Notorious adware vendor Zango shuts its doors
Former exec admits illegal software installations aided downfall
Computerworld - Zango, the adware distributor that was fined $3 million by the Federal Trade Commission in 2006 for sneaking software on people's PCs, has closed its doors.
Zango's former chief technology officer blamed the company's demise on several factors, but at the top of the list were the very practices that got it in hot water with the FTC -- and with security analysts who had labeled the company's software spyware.
"So why did Zango ultimately fail? 1: Zango screwed up its distribution," Ken Smith, a co-founder who stepped down from his CTO spot last summer, said in a long entry on his personal blog yesterday.
"Back in 2003-2005, we partnered with some people that we should never have partnered with," Smith admitted. "During that time period, my best estimate is that something like 4% of our installs during that time period were completely silent... the result of affiliates using browser security holes to install Zango's software with no knowledge or consent by the user."
In 2006, Zango settled FTC charges that it used unfair and deceptive practices to download software to users' PCs and agreed to pay a $3 million fine. As late as May 2008, however, noted antispyware researcher Ben Edelman blasted Zango for providing sexually explicit material without labeling the content as such.
In August 2008, security researcher Chris Boyd, the director of malware research at FaceTime Communications Inc., claimed Zango profited from pirated movies, including that year's blockbuster The Dark Knight.
Zango's Smith saw it differently. "The bigger problem was that the vast majority of our installs received inadequate consent: the user technically had an opportunity to decline the install, but wasn't presented with enough information to make an informed choice," he wrote.
He also claimed that Zango cleaned up its act long ago. "Well before the FTC ever came knocking on our door, we were working [hard] to fix it," he argued. "It's been years since the last inappropriate Zango install, and Zango's notification and consent is by any reasonable standard better than Yahoo's, better than Microsoft's, and better than Google's.
"But it was too late: the damage had been done," he added.
Today, Edelman agreed that Zango's practices led to its doom. "Zango could never get over its history of non-consensual and deceptive installations," he said in an e-mail. "Pay partners to install software without user consent or through all manner of deception, and it will be hard to later convince users to offer their trust or praise."
He questioned whether Smith had his timeline right. "I'm not sure it's actually true that all the deceptive installations stopped so long ago," Edelman said.
"Having a bad reputation as an Internet company is somewhat worse than having a bad reputation in high school," Smith said. "Instead of not getting invited to the cool parties, you find yourself unable to close deals with strategic partners, which is a lot worse."
That wasn't the only reason Zango crashed and burned, Edelman countered. "Zango never offered anything sufficient to compensate users for its substantial intrusion onto their PCs," he said. "How much would a company have to pay you to get you to let them track your browsing (every page you visit) and to show you pop-up ads? Maybe if they gave me free cable/DSL, but even then that probably would not be enough."
Last June, Zango laid off 68 people, about one-third of its workforce, in a move Smith said was tied to the introduction of new adware platform.
Zango did not respond to a request for comment Monday.
Although a spokesman for San Francisco-based Blinkx said Monday afternoon that the firm had purchased some of Zango's assets, he denied that the video search service had been acquired by Zango, which Smith had said in his Sunday blog post. The Blinkx spokesman said Zango was shut down after its bank foreclosed on the company.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Gartner Report: A Guide to Gartner's Enterprise Mobile Security Self-Assessment Gartner introduces a model and a Toolkit intended to help mobility and security IT leaders assess their enterprise mobility programs from a security...
- Gartner Report: Containing Mobile Security Risks With the 80/20 Rule IT planners can deliver better mobile protection with higher user satisfaction by segmenting users into risk groups before committing to specific management or...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts