Network News

X My Profile
View More Activity

Tech Groups Back Kaspersky in Fight Against Zango

A broad coalition of technology groups today told a federal appeals court to toss out a lawsuit that adware maker Zango is continuing to pursue against computer security vendor Kaspersky Lab, arguing that to do otherwise would harm consumers and the future of the security software market.

In May 2007, Bellvue, Wash.-based Zango -- a company that makes software to serve pop-up ads and tracks users' activities on behalf of online marketers -- sued Kaspersky, charging that the company interfered with its business by removing its "adware" without first alerting the user.

In August, the judge assigned to the case dismissed Zango's suit, saying Kaspersky's actions were shielded by the federal Communications Decency Act (CDA). That law contains a "good Samaritan" clause that protects computer services companies from liability for good faith efforts to block material that users may consider objectionable (portions of the CDA have been struck down by the courts as unconstitutional, but this particular section is not one of them).

Earlier this year, Zango took its case up to the 9th Circuit Court of Appeals, saying Kaspersky's software should be labeled "badware" because it disabled Zango's software "without the customer's consent and without the customer's ability to override Kaspersky's invasive actions."

Interestingly, Zango's appeal is being supported by the National Business Coalition on E-Commerce and Privacy, an entity formed in 2000 that counts as members some of the largest corporations in America, including Bank of America, Charles Schwab & Co., Eastman Kodak, Fidelity Investments, General Motors, JP Morgan Chase, and the Vanguard Group. Update, May 6, 11:15 a.m: Removed UPS from this list, as it is no longer a member of this coalition.

Thomas M. Boyd, a partner at DLA Piper US LLP and counsel to the organization, said member companies are concerned that the judge's decision to toss out the suit last year could pave the way for security companies to block things like "cookies" and "Web beacons".

"The district court's decision is such that under the judges interpretation of CDA, a security software company has unreviewable power to decide that any content is objectionable and to deny user access to that content without any accountability for any damages that action may cause," Boyd said.

In a "friend of the court" brief filed with the appeals court today, a diverse collection of technology groups rallied behind Kaspersky in support of preserving the lower court ruling. Signatories to the brief include the Business Software Alliance, the Electronic Frontier Foundation (it's not often the BSA and EFF see eye-to-eye on tech issues), McAfee, Sunbelt Software and the Center for Democracy & Technology (CDT). Their brief is available here (PDF).

While this isn't the first case in which an adware company has sued an anti-spyware or security vendor, Ari Schwartz, CDT's vice president and chief operating officer, said the lower court's ruling is the strongest wording yet in support of protecting security companies from these types of strong-arm lawsuits.

"This is an extremely important case for consumers as to how security software protects them going forward, and whether the onus is put on the security company or [the adware vendor]," Schwartz said. "Congress clearly wanted to take the burden away from the security companies in this respect."

Zango claims that users install its software because they want the programs, games and videos that are provided as a result. But Kaspersky is hardly alone in classifying Zango's software as something most consumers don't want on their machines. According to a report (PDF) released last month by Microsoft, the software giant's own malicious software removal tool, which downloads with monthly security updates for Windows users, nixed more than 7.1 million instances of Zango's Hotbar browser toolbar from customer machines in the second half of 2007, more than 2 ½ times the number of Hotbar installs it removed during the same period in 2006.

In fact, the only piece of unwanted software removed from more customer machines during that period was the "Zlob" Trojan, which comes disguised as a video "codec" that users need to install before they can view certain streaming content online.

No. 5 on Microsoft's list of intruders most frequently removed from customer machines in the last six months of 2007 was Zango Search Assistant. Microsoft said its removal tool disposed of 4.9 million installs of Search Assistant during that period, more than double the number of installs it removed during the second half of 2006.

That means that, taken together, Zango's Hotbar and Search Assistant programs made up nearly 30 percent of all programs removed by Microsoft's removal tool.

Microsoft's removal stats notwithstanding, there is another interesting statistic Microsoft published that would, on the surface at least, appear to support Zango's claim that people actually want its products: Specifically, what users of Windows Defender -- Microsoft's free anti-spyware program -- chose to do when alerted about potential adware and spyware infections. According to Microsoft, nearly 68 percent of users who received an alert about Hotbar or Zango Search Assistant installs told the Windows Defender to ignore it.

By Brian Krebs  |  May 5, 2008; 6:30 PM ET
Categories:  From the Bunker  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Stepped Up Cyber Role for Spy Agencies
Next: Microsoft Releases Windows XP Service Pack 3


I'd be willing to bet that out of the 68% of those who told Defender to ignore it, at least half of them probably misread the alert. This is an all too common occurance in the security forums not just limited to Defender alerts.

Posted by: TeMerc | May 5, 2008 6:56 PM | Report abuse

I really hope Zango loses this one.
And, I have to agree with TeMerc. It's not likely most who told Defender to ignore the alert are fully aware of what Zango or Hotbar do.
In my experience in the IT business, most end users are their own worst enemy... tomorrow I'll be spending my spare time removing a trojan from a friend's computer...

Posted by: Robert | May 5, 2008 8:11 PM | Report abuse

The adware company is losing money because the AV product is doing it's job. 99.9 % of the consumers don't read license agreements and digitally sign an agreement that will add logic that will track their browsing habits. I garentee 99.9% of the consumers would feel it's an invasion of privacy, if they knew the information in the sentence I wrote above. Leaches like adware companies keep my job flowing. GO KASPERSKY!!

Posted by: SecAnalyst | May 5, 2008 9:06 PM | Report abuse

Why doesn't Kapersky notify users when it is about to remove malware? Are they worried that users given the choice might make the wrong choice?

Posted by: Jesse Ruderman | May 5, 2008 10:33 PM | Report abuse

In my experience, if a non-tech end-user is presented with an alert asking them to allow or deny (or ignore) a program, the majority will either click allow or ignore. This is mainly because they are afraid they will break their computers if they stop something from happening.

What people need to know when getting security tools is a tutorial on how to use them. My parents, for example, are about as non-tech as you might get. However, I installed noscript, adblock-plus and zonealarm for them, and they have no problems with it whatsoever. This is because I spent time informing them exactly what they should do. Like:

"If Zonealarm pops up, and you don't know what the program is, deny it". I regularly take a check over their zonealarm settings and I only had to make one or two changes, otherwise, their choices had been perfect.

Posted by: Hobby Sec | May 6, 2008 5:49 AM | Report abuse

"This is an extremely important case for consumers as to how security software protects them going forward, and whether the onus is put on the security company or [the adware vendor],"

Ah, part of the problem is the false sense of security many users get when relying solely on "security software"! How many install this type of software and then think, "Cool, I'm good to go now. I don't need to do anything else!" Wrong! (Google "defense in depth")

How about putting the onus where it belongs! On the end user/administrator of the computer! Adware such as Zango (and malware in general) would cease to exist if there wasn't a demand for it, aka the low hanging fruit of users that always get infected or re-infected through ignorance or just plain laziness. It's not difficult to learn how to properly secure a computer and to use it wisely to keep it that way.

Posted by: TJ | May 6, 2008 9:46 AM | Report abuse

First: Go Kaspersky!

Second: I am disgusted that entities like Fidelity, Vanguard, etc. would hold membership in an organization that backs an adware entity.

Putting aside the theoretical arguments on how a particular court ruling might hurt their mechanisms for tracking user activity, those organizations should take a moment and recognize that adware can open up their users' computers to much more egregious attacks. And those attacks can cost their businesses serious money in the form of identity theft mitigation and lost customer good will.

Yes, I recognize the need for web asset use metrics and user tracking in order to design better communication and information systems. But those same users are paying customers and should be protected from the likes of Zango and those who might take advantage of adware infested computers.

Posted by: C.B. | May 6, 2008 9:52 AM | Report abuse

@Jesse Ruderman,
Kaspersky DOES ask users what they want to do (as do almost all antimalware products).

On this subject however, Zango are trying to do their usual "OH NOES! WE'RE LOSING! WE GOTTA TRY TRICKING THE COURTS!" tactics - and if the courts have any sense, they'll throw Zango out once again.

I block them myself with my hpHosts product, and continue to remove it whenever I'm working on people's machines and come across it (thankfully I'm in the UK so they can't do didly ;o)).

Posted by: MysteryFCM | May 6, 2008 11:45 AM | Report abuse

Totally in agreement with C.B. above. Those companies (Vanguard, et al) should know better. There's gotta a way to legally parse the adware freaks like Zango from legitimate use-metrics required to do Web business. I, personally, am writing to Vanguard about this!

Posted by: Pete from Arlington | May 6, 2008 12:39 PM | Report abuse

Use a blocking hosts file to deep six Zango and their ilk!

"using a HOSTS file is not a cure-all against all the dangers on the Internet, but it does provide another very effective "Layer of Protection" (defense in depth)

Posted by: TJ | May 6, 2008 1:19 PM | Report abuse

Pop-ups are like letting every salesman through the door to sell something not needed and never asked for.

I wonder what the EU law is to the right to privacy?

How about unwanted intrusions are treated the same way as entering without permission?

How do you go about suing Zango for putting unwanted trash on my computer?

Posted by: Stephen John Davis | May 6, 2008 2:23 PM | Report abuse

Popups and adware should constitute an interference with business. Let their blockers abound and their advertisers be forewarned that they too can be sued.

Posted by: bclee | May 6, 2008 4:23 PM | Report abuse

"How about putting the onus where it belongs! On the end user/administrator of the computer! Adware such as Zango (and malware in generaal would cease to exisst if there wasen't a demand for it ... thru ignorance or just plain laziness."

This is cool if:
1) you are above the age of responsibility (25+) and below the age of incipient senility (70+-);
2) you are not into your second bottle of Merlot or your second funny smoke;
3)you have had at least 6 hrs sleep in the last day;
4) you have no clamoring kids/grandkids/siblings/spouses/lovers/etc distracting you;
5) you have not lost your temper or been sexually distracted in the last 30 minutes;
6) you have no financial worries or distractions (or other impending legal woes;
7) your IQ exceeds 130;

I could go on, but we are now down to about 3% (or much less) of the US populace. The point is that most of us, at least not all of the time, are no match for these scumbags. I say make defrauding people illegal, AND prosecute the SOBs.

Posted by: WILL | May 7, 2008 12:48 PM | Report abuse

Glad I didn't read any of this before I installed it this morning after my wife installed it last night. I'd still be dithering.

Posted by: Richard Waddell | May 7, 2008 2:45 PM | Report abuse

Oops, wrong thread - I was talking about SP3 and the MS warnings.

Posted by: Richard Waddell | May 7, 2008 2:46 PM | Report abuse

I equate Zango and its ilk with unsolicited phone calls presenting endless garbage which, if I wished to purchase, I would seek out with my own search. I have cleaned too many PCs clogged with pushy popups and tracking software. I think Zango and their ilk have no place using my bandwidth let alone my PC. Let them wither and die like leeches without a host. I am also disgusted but not surprised by the company they keep and will try to avaoid doing business with them, ever!

Posted by: RogerH | May 7, 2008 4:55 PM | Report abuse

Why aren't people more angry at advertisers who trick them into seeing their ads? This applies to pop-ups, pop-overs, adware, and official-looking mail that's just junk.

Everybody hates spam, but somebody must be buying that crap or it would go away.

I also understand the need for SOME cookies, but tracking cookies are out of hand. Look at how many cookies get set by nearly every web site you visit.

Posted by: John | May 15, 2008 3:42 PM | Report abuse

"Why aren't people more angry at advertisers who trick them into seeing their ads?"

Because ignorance is bliss for the majority of people!

I've implemented two methods to block such advertisers and their tracking cookies.

1. use a blocking hosts file (see previous post above)
2. create a blacklist of blocked cookies in IE (Internet Options\Privacy\Sites)

Posted by: TJ | May 19, 2008 11:43 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company