Critics decry spread of 'scumware'

It's an ugly issue with an equally dreadful name: scumware.

In general terms, scumware is software that surreptitiously changes the appearance of Web pages. It does so without the permission of Webmasters or Web site content owners - an act scumware makers justify by saying their software does not alter HTML programming code used to build Web sites. Rather, it affects what a visitor who has installed a scumware program sees on his desktop while surfing the Web.

Critics say scumware is harmful on multiple fronts: Web site operators can lose revenue; users might unwittingly sacrifice their privacy; and corporations have to deal with security vulnerabilities when their users download unauthorized applications.

Scumware usually is free, billed as a helpful utility to manage passwords, deliver personalized content or block cookies. But its makers' real intent is often to display ads that have been provided by paying advertisers, or route its users to the Web sites of sponsoring companies.

In practice, scumware does things like float pop-up ads over Web content and advertisements, insert its own hyperlinks into a user's view of a Web page, and reroute existing hyperlinks to unauthorized sites. Imagine ads for "Company A" popping up on the screen of a user perusing "Company B's" site. Or the phrase "flight reservations" hyperlinked to take a visitor from one airline's Web site to the Web site of a rival.

Creators say it's lawful, effective, targeted advertising.

Web site owners argue that such uninvited links and ads hurt their revenue opportunities, damage relationships with their official advertisers and imply endorsements that don't exist.

Some Web site operators are fighting mad - notably several publishers including The New York Times Co. and Dow Jones & Co. Inc., which this summer filed a lawsuit against software maker The Gator Corp. for allegedly violating copyrights and stealing revenue.

Gator makes software that manages passwords and fills out forms for Web surfers. In exchange for the free management software, users are fed pop-up ads. Gator used to make some of those ads the same size as some Web site banner ads and position them directly over authorized Web page ads - a practice it stopped in November, the company says. Gator still serves pop-up ads, but the size and positioning of those pop-ups do not cause direct ad overlays.

While the publishers' lawsuit against Gator is pending, the plaintiffs scored an early victory in July. A U.S. District Court judge in Alexandria, Va., issued a preliminary injunction against Gator that bars the company from delivering ads to the plaintiffs' Web sites, at least temporarily.

Meanwhile, Gator defends its advertising practices, which the company insists are not copyright infringement because there is no copying or modifying of the plaintiffs' Web sites, or any other material.

"Consumers have opted to receive free software in return for occasionally receiving these advertisements," said Gator CEO Jeff McFadden in a statement on the company's Web site. "The 22 million PCs that comprise the Gator Advertising and Information Network [GAIN] are owned and operated by 22 million consumers, not by a handful of Web site publishers. What happens on these users' screens is the users' business and choice, not the plaintiffs'."

Raising the ire of users

Legal or not, the methods of Gator and others continue to raise the ire of many users.

One Network World reader wrote in response to a newsletter on the subject that he finds products such as Gator to be even more obnoxious than spam. He's glad to hear about the lawsuit: "I am thankful that someone with a little muscle is taking them to task," wrote the systems administrator.

Another reader wrote that he doesn't object to Gator's marketing intent, just its installation tactics: "I have no problem with marketing, I don't like the way Gator installs itself without the knowledge of the user. I have had to remove it from my PC numerous times even though I haven't ever purposely installed it. I am an IT professional and am very aware of what I click on when surfing the Web."

Critics take issue with many scumware providers' software distribution tactics. Often the software is bundled with another program. Though users authorize the download, it's not always clear what they're getting.

For example, TopText is bundled with other software, including the KaZaA peer-to-peer file-sharing software. TopText from eZula is a browser plug-in that adds hyperlinks to a user's Web view. Users can identify keywords that interest them; in addition, sponsors can purchase keywords or phrases that redirect TopText users if they click on them.

Gator declined to discuss its software-bundling partnerships. But published reports say Gator software is bundled with Webshots, a free screensaver program, and DivX Pro Video Bundle, a program for creating and viewing videos in the DivX video format, among other pairings.

On its Web site, Gator refutes the contention that users are unaware they have installed Gator software: "All authorized distribution of Gator Corporation software products are 'permission-based' and require an active consumer action before the software is downloaded and installed. In addition all users receive multiple communications during the process. . . "Raises privacy issuesAd etiquette aside, scumware raises security and privacy issues for corporations when users download such applications on company PCs. To perform ad-serving and Web-tracking functions, scumware applications typically attempt to communicate with servers outside the corporate firewall.

Jim Henderson says many users have downloaded Gator at his employer, Washington Suburban Sanitary Commission (WSSC) of Laurel, Md. Henderson, who is a network engineer at the public water utility, says 200 to 300 of WSSC's 1,500 employees have installed Gator. He speculates that Gator made its way into WSSC users' systems by piggybacking on Webshots screensaver software, which is popular with users at WSSC.

WSSC has policies restricting frivolous downloads, but they are not enforced.

"We are not strictly enforcing people who download unauthorized software, other than to remove it if it causes a problem," Henderson says.

And Gator has caused problems, he says. It sometimes causes error messages when users launch their Internet Explorer browser; uninstalling Gator stops the error, he says.

He's also heard from co-workers that Gator can cause Windows NT machines to crash. When that happens, rebuilding a user's system takes two to three hours, Henderson says.

Help available

To help companies with scumware blues, security vendors offer programs to identify, cleanse or handicap applications that don't belong on corporate networks.

Ad-aware from Lavasoft AG is a free removal utility that scans memory, registry and hard drives for known spyware and scumware components. Originally intended for personal use, a network-compatible version is in the works, says Lavasoft spokesman Michael Wood. Ad-aware 6 will let companies scan all their users' computers and drives from a central location, rather than having to install and maintain Ad-aware on each PC. The new version is in early alpha testing now, and Lavasoft will begin beta testing later this month.

Symantec Corp. this month started shipping desktop software that combines antivirus, intrusion-detection and firewall protection. Aimed at corporations, Client Security protects against attempts by unauthorized applications to communicate over the Internet, says Timo Kissel, senior director of program management at Symantec.

Similarly, Zone Labs Inc. offers its Integrity line, which can stop unauthorized applications that try to connect to the Internet.

WSSC's Henderson says greater vigilance is warranted. "We could do better in providing security-awareness training to employees," he says. "Strictly enforce unauthorized software downloads and restrict local admin rights being given to users unless it is necessary."

Join the newsletter!

Error: Please check your email address.

More about Dow JonesEzulaKaZaALavasoftSymantecVigilanceZone Labs

Show Comments

Market Place