor of this investment, I’m puzzled why such visionary investors would invest in a process that is slowly being phased out by changing industry practices...

I admit every person and company has the right to set their own moral compass, but it’s genuinely disappointing to see such respected and influential people and companies put their weight behind a practice that has undermined and continues to undermine the credibility of the Windows app ecosystem.

It's a good question. While no one expects VCs and accelerators to solely back conscionable startups, no one really expects those with stellar reputations to back a startup whose product is indistinguishable from hundreds of other shady installer packages standing between the end user and the product he or she actually wants.

InstallMonetizer claims it turns down 95% of applicants in order to keep it free of adware, spyware and malware, but just because the Yahoo! toolbar (to use one example) is none of the above doesn't make its uninvited presence in a string of opt-in/opt-out dialog boxes any more welcome. There are many ways to earn income while still providing a free product and there will be even more ways in the future. What's going on here isn't innovative. It's just another, slightly shinier version of something people are already sick of, and its questionable privacy policy quite possibly makes it no better (or different) than the others that have preceded it.

Permalink | Comments | Email This Story

Megaupload Tells Court That DOJ Deliberately Misled Court In Getting Warrant

Mike Masnick — Thu, 3 Jan 2013 05:28:53 PST

Lawyers for Megaupload have filed a motion with the court handling the US side of the prosecution against the company, arguing that the original warrants were defective due to blatant misrepresentations by the government. As you may recall, in the case involving Kyle Goodwin, a Megaupload user who is trying to get his data back, he had to ask the court to unseal the warrant the DOJ used to seize Megaupload because the government had kept it secret. While the Justice Department went ballistic trying to prevent this unsealing, the judge allowed it to happen. And it didn't take long to figure out why the DOJ preferred to keep it private because among a bunch of problems, was the big one: a key bit of evidence that the DOJ used against Megaupload to prove that it had "knowledge" of illegal activity on its servers existed because the government -- via service provider Carpathia -- had explicitly told Megaupload to hold onto certain data since it was a part of a criminal investigation.

As Megaupload points out in this filing, it's particularly ridiculous that Megaupload was told to hold onto certain information as part of a criminal investigation -- to which it complied -- and then that very fact is being used against it, because it didn't delete the info. And, of course, the DOJ didn't explain the context in getting the warrant.

This Court recently ordered the unsealing of the documents previously submitted by the United States to support taking down the Megaupload cloud storage site by seizing the domain name(s) --- such unsealing lays bare a crucial omission the Government made to the Court in the secret process. Specifically, the Government’s affidavits underpinning the warrants omitted critical, exculpatory information regarding whether, why and how Megaupload knew it was hosting criminally infringing files. The Government represented that, “[o]n or about June 24, 2010, members of the Mega Conspiracy were informed, pursuant to a criminal search warrant from the U.S. District Court for the Eastern District of Virginia, that thirty-nine infringing copies of copyrighted motion pictures were present on their leased servers at Carpathia Hosting, a hosting company headquartered in the Eastern District of Virginia,” and that, “[a]s of November 18, 2011, thirty-six of the thirty-nine infringing copies of copyrighted motion pictures were still being stored on servers controlled by the Mega Conspiracy,” after it was informed of the infringing content.... This snippet—which appears in each relevant affidavit and is the only direct, corroborated evidence the Government purports to offer as proof that Megaupload had requisite knowledge—suggests that Megaupload was warned of its potentially criminal complicity yet persisted in hosting the files without concern for their illegal content. The affidavits, in short, paint Megaupload as a brazen scofflaw.

The truth, as the Government well knows, is quite different. Megaupload had every reason to retain those files in good faith because the Government had sought and obtained Megaupload’s cooperation in retrieving the files and warned that alerting users to the existence of the warrant and the Government’s interest in the files could compromise the investigation. Carpathia informed Megaupload that the warrant was sealed, and that only Carpathia and Megaupload, not the users of the infringing files, were to know of its existence, and at the Government’s request provided Megaupload a copy of the sealing order. The Government selectively parsed its account so as to exclude critical facts that negate any notion that Megaupload had criminal mens rea to retain the infringing files. The Government deliberately neglected to apprise the Court that:

Megaupload received the June 24, 2010 warrant in the course of cooperating with a Government investigation;

Megaupload was informed of the June 24, 2010 warrant by its vendor, Carpathia Hosting (“Carpathia”), with the Government’s consent and for the express purpose of obtaining Megaupload’s voluntary assistance with executing the warrant;

The Government declined to communicate directly with Megaupload about the warrant, instead deputizing Carpathia to communicate on its behalf;

Carpathia directed Megaupload not to open “EM7 tickets” on the infringing files—which would have alerted a larger number of people to the existence of the warrant and jeopardized the secrecy of the investigation—“[b]ecause of the Government’s seal on the warrant,” asking that Megaupload instead deal directly with a single person at Carpathia;

Megaupload’s preservation of the status quo, particularly by not taking down or otherwise disturbing the files identified in the June 24, 2010 warrant, was faithful to the Government’s express desire, reflected by the Magistrate Judge’s order sealing the warrant (provided to Megaupload by Carpathia at the Government’s request) and by Carpathia’s instructions on the Government’s behalf, for Megaupload to ensure that evidence would remain preserved and that the target users would remain unaware of the investigation; and

Consistent with its stated desire that the warrant and investigation remain confidential so as not to tip off the target users, the Government—neither directly nor through Carpathia—ever requested that Megaupload take down the files identified in the June 24, 2010 warrant.

Megaupload is now arguing that the warrant and the seizure itself were defective and need to be overturned based on the fact that they were completely misleading on this bit evidence. In fact, the government specifically appears to have instructed Carpathia to tell Megaupload (1) to retain the files in question and (2) that Megaupload was not the subject of the investigation:

Nowhere did the Government tell this Court that its June 24, 2010 warrant had been calculated to enlist good-faith cooperation with a criminal investigation, while preserving the secrecy thereof. Nowhere did the Government tell this Court that the Government had sought Megaupload's voluntary assistance in executing the warrant. Nowhere did the Government tell this Court that Carpathia had assured Megaupload, in the interests of its requested cooperation, that there was no basis to believe that Megaupload was a target. Nowhere did the Government tell this Court that Megaupload had in fact cooperated precisely as requested. Most importantly and most troublingly, nowhere did the Government tell this Court that Megaupload had been informed by Carpathia, acting on behalf of the Government and heeding the Government's insistence upon sealing, that the secrecy of the warrant and the Government's investigation must be preserved to avoid destruction of evidence and notification of the targeted users. Nor did the Government inform this Court that the sealing order it had obtained and furnished Carpathia to provide to Megaupload likewise required secrecy and expressly specified that [redacted ]. In sum, nowhere did the Government tell this Court that Megaupload had done exactly what the Government had asked it to do--execute a search warrant without alerting the ostensible targets to the existence of an investigation. The Government's contention to this Court that Megaupload's preservation of the status quo was evidence of criminal intent is false, and deliberately so.

Attached is an exhibit in which Carpathia explicitly says it told the DOJ that Megaupload was happy to cooperate with the US government on such investigations.

Given its responses so far, I fully expect the government to go ballistic over this filing as well, but with each filing, their case looks weaker and weaker. As we've said in the past, it really does seem like DOJ agents were taken in by Hollywood's story about how Megaupload was pure evil and that was obvious to anyone -- and, as such, the DOJ could take various shortcuts in bringing the site and Kim Dotcom down. To be honest, what's still incredible to me about all of this is that, prior to the takedown, I probably would have agreed that Megaupload was likely a "bad player" in the space and that Dotcom had a reputation of thumbing his nose at the law. But as more and more details have become clear, it's looking more and more like the DOJ cut corners so badly that it's entire case may be at risk. If true, this will be a massive embarrassment for anyone at the DOJ associated with the case.

Permalink | Comments | Email This Story

Video Detailing How US Chamber Of Commerce Deceives The Public In Its Support Of SOPA & PROTECT IP

Mike Masnick — Thu, 22 Dec 2011 11:11:00 PST

A few weeks ago, we did a step-by-step detailed debunking of the claims by the US Chamber of Commerce's Steve Tepp. He had gone on PBS News Hour to defend the illegal domain name seizures, as well as the plans for SOPA and PROTECT IP. He made claims about how "huge" a problem "rogue sites" are, and quoted some big sounding numbers in a very serious voice. We went through the details for where those numbers came from and discovered (spoilers!) that he was being extremely disingenuous in presenting the numbers. The details actually showed that he was conflating a few different issues, using ridiculously shoddy methodology, and mixing in a few dodgy assumptions on top of that. In fact, the actual numbers suggested the real problem -- that of dangerous counterfeit goods being sold, was a fairly tiny problem.

Techdirt reader Nick Dynice thought that the post would work well as a short documentary, and took it upon himself to use the post as a script to create the following video about how Steve Tepp and the US Chamber of Commerce mislead with statistics in a dishonest way to garner support for the illegal domain seizures, as well as the unconstitutional proposals for SOPA and PROTECT IP. Thanks to Nick for putting this together.

Permalink | Comments | Email This Story

Latest Study Confirms Cox Traffic Shaping; Comcast Misleading Again

Mike Masnick — Thu, 15 May 2008 21:55:29 PDT

A bunch of folks have been submitting various news reports claiming the "news" that Cox is traffic shaping just like Comcast is -- but that's hardly news. We had a story about that last November. What is a bit more interesting out of the same study (though, not very surprising) is the news that Comcast has been less than forthright in explaining what it's doing. While Comcast denied any traffic shaping for the longest time, when it finally 'fessed up (just a bit) it said that it only used traffic shaping during peak hours. However, the research suggests otherwise. After testing a bunch of users at various times, this new study found no noticeable difference in blockages based on time.

Permalink | Comments | Email This Story