[SeniorTech] Beware of "Foistware"
- From: "Jerry Taylor" <jerry@xxxxxxxxxxxxx>
- To: "'SeniorTech Listserv'" <seniortech@xxxxxxxxxxxxx>
- Date: Thu, 31 Jan 2013 21:05:01 -0500
What is Foistware?
Foistware is a term used for software that's "foisted" on you, typically
without your knowledge or explicit consent. Foistware isn't technically
malware, but it can range from marginally useful, to annoying, to malicious.
Most often, foistware takes the form of
<http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&a
wt_m=J6Wn11p1n8P6SL> browser toolbars, but it can also take over your
browser homepage and preferred search engines. Some foistware pops up when
you visit online shopping sites, and tries to steer you to certain vendors
or offers.
Foistware almost always tags along when you download a program that you do
want. Through various deceptive practices, the download process may try to
add extra, unwanted software to your installation package. Usually it takes
the form of a checkbox that's already selected, and if you just click NEXT
or CONTINUE without reading carefully, you'll end up with this extra
software clutter.
CNET Download.com Foistware
Sometimes confusing buttons, self-serving "recommendations" or items buried
in the terms of service play a role. In other cases, a tag-along foistware
product will be installed with NO prompt or warning. But thankfully, those
are rare.
The purveyors of these pollutants will say that it's your fault for not
paying attention, and to a certain point, they're right. If you're very
careful to uncheck all those boxes, read every word on each segment of the
download/install dialogs, and scan the legalese for gotchas, you can avoid
almost all of these foistware nuisances.
But many users have become accustomed to clicking an endless series of Next,
Next, Next to get through a software installation. Nobody want to read those
long, boring Terms of Service and the accompanying legal blah, blah, blah
that can make your eyes glaze over. And plenty of users are not technically
savvy enough to understand that a "recommended" toolbar, add-on or plugin is
not in their best interests.
Adobe / McAfee FoistwareYou might think this problem would show up mostly in
the dark corners of the Web. But the most egregious offenders are some of
the most trusted and popular names in Internet software. If you try to
download or update your
<http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&a
wt_m=J6Wn11p1n8P6SL> Adobe Reader or Flash Player, Skype, or the Foxit
Reader, you'll see examples of what I mean. Adobe pushes the McAfee Security
Scan, which you probably don't need. Foxit Reader is also guilty of pushing
the useless Ask.com toolbar. See the images on this page for examples of
what to look out for.
Foxit Reader / Ask Toolbar
The Ask Toolbar is especially loathsome, because it has a delayed installer.
You'll download your software and everything appears to be fine. No annoying
popups or
<http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&a
wt_m=J6Wn11p1n8P6SL> toolbars in your browser, great. But after lurking for
ten minutes, the Ask Toolbar installer springs to life and does its dirty
work. Later, you open your browser, and see the damage. And hopefully,
you'll chalk it up to a lapse in your anti-virus program, instead of blaming
the company that foisted it on you.
Hope and Change?
Skype / Bing foistwareThere are a few bright spots in the foistware arena.
The ever-popular Skype used to push unwanted software extras, but now they
just want to mess with your
<http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&a
wt_m=J6Wn11p1n8P6SL> browser settings by foisting Bing and MSN on you. More
good news comes from Oracle and their ubiquitous Java. Until very recently,
downloads for Java or Java security updates would present you with a
pre-checked offer to install the Ask Toolbar.
Java / Ask ToolbarAnd with the recent Java security scares, most people just
wanted to get the updates and get on with it. I imagine that several million
people got the Ask Toolbar in this manner, during last week's Java security
panic. But as of last Friday, my tests indicate that Oracle has removed the
offer to bundle Ask with Java downloads. So good for them.
And I have to mention <http://ninite.com/> Ninite, an awesome service that
lets you select one or more popular downloads, and safely download them with
a few clicks. It eliminates the Next, Next, Next by automating the
installation process; promises no toolbars or other unwanted extras; and
will help you update your software to the latest version when necessary.
It's free, and it just works.
CNET/Download.com: A Six-Part Horror Story
I've saved the best (or worst, depending on your point of view) for last.
Recently, CNET, which I always admired for their trusted reviews, safe
downloads and tech advice, has become one of the worst offenders in the
foistware game. CNET has a popup disclaimer on their download buttons that
says: "The CNET Download.com Installer is a tiny ad-supported "download
manager" that helps securely deliver your downloads. We also include offers
for carefully screened software that complies with Download.com policies..."
That doesn't sound too bad. After all, CNET has been around since before Al
Gore invented
<http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&a
wt_m=J6Wn11p1n8P6SL> the Internet, and they're the good guys, right? Well, I
decided to try downloading a program from CNET called Toolbar Cleaner. As
you might expect, it offers to remove annoying and unwanted toolbars from
your computer. The CNET download process plays out over six successive
screens. The first screen you see after clicking the green Download button
is cluttered with misleading ads that want you click on more "Download Now"
buttons that have nothing to do with the program you actually want to
download. There's actually nothing you need to click here at all. If you
have a fast connection, a familiar browser popup will appear, prompting you
to save or run the downloaded file. If you have a slow connection, you may
wonder what's going on, explore the various deceptive ads on the page, and
click off in the wrong direction.
CNET Download.com InstallerIf you're lucky, you'll see what looks like
another ad across the page that instructs you to open the Installer, click
'Yes' or 'Run', and follow the Installer instructions. Assuming you get this
far, you'll be greeted by the CNET Download.com installer window (Step 1 of
5), which assures you that you're installing the right program, and that
it's virus and spyware free.
Clicking NEXT STEP brings you to the point where the first foistware is
offered. If you're not paying close attention here in Step 2, you'll end up
installing "Coupon Companion," which is an adware app that messes with your
browser settings and redirects your searches. (See the first CNET image on
this page, above.) The privacy policy says that it "may collect or store
information about the web pages you visit and your activity on those pages.
Information collected by the plugin may be personally identifiable, and may
be used or shared with third parties."
Ick. If that's not bad enough, it's also difficult to completely remove this
pest. (MalwareBytes AntiMalware identifies it as malicious, and will remove
it.) The download screen prompts you to "
<http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&a
wt_m=J6Wn11p1n8P6SL> Click ACCEPT now to continue your installation". If you
do happen to read the text underneath, you may be left wondering whether the
DECLINE or CLOSE buttons will let you continue with the installation of
Toolbar Cleaner.
CNET Download.com FoistwareMoving along to Step 3, the next screen in the
CNET/Download.com process prompts you to "Click NEXT STEP now to continue."
But wait, there's a bunch of tiny pre-selected checkboxes lurking. If you
fail to notice, you'll get the Iminent Toolbar, and Iminent SearchTheWeb
bolted on to your web browser. In other tests I ran, a different
toolbar/browser/search hijack combo called Visual Bee was offered. Failure
to uncheck these boxes will result in these annoying (and possibly
malicious) toolbars winding up on your computer.
Thankfully, Step 4 and Step 5 are innocuous, and you can finally click a
green INSTALL NOW button, to install your software. I ran through the CNET
download process several times, and in one instance, it prompted me to add
THREE unwanted extra programs to my download bundle. I was incredulous that
CNET tried to foist two or three browser toolbars on me while trying to
download a program that's supposed to *remove* toolbars. If you make it
through this gauntlet unscathed, carefully unchecking and declining all of
CNET's "carefully screened offers", you'll finally get to download the
installer for Toolbar Cleaner.
This is where the horror show is supposed to end. "But wait..." as they say
in those infomercials, "there's more!" I clicked on the installer I had just
downloaded, and guess what? The Toolbar Cleaner Setup Wizard instructed me
to simply click FINISH to close the wizard. But below that, two more
pre-selected checkboxes recommended that I "Protect my system with
Anti-phishing Domain Advisor" and change my browser start page to MyStart.
More foistware and browser hijacking nonsense. The CANCEL button is greyed
out, so your only option is to uncheck those boxes and continue onward. But
after all that, there's no way I'm going to trust this program on my
computer. Or CNET, either, until they clean up this mess.
I understand that online businesses that provide free advice, reviews and
other services have to do something to make money. So ads and sponsors are
part of the Internet ecosystem. But deceptive practices don't have to be.
Tricking unsuspecting users into downloading crappy or
<http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&a
wt_m=J6Wn11p1n8P6SL> malicious software is obviously wrong. I'd be fine if
they put that checkbox on the page and recommended a useful add-on program.
Just leave it up to me to check that box and decide that I want
<http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&a
wt_m=J6Wn11p1n8P6SL> a toolbar, plugin or whatever.
Jerry Taylor
SeniorTech
http://www.seniortech.us <http://www.seniortech.us/>
Personalized In-Home Computer Lessons
for Senior Citizens and Retirees
315-986-9977
"Computers are not just for kids"
Other related posts:
