Why companies can't kick the adware habit
Road to nasty affiliations is paved with good intentions
PC World - Earlier this year, AT&T's Cingular division and Travelocity both pledged not to advertise anymore via adware -- programs that slip onto PCs and inject ads into a user's browser. Verizon took a stance against computer invaders when it became a sponsor of an antispyware initiative. Yet, in March, ads from all three companies were being distributed through adware.
These businesses, along with Comcast and Vonage, acknowledge that their ads have surfaced in adware, but say they never intended for that to happen. The incidents raise a troubling question: Have advertising networks grown so complicated that sponsoring firms can't control where their ads appear, or are the companies simply not being vigilant enough?
The findings come from research by adware and spyware expert Ben Edelman. Edelman found that PCs with the adware program FullContext installed showed ads for Cingular and Travelocity that appeared to be on the Google Web site -- without the search giant's knowledge. FullContext, according to Edelman, is sometimes installed on a PC without user consent. Security companies McAfee and Symantec identify FullContext as a medium-risk adware program and quarantine it on their customers' PCs. At press time, the FullContext firm had not replied to PC World's e-mail requests for an interview.
Cingular and Travelocity say they prohibit the use of adware by advertisers they hire. Travelocity says that as soon as it found out its ads were showing up in adware, it "immediately suspended and eventually terminated its advertising campaigns with partners who may have been associated with those violations." Cingular says that it took similar action.
According to Edelman, Verizon banner ads were showing up on sites like Google because of a program called DollarRevenue. Once installed on a PC, the DollarRevenue software can inject ads on Web sites in the same way FullContext does. McAfee and Symantec both quarantine DollarRevenue when they find it on users' PCs, calling it a high-risk program.
"Something went wrong," says Jim Smith, a Verizon spokesperson. He says Verizon did business with an advertiser that contracted with another advertiser to distribute the ads. That firm in turn contracted with another advertiser. While Verizon permits redistribution of ads, Smith says, it prohibits the use of adware to show Verizon ads. He says Verizon suspended the advertiser from distributing ads until further review.
There is little doubt the companies highlighted by Edelman have no interest in seeing their ads in adware, experts say. Earlier this year both Cingular and Travelocity agreed to pay fines of $30,000 to $35,000 to settle an investigation by the New York Attorney General's office into their use of DirectRevenue adware. In the settlement, both Cingular and Travelocity promised "to investigate how their online ads are delivered" and to ensure ads were not distributed by adware surreptitiously installed on users' computers.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!