Adware

Last updated

Adware, often called advertising-supported software by its developers, is software that generates revenue for its developer by automatically generating online advertisements in the user interface of the software or on a screen presented to the user during the installation process. The software may generate two types of revenue: one is for the display of the advertisement and another on a "pay-per-click" basis, if the user clicks on the advertisement. Some advertisements also act as spyware, [1] collecting and reporting data about the user, to be sold or used for targeted advertising or user profiling. The software may implement advertisements in a variety of ways, including a static box display, a banner display, a full screen, a video, a pop-up ad or in some other form. All forms of advertising carry health, ethical, privacy and security risks for users.

Contents

The 2003 Microsoft Encyclopedia of Security and some other sources use the term "adware" differently: "any software that installs itself on your system without your knowledge and displays advertisements when the user browses the Internet", [2] i.e., a form of malware.

Some software developers offer their software free of charge, and rely on revenue from advertising to recoup their expenses and generate income. Some also offer a version of the software at a fee without advertising.

Advertising-supported software

In legitimate software, the advertising functions are integrated into or bundled with the program. Adware is usually seen by the developer as a way to recover development costs, and generate revenue. In some cases, the developer may provide the software to the user free of charge or at a reduced price. The income derived from presenting advertisements to the user may allow or motivate the developer to continue to develop, maintain and upgrade the software product. [3] The use of advertising-supported software in business is becoming increasingly popular, with a third of IT and business executives in a 2007 survey by McKinsey & Company planning to be using ad-funded software within the following two years. [4] Advertisement-funded software is also one of the business models for open-source software.

Application software

Some software is offered in both an advertising-supported mode and a paid, advertisement-free mode. The latter is usually available by an online purchase of a license or registration code for the software that unlocks the mode, or the purchase and download of a separate version of the software. [lower-alpha 1]

Some software authors offer advertising-supported versions of their software as an alternative option to business organizations seeking to avoid paying large sums for software licenses, funding the development of the software with higher fees for advertisers. [8]

Examples of advertising-supported software include Adblock Plus ("Acceptable Ads"), [9] the Windows version of the Internet telephony application Skype, [10] and the Amazon Kindle 3 family of e-book readers, which has versions called "Kindle with Special Offers" that display advertisements on the home page and in sleep mode in exchange for substantially lower pricing. [11]

In 2012, Microsoft and its advertising division, Microsoft Advertising, [lower-alpha 2] announced that Windows 8, the major release of the Microsoft Windows operating system, would provide built-in methods for software authors to use advertising support as a business model. [13] [14] The idea had been considered since as early as 2005. [15] Most editions of Windows 10 include adware by default. [16]

Software as a service

Support by advertising is a popular business model of software as a service (SaaS) on the Web. Notable examples include the email service Gmail [3] [17] and other Google Workspace products (previously called Google Apps and G Suite), [4] and the social network Facebook. [18] [19] Microsoft has also adopted the advertising-supported model for many of its social software SaaS offerings. [20] The Microsoft Office Live service was also available in an advertising-supported mode. [4]

Definition of Spyware, Consent, and Ethics

In the view of Federal Trade Commission staff, [21] there appears to be general agreement that software should be considered "spyware" only if it is downloaded or installed on a computer without the user's knowledge and consent. However, unresolved issues remain concerning how, what, and when consumers need to be told about software installed on their computers. For instance, distributors often disclose in an end-user license agreement that there is additional software bundled with primary software, but some participants did not view such disclosure as sufficient to infer consent.

Much of the discussion on the topic involves the idea of informed consent, the assumption being that this standard eliminates any ethical issues with any given software's behavior. However, if a majority of important software, websites and devices were to adopt similar behavior and only the standard of informed consent is used, then logically a user's only recourse against that behavior would become not using a computer. The contract would become an ultimatum—agree or be ostracized from the modern world. This is a form of psychological coercion and presents an ethical problem with using implied or inferred consent as a standard. There are notable similarities between this situation and binding arbitration clauses which have become inevitable in contracts in the United States.

Furthermore, certain forms and strategies of advertising have been shown to lead to psychological harm, especially in children. One example is childhood eating disorders—several studies have reported a positive association between exposure to beauty and fashion magazines and an increased level of weight concerns or eating disorder symptoms in girls. [22]

Malware

The term adware is frequently used to describe a form of malware (malicious software) [23] [24] which presents unwanted advertisements to the user of a computer. [25] [26] The advertisements produced by adware are sometimes in the form of a pop-up, sometimes in an "unclosable window", and sometimes injected into web pages. [27] [28]

When the term is used in this way, the severity of its implication varies. While some sources rate adware only as an "irritant", [29] others classify it as an "online threat" [30] or even rate it as seriously as computer viruses and trojans. [31] The precise definition of the term in this context also varies. [lower-alpha 3] Adware that observes the computer user's activities without their consent and reports it to the software's author is called spyware. [33] Adwares may collect the personal information of the user, causing privacy concerns. [34] However, most adware operates legally and some adware manufacturers have even sued antivirus companies for blocking adware. [35]

Programs have been developed to detect, quarantine, and remove advertisement-displaying malware, including Ad-Aware, Malwarebytes' Anti-Malware, Spyware Doctor and Spybot – Search & Destroy. In addition, almost all commercial antivirus software currently detect adware and spyware, or offer a separate detection module. [36]

A new wrinkle is adware (using stolen certificates) that disables anti-malware and virus protection; technical remedies are available. [35]

Adware has also been discovered in certain low-cost Android devices, particularly those made by small Chinese firms running on Allwinner systems-on-chip. There are even cases where adware code is embedded deep into files stored on the system and boot partitions, to which removal involves extensive (and complex) modifications to the firmware. [37]

In recent years, machine-learning based systems have been implemented to detect malicious adware on Android devices by examining features in the flow of network traffic. [38]

See also

Notes

  1. For example, in 2007 Microsoft changed its productivity suite Microsoft Works to be advertising-supported. [5] Works was subsequently replaced with the Microsoft Office 2010 software suite operating in a "starter" mode that included advertisements. [6] As of 2012, this product is also being phased out and replaced with Office Online (formerly Office Web Apps). [7]
  2. Formed in 2008 following Microsoft's acquisition of digital marketing company aQuantive. [12]
  3. A workshop held by the Federal Trade Commission in 2005 asked representatives of the computer, electronic advertising, and anti-spyware product industries, as well as representatives of trade associations, government agencies, consumer and privacy advocacy groups, to try and define adware and its relation to spyware, and did not find a clear consensus. [32]

Related Research Articles

Spyware is any software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behavior may be present in malware and in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected.

Claria Corporation was a software company based in Redwood City, California that invented “Behavioral Marketing”, a new form of online advertising. It was founded in 1998 by Denis Coleman, Stanford MBA Sasha Zorovic, and engineer Mark Pennell, based on work Zorovic had done at Stanford. In March 1999 Jeff McFadden was hired as CEO and Zorovic was effectively forced out.

<span class="mw-page-title-main">BonziBuddy</span> Former freeware desktop assistant

BonziBuddy was a freeware desktop virtual assistant created by Joe and Jay Bonzi. Upon a user's choice, it would share jokes and facts, manage downloads, sing songs, and talk, among other functions, as it used Microsoft Agent.

Ad blocking or ad filtering is a software capability for blocking or altering online advertising in a web browser, an application or a network. This may be done using browser extensions or other methods.

<span class="mw-page-title-main">SpywareBlaster</span> Microsoft Windows software

SpywareBlaster is an antispyware and antiadware program for Microsoft Windows designed to block the installation of ActiveX malware.

Online advertising, also known as online marketing, Internet advertising, digital advertising or web advertising, is a form of marketing and advertising that uses the Internet to promote products and services to audiences and platform users. Online advertising includes email marketing, search engine marketing (SEM), social media marketing, many types of display advertising, and mobile advertising. Advertisements are increasingly being delivered via automated software systems operating across multiple websites, media services and platforms, known as programmatic advertising.

Browser hijacking is a form of unwanted software that modifies a web browser's settings without a user's permission, to inject unwanted advertising into the user's browser. A browser hijacker may replace the existing home page, error page, or search engine with its own. These are generally used to force hits to a particular website, increasing its advertising revenue.

<span class="mw-page-title-main">WinFixer</span> Rogue security software

WinFixer was a family of scareware rogue security programs developed by Winsoftware which claimed to repair computer system problems on Microsoft Windows computers if a user purchased the full version of the software. The software was mainly installed without the user's consent. McAfee claimed that "the primary function of the free version appears to be to alarm the user into paying for registration, at least partially based on false or erroneous detections." The program prompted the user to purchase a paid copy of the program.

<span class="mw-page-title-main">Zango (company)</span>

Zango,, formerly ePIPO, 180solutions and Hotbar, was a software company that provided users access to its partners' videos, games, tools and utilities in exchange for viewing targeted advertising placed on their computers. Zango software is listed as adware by Symantec, and is also labeled as a potentially unwanted program by McAfee. Zango was co-founded by two brothers: Keith Smith, who served as the CEO; and Ken Smith, who served as the CTO.

<span class="mw-page-title-main">Lavasoft</span> Software company of Canada

Adaware, formerly known as Lavasoft, is a software development company that produces spyware and malware detection software, including Adaware. It operates as a subsidiary of Avanquest, a division of Claranova.

The Vundo Trojan is either a Trojan horse or a computer worm that is known to cause popups and advertising for rogue antispyware programs, and sporadically other misbehavior including performance degradation and denial of service with some websites including Google and Facebook. It also is used to deliver other malware to its host computers. Later versions include rootkits and ransomware.

A browser extension is a software module for customizing a web browser. Browsers typically allow users to install a variety of extensions, including user interface modifications, cookie management, ad blocking, and the custom scripting and styling of web pages.

Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.

Privacy-invasive software is software that violates the user's privacy, ranging from legitimate software to malware. Privacy-invasive software is a category of software that ignores its users' right to be left alone and that is distributed with a specific intent, often of a commercial nature, which negatively affects its users.However, the software does not only "ignore" security checks, protocols and procedures, but they are engineered to forcibly or stealthily attack mechanical, manual or automated systems and gain operational control of the systems put in place so that they easily gain access to any and all information in and about a system and reads it back to the attacker.

<span class="mw-page-title-main">Malwarebytes</span> Internet security company

Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.

<span class="mw-page-title-main">Genieo</span> Israeli company specializing in Mac malware

Genieo Innovation is an Israeli company, specializing in unwanted software which includes advertising and user tracking software, commonly referred to as a potentially unwanted program, adware, privacy-invasive software, grayware, or malware. They are best known for Genieo, an application of this type. They also own and operate InstallMac which distributes additional 'optional' search modifying software with other applications. In 2014, Genieo Innovation was acquired for $34 million by Somoto, another company which "bundles legitimate applications with offers for additional third party applications that may be unwanted by the user". This sector of the Israeli software industry is frequently referred to as Download Valley.

Download Valley is a cluster of software companies in Israel, producing and delivering adware to be installed alongside downloads of other software. The primary purpose is to monetize shareware and downloads. These software items are commonly browser toolbars, adware, browser hijackers, spyware, and malware. Another group of products are download managers, possibly designed to induce or trick the user to install adware, when downloading a piece of desired software or mobile app from a certain source.

A potentially unwanted program (PUP) or potentially unwanted application (PUA) is software that a user may perceive as unwanted or unnecessary. It is used as a subjective tagging criterion by security and parental control products. Such software may use an implementation that can compromise privacy or weaken the computer's security. Companies often bundle a wanted program download with a wrapper application and may offer to install an unwanted application, and in some cases without providing a clear opt-out method. Antivirus companies define the software bundled as potentially unwanted programs which can include software that displays intrusive advertising (adware), or tracks the user's Internet usage to sell information to advertisers (spyware), injects its own advertising into web pages that a user looks at, or uses premium SMS services to rack up charges for the user. A growing number of open-source software projects have expressed dismay at third-party websites wrapping their downloads with unwanted bundles, without the project's knowledge or consent. Nearly every third-party free download site bundles their downloads with potentially unwanted software. The practice is widely considered unethical because it violates the security interests of users without their informed consent. Some unwanted software bundles install a root certificate on a user's device, which allows hackers to intercept private data such as banking details, without a browser giving security warnings. The United States Department of Homeland Security has advised removing an insecure root certificate, because they make computers vulnerable to serious cyberattacks. Software developers and security experts recommend that people always download the latest version from the official project website, or a trusted package manager or app store.

Windows 10, a proprietary operating system released by Microsoft in July 2015, has been criticized by reviewers and users. Due to issues mostly about privacy, it has been the subject of a number of negative assessments by various groups.

References

  1. FTC Report (2005). ""
  2. Tulloch, Mitch (2003). Koch, Jeff; Haynes, Sandra (eds.). Microsoft Encyclopedia of Security. Redmond, Washington: Microsoft Press. p. 16. ISBN   978-0-7356-1877-0.
  3. 1 2 Braue, David (4 September 2008). "Feature: Ad-supported software". ZDNet . Retrieved 4 December 2012.
  4. 1 2 3 Hayes Weier, Mary (5 May 2007). "Businesses Warm To No-Cost, Ad-Supported Software". Information Week . Archived from the original on 8 August 2016. Retrieved 4 December 2012.
  5. Foley, Mary Jo (30 July 2007). "Microsoft Works to become a free, ad-funded product". Zdnet. Retrieved 4 December 2012.
  6. Foley, Mary Jo (9 October 2009). "Microsoft adds an 'Office Starter' edition to its distribution plans". ZDNet . Retrieved 4 December 2012.
  7. Foley, Mary Jo (21 June 2012). "Microsoft begins phasing out Starter edition of its Office suite". ZDNet . Retrieved 4 December 2012.
  8. Levy, Ari (23 April 2012). "Ad-supported software reaches specialized audience". SF Gate . Retrieved 4 December 2012.
  9. "Allowing acceptable ads in Adblock Plus". adblockplus.org. Retrieved 18 March 2018.
  10. Tung, Liam (11 March 2011). "Skype now free ad-supported software". iT News for Australian Business. Retrieved 4 December 2012.
  11. "Kindle, Wi-Fi, Graphite, 6" Display with New E Ink Pearl Technology — includes Special Offers & Sponsored Screensavers". Amazon.com . Retrieved 4 August 2011.
  12. "Microsoft Advertising Historical Timeline". Microsoft Advertising. September 2008. Retrieved 20 November 2012.
  13. "Windows 8 Ads in Apps". Microsoft Advertising. Archived from the original on 21 November 2012. Retrieved 20 November 2012.
  14. Kim, Stephen (1 October 2012). "Microsoft Advertising Unveils New Windows 8 Ads in Apps Concepts with Agency Partners at Advertising Week 2012". Microsoft. Archived from the original on 27 September 2013. Retrieved 20 November 2012.
  15. Fried, Ina (14 November 2005). "Microsoft eyes making desktop apps free". CNET . Archived from the original on 24 November 2005. Retrieved 20 November 2012.
  16. Hoffman, Chris. "How to Disable All of Windows 10's Built-in Advertising". howtogeek.com. Retrieved 25 August 2020.
  17. Teeter, Ryan; Karl Barksdale (9 February 2011). Google Apps For Dummies. John Wiley & Sons. pp. 3–27. ISBN   978-1-118-05240-2.
  18. by Jolie O'Dell 203 (17 January 2011). "Facebook's Ad Revenue Hit $1.86B for 2010". Mashable . Mashable.com. Retrieved 21 December 2011.{{cite web}}: CS1 maint: numeric names: authors list (link)
  19. Womack, Brian (20 September 2011). "Facebook Revenue Will Reach $4.27 Billion, EMarketer Says". Bloomberg. Retrieved 21 December 2011.
  20. Foley, Mary Jo (3 May 2007). "Meet Microsoft, the advertising company". ZDNet . Retrieved 20 November 2012.
  21. Majoras, Deborah Platt (March 2005). "FTC Staff Report. Monitoring Software on Your PC: Spyware, Adware, and Other Software" (PDF). Federal Trade Commission. Retrieved 4 April 2005.
  22. Morris, Anne M; Katzman, Debra K (5 September 2003). "The impact of the media on eating disorders in children and adolescents". Paediatrics & Child Health. 8 (5): 287–289. doi:10.1093/pch/8.5.287. PMC   2792687 . PMID   20020030.
  23. National Cyber Security Alliance. "Malware & Botnets". StaySafeOnline.org. Archived from the original on 13 December 2012. Retrieved 4 December 2012. The terms 'spyware' and 'adware' apply to several different [malware] technologies...
  24. "Viruses and other forms of malicious software". Princeton University Office of Information Technology. 5 July 2012. Archived from the original on 24 December 2012. Retrieved 4 December 2012. malware also includes worms, spyware and adware.
  25. Vincentas (11 July 2013). "Adware in SpyWareLoop.com". Spyware Loop. Archived from the original on 23 March 2014. Retrieved 27 July 2013.
  26. "Malware from A to Z". Lavasoft . Retrieved 4 December 2012. [Adware] delivers advertising content potentially in a manner or context that may be unexpected and unwanted by users.
  27. National Cyber Security Alliance. "Data Privacy Day Glossary". StaySafeOnline.org. Archived from the original on 20 March 2013. Retrieved 4 December 2012. Adware: type of malware that allows popup ads on a computer system, ultimately taking over a user's Internet browsing.
  28. "Latest in Malware: eFast Browser Attacks with False Google Chrome, Traps Users with Adware". Bay Computing. 30 March 2017. Retrieved 11 September 2021.
  29. "Spyware, Adware and Malware — Advice for networks and network users". RM Education . Retrieved 4 December 2012. [Adware] tend[s] to be more of an irritant than do actual damage to your system, but [is] an unwanted presence nonetheless.
  30. "McAfee, Inc. Names Most Dangerous Celebrities in Cyberspace". McAfee. Archived from the original on 4 June 2013. Retrieved 4 December 2012. online threats, such as spyware, spam, phishing, adware, viruses and other malware... Copy available at Bloomberg.
  31. Stern, Jerry. "Spyware, Adware, Malware, Thief: Creating Business Income from Denial of Service and Fraud" (PDF). ASPects, Newsletter of the Association of Shareware Professionals. Association of Software Professionals. Archived from the original (PDF) on 17 September 2012. Adware has become a bad word, linked to spyware and privacy violations by everyone except the publishers of the products... [it was] a good thing ten or fifteen years ago, and [is] bad now... [t]he lines for adware are even being blended into virus and trojan territory.
  32. Spyware Workshop: Monitoring Software on Your Personal Computer: Spyware, Adware and Other Software. Federal Trade Commission. March 2005. p. 2. ISBN   9781428952577.
  33. Schwabach, Aaron (2005). Internet and the Law: Technology, Society, and Compromises. ABC-CLIO. p. 10. ISBN   978-1-85109-731-9.
  34. Urban, Tobias, Dennis Tatang, Thorsten Holz, Norbert Pohlmann. 2019. “Analyzing leakage of personal information by malware”. Journal of Computer Security 27(4): 459-481.
  35. 1 2 Casey, Henry T. (25 November 2015). "Latest adware disables antivirus software". Tom's Guide. Yahoo.com . Retrieved 25 November 2015.
  36. Honeycutt, Jerry (20 April 2004). "How to protect your computer from Spyware and Adware". Microsoft.com. Microsoft. Archived from the original on 7 February 2006.
  37. "Decompile: Technical analysis of the Trojan". Cheetah Mobile. 9 November 2015. Archived from the original on 27 December 2016. Retrieved 7 December 2015.
  38. Alani, Mohammed (2022). "AdStop: Efficient flow-based mobile adware detection using machine learning". Computers & Security. 117: 102718.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.