[SeniorTech] Re: Beware of "Foistware"
- From: Dollyrch@xxxxxxx
- To: seniortech@xxxxxxxxxxxxx
- Date: Thu, 31 Jan 2013 21:13:15 -0500 (EST)
Thank you Jerry for this valuable information. I will keep it on file.
Dolly
In a message dated 1/31/2013 9:06:28 P.M. Eastern Standard Time,
jerry@xxxxxxxxxxxxx writes:
What is Foistware?
Foistware is a term used for software that's "foisted" on you, typically
without your knowledge or explicit consent. Foistware isn't technically
malware, but it can range from marginally useful, to annoying, to malicious.
Most often, foistware takes the form of _browser toolbars_
(http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&awt_m=J6Wn11p1n8P6SL
) , but it can also take over your browser homepage and preferred search
engines. Some foistware pops up when you visit online shopping sites, and
tries to steer you to certain vendors or offers.
Foistware almost always tags along when you download a program that you do
want. Through various deceptive practices, the download process may try to
add extra, unwanted software to your installation package. Usually it
takes the form of a checkbox that's already selected, and if you just click
NEXT or CONTINUE without reading carefully, you'll end up with this extra
software clutter.
Sometimes confusing buttons, self-serving "recommendations" or items
buried in the terms of service play a role. In other cases, a tag-along
foistware product will be installed with NO prompt or warning. But thankfully,
those are rare.
The purveyors of these pollutants will say that it's your fault for not
paying attention, and to a certain point, they're right. If you're very
careful to uncheck all those boxes, read every word on each segment of the
download/install dialogs, and scan the legalese for gotchas, you can avoid
almost all of these foistware nuisances.
But many users have become accustomed to clicking an endless series of
Next, Next, Next to get through a software installation. Nobody want to read
those long, boring Terms of Service and the accompanying legal blah, blah,
blah that can make your eyes glaze over. And plenty of users are not
technically savvy enough to understand that a "recommended" toolbar, add-on or
plugin is not in their best interests.
You might think this problem would show up mostly in the dark corners of
the Web. But the most egregious offenders are some of the most trusted and
popular names in Internet software. If you try to download or update your
_Adobe Reader_
(http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&awt_m=J6Wn11p1n8P6SL)
or Flash Player, Skype, or the Foxit
Reader, you'll see examples of what I mean. Adobe pushes the McAfee Security
Scan, which you probably don't need. Foxit Reader is also guilty of pushing
the useless Ask.com toolbar. See the images on this page for examples of
what to look out for.
The Ask Toolbar is especially loathsome, because it has a delayed
installer. You'll download your software and everything appears to be fine. No
annoying popups or_toolbars_
(http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&awt_m=J6Wn11p1n8P6SL)
in your browser, great. But
after lurking for ten minutes, the Ask Toolbar installer springs to life
and does its dirty work. Later, you open your browser, and see the damage.
And hopefully, you'll chalk it up to a lapse in your anti-virus program,
instead of blaming the company that foisted it on you.
Hope and Change?
There are a few bright spots in the foistware arena. The ever-popular
Skype used to push unwanted software extras, but now they just want to mess
with your _browser settings_
(http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&awt_m=J6Wn11p1n8P6SL)
by foisting Bing and MSN on
you. More good news comes from Oracle and their ubiquitous Java. Until
very recently, downloads for Java or Java security updates would present you
with a pre-checked offer to install the Ask Toolbar.
And with the recent Java security scares, most people just wanted to get
the updates and get on with it. I imagine that several million people got
the Ask Toolbar in this manner, during last week's Java security panic. But
as of last Friday, my tests indicate that Oracle has removed the offer to
bundle Ask with Java downloads. So good for them.
And I have to mention _Ninite_ (http://ninite.com/) , an awesome service
that lets you select one or more popular downloads, and safely download
them with a few clicks. It eliminates the Next, Next, Next by automating the
installation process; promises no toolbars or other unwanted extras; and
will help you update your software to the latest version when necessary. It's
free, and it just works.
CNET/Download.com: A Six-Part Horror Story
I've saved the best (or worst, depending on your point of view) for last.
Recently, CNET, which I always admired for their trusted reviews, safe
downloads and tech advice, has become one of the worst offenders in the
foistware game. CNET has a popup disclaimer on their download buttons that
says:
"The CNET Download.com Installer is a tiny ad-supported "download
manager" that helps securely deliver your downloads. We also include offers
for
carefully screened software that complies with Download.com policies..."
That doesn't sound too bad. After all, CNET has been around since before
Al Gore invented _the Internet_
(http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&awt_m=J6Wn11p1n8P6SL)
, and they're the good
guys, right? Well, I decided to try downloading a program from CNET called
Toolbar Cleaner. As you might expect, it offers to remove annoying and
unwanted toolbars from your computer. The CNET download process plays out
over six successive screens. The first screen you see after clicking the green
Download button is cluttered with misleading ads that want you click on
more "Download Now" buttons that have nothing to do with the program you
actually want to download. There's actually nothing you need to click here at
all. If you have a fast connection, a familiar browser popup will appear,
prompting you to save or run the downloaded file. If you have a slow
connection, you may wonder what's going on, explore the various deceptive ads
on
the page, and click off in the wrong direction.
If you're lucky, you'll see what looks like another ad across the page
that instructs you to open the Installer, click 'Yes' or 'Run', and follow the
Installer instructions. Assuming you get this far, you'll be greeted by
the CNET Download.com installer window (Step 1 of 5), which assures you that
you're installing the right program, and that it's virus and spyware
free.
Clicking NEXT STEP brings you to the point where the first foistware is
offered. If you're not paying close attention here in Step 2, you'll end up
installing "Coupon Companion," which is an adware app that messes with your
browser settings and redirects your searches. (See the first CNET image on
this page, above.) The privacy policy says that it "may collect or store
information about the web pages you visit and your activity on those pages.
Information collected by the plugin may be personally identifiable, and may
be used or shared with third parties."
Ick. If that's not bad enough, it's also difficult to completely remove
this pest. (MalwareBytes AntiMalware identifies it as malicious, and will
remove it.) The download screen prompts you to "_Click_
(http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&awt_m=J6Wn11p1n8P6SL)
ACCEPT now to continue your installation". If you do happen to read the text
underneath, you may be left wondering whether the DECLINE or CLOSE buttons
will let you continue with the installation of Toolbar Cleaner.
Moving along to Step 3, the next screen in the CNET/Download.com process
prompts you to "Click NEXT STEP now to continue." But wait, there's a bunch
of tiny pre-selected checkboxes lurking. If you fail to notice, you'll get
the Iminent Toolbar, and Iminent SearchTheWeb bolted on to your web
browser. In other tests I ran, a different toolbar/browser/search hijack combo
called Visual Bee was offered. Failure to uncheck these boxes will result in
these annoying (and possibly malicious) toolbars winding up on your
computer.
Thankfully, Step 4 and Step 5 are innocuous, and you can finally click a
green INSTALL NOW button, to install your software. I ran through the CNET
download process several times, and in one instance, it prompted me to add
THREE unwanted extra programs to my download bundle. I was incredulous that
CNET tried to foist two or three browser toolbars on me while trying to
download a program that's supposed to *remove* toolbars. If you make it
through this gauntlet unscathed, carefully unchecking and declining all of
CNET's "carefully screened offers", you'll finally get to download the
installer for Toolbar Cleaner.
This is where the horror show is supposed to end. "But wait..." as they
say in those infomercials, "there's more!" I clicked on the installer I had
just downloaded, and guess what? The Toolbar Cleaner Setup Wizard instructed
me to simply click FINISH to close the wizard. But below that, two more
pre-selected checkboxes recommended that I "Protect my system with
Anti-phishing Domain Advisor" and change my browser start page to MyStart.
More
foistware and browser hijacking nonsense. The CANCEL button is greyed out, so
your only option is to uncheck those boxes and continue onward. But after all
that, there's no way I'm going to trust this program on my computer. Or
CNET, either, until they clean up this mess.
I understand that online businesses that provide free advice, reviews and
other services have to do something to make money. So ads and sponsors are
part of the Internet ecosystem. But deceptive practices don't have to be.
Tricking unsuspecting users into downloading crappy or _malicious software_
(http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&aw
t_m=J6Wn11p1n8P6SL) is obviously wrong. I'd be fine if they put that
checkbox on the page and recommended a useful add-on program. Just leave it up
to me to check that box and decide that I want _a toolbar_
(http://askbobrankin.com/download_alert_foistware_warning.html?awt_l=GT.6N&awt_m=J6Wn11p1n8P6
SL) , plugin or whatever.
Jerry Taylor
SeniorTech
_http://www.seniortech.us_ (http://www.seniortech.us/)
Personalized In-Home Computer Lessons
for Senior Citizens and Retirees
315-986-9977
"Computers are not just for kids"
Other related posts:
