Randy just sent me a story about how Ask Jeeves installs spyware without your permission.
I continue my misleading installation series with a look at installation practices of Ask Jeeves. My new Ask Jeeves Toolbar Installs via Banner Ads at Kids Sites shows a misleading banner ad particularly likely to target kids. When users click on this banner, AJ neither shows nor references any license agreement. And AJ uses euphemisms like “accessible directly from your browser” rather than explicitly admitting that it will install a web browser toolbar.
But that’s not the worst of AJ’s practices. Over the past six months, I’ve captured a series of videos showing Ask Jeeves’ MyWay and MySearch software installed through security holes — without notice, disclosure, or consent. For example, in a video I made on March 12, I received more than a dozen different programs including the Ask Jeeves MySearch toolbar — without me ever requesting anything, and without me ever clicking “Yes” or “Accept” in any dialog box. Watch the video and see for yourself. Warning: The video is 16+ minutes long. Security exploit occurs at 6:00, and Ask Jeeves MySearch software is first seen at 15:50. In this same testing, I also received installation of 180solutions, multiple programs from eXact Advertising, the IBIS WebSearch toolbar, PeopleOnPage, ShopAtHomeSelect, SurfSideKick, WindUpdates, and many more. The underlying network transmissions show that the security exploit at issue was syndicated through the targetnet.com ad network — Mamma Media, publicly-traded on Nasdaq Small Cap.
Not only is this evil, but they do it via websites aimed at kids! This story is especially interesting because the author goes into great detail to list how the installs occur and what exactly is dumped onto your system when you visist these websites.