Adware

Last updated

Adware, often called advertising-supported software by its developers, is software that generates revenue for its developer by automatically generating online advertisements in the user interface of the software or on a screen presented to the user during the installation process. The software may generate two types of revenue: one is for the display of the advertisement and another on a "pay-per-click" basis, if the user clicks on the advertisement. Some advertisements also act as spyware, [1] collecting and reporting data about the user, to be sold or used for targeted advertising or user profiling. The software may implement advertisements in a variety of ways, including a static box display, a banner display, full screen, a video, pop-up ad or in some other form. All forms of advertising carry health, ethical, privacy and security risks for users.

Contents

The 2003 Microsoft Encyclopedia of Security and some other sources use the term "adware" differently: "any software that installs itself on your system without your knowledge and displays advertisements when the user browses the Internet", [2] i.e., a form of malware.

Some software developers offer their software free of charge, and rely on revenue from advertising to recoup their expenses and generate income. Some also offer a version of the software at a fee without advertising.

Advertising-supported software

In legitimate software, the advertising functions are integrated into or bundled with the program. Adware is usually seen by the developer as a way to recover development costs, and to generate revenue. In some cases, the developer may provide the software to the user free of charge or at a reduced price. The income derived from presenting advertisements to the user may allow or motivate the developer to continue to develop, maintain and upgrade the software product. [3] The use of advertising-supported software in business is becoming increasingly popular, with a third of IT and business executives in a 2007 survey by McKinsey & Company planning to be using ad-funded software within the following two years. [4] Advertisement-funded software is also one of the business models for open-source software.

Application software

Some software is offered in both an advertising-supported mode and a paid, advertisement-free mode. The latter is usually available by an online purchase of a license or registration code for the software that unlocks the mode, or the purchase and download of a separate version of the software. [lower-alpha 1]

Some software authors offer advertising-supported versions of their software as an alternative option to business organizations seeking to avoid paying large sums for software licenses, funding the development of the software with higher fees for advertisers. [8]

Examples of advertising-supported software include Adblock Plus ("Acceptable Ads"), [9] the Windows version of the Internet telephony application Skype, [10] and the Amazon Kindle 3 family of e-book readers, which has versions called "Kindle with Special Offers" that display advertisements on the home page and in sleep mode in exchange for substantially lower pricing. [11]

In 2012, Microsoft and its advertising division, Microsoft Advertising, [lower-alpha 2] announced that Windows 8, the major release of the Microsoft Windows operating system, would provide built-in methods for software authors to use advertising support as a business model. [13] [14] The idea had been considered since as early as 2005. [15] Most editions of Windows 10 include adware by default. [16]

Software as a service

Support by advertising is a popular business model of software as a service (SaaS) on the Web. Notable examples include the email service Gmail [3] [17] and other Google Apps (now G Suite) products, [4] and the social network Facebook. [18] [19] Microsoft has also adopted the advertising-supported model for many of its social software SaaS offerings. [20] The Microsoft Office Live service was also available in an advertising-supported mode. [4]

Definition of Spyware, Consent, and Ethics

In the view of Federal Trade Commission staff, [21] there appears to be general agreement that software should be considered "spyware" only if it is downloaded or installed on a computer without the user's knowledge and consent. However, unresolved issues remain concerning how, what, and when consumers need to be told about software installed on their computers. For instance, distributors often disclose in an end-user license agreement that there is additional software bundled with primary software, but some participants did not view such disclosure as sufficient to infer consent.

Much of the discussion on the topic involves the idea of informed consent, the assumption being that this standard eliminates any ethical issues with any given software's behavior. However, if a majority of important software, websites and devices were to adopt similar behavior and only the standard of informed consent is used, then logically a user's only recourse against that behavior would become not using a computer. The contract would become an ultimatum- agree or be ostracized from the modern world. This is a form of psychological coercion and presents an ethical problem with using implied or inferred consent as a standard. There are notable similarities between this situation and binding arbitration clauses which have become inevitable in contracts in the United States.

Furthermore, certain forms and strategies of advertising have been shown to lead to psychological harm, especially in children. One example is childhood eating disorders- several studies have reported a positive association between exposure to beauty and fashion magazines and an increased level of weight concerns or eating disorder symptoms in girls. [22]

Malware

The term adware is frequently used to describe a form of malware (malicious software) [23] [24] which presents unwanted advertisements to the user of a computer. [25] [26] The advertisements produced by adware are sometimes in the form of a pop-up or sometimes in an "unclosable window". [27]

When the term is used in this way, the severity of its implication varies. While some sources rate adware only as an "irritant", [28] others classify it as an "online threat" [29] or even rate it as seriously as computer viruses and trojans. [30] The precise definition of the term in this context also varies. [lower-alpha 3] Adware that observes the computer user's activities without their consent and reports it to the software's author is called spyware. [32] Adwares may collect personal information of the user, causing privacy concerns. [33] However most adware operates legally and some adware manufacturers have even sued antivirus companies for blocking adware. [34]

Programs have been developed to detect, quarantine, and remove advertisement-displaying malware, including Ad-Aware, Malwarebytes' Anti-Malware, Spyware Doctor and Spybot – Search & Destroy. In addition, almost all commercial antivirus software currently detect adware and spyware, or offer a separate detection module. [35]

A new wrinkle is adware (using stolen certificates) that disables anti-malware and virus protection; technical remedies are available. [34]

Adware has also been discovered in certain low-cost Android devices, particularly those made by small Chinese firms running on Allwinner systems-on-chip. There are even cases where adware code is embedded deep into files stored on the system and boot partitions, to which removal involves extensive (and complex) modifications to the firmware. [36]

See also

Notes

  1. For example, in 2007 Microsoft changed its productivity suite Microsoft Works to be advertising-supported. [5] Works was subsequently replaced with the Microsoft Office 2010 software suite operating in a "starter" mode that included advertisements. [6] As of 2012, this product is also being phased out and replaced with Office Online (formerly Office Web Apps). [7]
  2. Formed in 2008 following Microsoft's acquisition of digital marketing company aQuantive. [12]
  3. A workshop held by the Federal Trade Commission in 2005 asked representatives of the computer, electronic advertising, and anti-spyware product industries, as well as representatives of trade associations, government agencies, consumer and privacy advocacy groups, to try and define adware and its relation to spyware, and did not find a clear consensus. [31]

Related Research Articles

Malware A portmanteau for malicious software

Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, wiper and scareware.

Spyware describes software with malicious behavior that aims to gather information about a person or organization and send such information to another entity in a way that harms the user. For example, by violating their privacy or endangering their device's security. This behavior may be present in malware as well as in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected. Spyware is frequently associated with advertising and involves many of the same issues. Because these behaviors are so common, and can have non-harmful uses, providing a precise definition of spyware is a difficult task.

Claria Corporation was a software company based in Redwood City, California that invented “Behavioral Marketing”, a highly effective but controversial new form of online advertising. It was founded in 1998 by Denis Coleman, Stanford MBA Sasha Zorovic, and engineer Mark Pennell, based on work Zorovic had done at Stanford. In March 1999 Jeff McFadden was hired as CEO and Zorovic was effectively forced out.

BonziBuddy Former freeware desktop assistant

BonziBuddy, stylized as BonziBUDDY, was a freeware desktop virtual assistant made by Joe and Jay Bonzi. Upon a user's choice, it would share jokes and facts, manage downloads, sing songs, and talk, among other functions. Some versions of the software were described as spyware and adware.

Scareware is a form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software. Scareware is part of a class of malicious software that includes rogue security software, ransomware and other scam software that tricks users into believing their computer is infected with a virus, then suggests that they download and pay for reakantivirus software to remove it. Usually the virus isn't real and the software is non-functional or malware itself. According to the Anti-Phishing Working Group, the number of scareware packages in circulation rose from 2,850 to 9,287 in the second half of 2008. In the first half of 2009, the APWG identified a 585% increase in scareware programs.

Ad blocking or ad filtering is a software capability for blocking or altering online advertising in a web browser or an application. This may be done using browser extensions or other methods.

SpywareBlaster

SpywareBlaster is an antispyware and antiadware program for Microsoft Windows designed to block the installation of ActiveX malware.

Online advertising Form of advertising

Online advertising, also known as online marketing, Internet advertising, digital advertising or web advertising, is a form of marketing and advertising which uses the Internet to deliver promotional marketing messages to consumers. Many consumers find online advertising disruptive and have increasingly turned to ad blocking for a variety of reasons.

Browser hijacking is a form of unwanted software that modifies a web browser's settings without a user's permission, to inject unwanted advertising into the user's browser. A browser hijacker may replace the existing home page, error page, or search engine with its own. These are generally used to force hits to a particular website, increasing its advertising revenue.

WinFixer Rogue security software

WinFixer was a family of scareware rogue security programs developed by Winsoftware which claimed to repair computer system problems on Microsoft Windows computers if a user purchased the full version of the software. The software was mainly installed without the user's consent. McAfee claimed that "the primary function of the free version appears to be to alarm the user into paying for registration, at least partially based on false or erroneous detections." The program prompted the user to purchase a paid copy of the program.

Zango (company)

Zango,, formerly ePIPO, 180solutions and Hotbar, was a software company that provided users access to its partners' videos, games, tools and utilities in exchange for viewing targeted advertising placed on their computers. Zango software is listed as adware by Symantec, and is also labeled as a potentially unwanted program by McAfee. Zango was co-founded by two brothers: Keith Smith, who served as the CEO; and Ken Smith, who served as the CTO.

Lavasoft Software company of Canada

Adaware, formerly known as Lavasoft, is a software development company that produces spyware and malware detection software, including Adaware. It operates as a subsidiary of Avanquest a division of Claranova.

A browser extension is a small software module for customizing a web browser. Browsers typically allow a variety of extensions, including user interface modifications, ad blocking, and cookie management.

Kaspersky Anti-Virus

Kaspersky Anti-Virus is a proprietary antivirus program developed by Kaspersky Lab. It is designed to protect users from malware and is primarily designed for computers running Microsoft Windows and macOS, although a version for Linux is available for business consumers.

Privacy-invasive software is computer software that ignores users’ privacy and that is distributed with a specific intent, often of a commercial nature. Three typical examples of privacy-invasive software are adware, spyware and browser hijacking programs.

Genieo Company specializing in potentially unwanted software

Genieo Innovation is an Israeli company, specializing in unwanted software which includes advertising and user tracking software, commonly referred to as a potentially unwanted program, adware, privacy-invasive software, grayware, or malware. They are best known for Genieo, an application of this type. They also own and operate InstallMac which distributes additional 'optional' search modifying software with other applications. In 2014, Genieo Innovation was acquired for $34 million by Somoto, another company which "bundles legitimate applications with offers for additional third party applications that may be unwanted by the user". This sector of the Israeli software industry is frequently referred to as Download Valley.

Download Valley is a cluster of software companies in Israel, producing and delivering adware to be installed alongside downloads of other software. The primary purpose is to monetize shareware and downloads. These software items are commonly browser toolbars, adware, browser hijackers, spyware, and malware. Another group of products are download managers, possibly designed to induce or trick the user to install adware, when downloading a piece of desired software or mobile app from a certain source.

A potentially unwanted program (PUP) or potentially unwanted application (PUA) is software that a user may perceive as unwanted. It is used as a subjective tagging criterion by security and parental control products.

Windows 10, an operating system released by Microsoft in July 2015, has been criticized by reviewers and users. Due to issues mostly about privacy, it has been the subject of a number of negative assessments by various groups.

References

  1. FTC Report (2005). ""
  2. Tulloch, Mitch (2003). Koch, Jeff; Haynes, Sandra (eds.). Microsoft Encyclopedia of Security. Redmond, Washington: Microsoft Press. p. 16. ISBN   978-0-7356-1877-0.
  3. 1 2 Braue, David (4 September 2008). "Feature: Ad-supported software". ZDNet . Retrieved 4 December 2012.
  4. 1 2 3 Hayes Weier, Mary (5 May 2007). "Businesses Warm To No-Cost, Ad-Supported Software". Information Week . Archived from the original on 8 August 2016. Retrieved 4 December 2012.
  5. Foley, Mary Jo (30 July 2007). "Microsoft Works to become a free, ad-funded product" . Retrieved 4 December 2012.
  6. Foley, Mary Jo (9 October 2009). "Microsoft adds an 'Office Starter' edition to its distribution plans". ZDNet . Retrieved 4 December 2012.
  7. Foley, Mary Jo (21 June 2012). "Microsoft begins phasing out Starter edition of its Office suite". ZDNet . Retrieved 4 December 2012.
  8. Levy, Ari (23 April 2012). "Ad-supported software reaches specialized audience". SF Gate . Retrieved 4 December 2012.
  9. "Allowing acceptable ads in Adblock Plus". adblockplus.org. Retrieved 18 March 2018.
  10. Tung, Liam (11 March 2011). "Skype now free ad-supported software". iT News for Australian Business. Retrieved 4 December 2012.
  11. "Kindle, Wi-Fi, Graphite, 6" Display with New E Ink Pearl Technology — includes Special Offers & Sponsored Screensavers". Amazon.com . Retrieved 4 August 2011.
  12. "Microsoft Advertising Historical Timeline". Microsoft Advertising. September 2008. Retrieved 20 November 2012.
  13. "Windows 8 Ads in Apps". Microsoft Advertising. Archived from the original on 21 November 2012. Retrieved 20 November 2012.
  14. Kim, Stephen (1 October 2012). "Microsoft Advertising Unveils New Windows 8 Ads in Apps Concepts with Agency Partners at Advertising Week 2012". Microsoft. Archived from the original on 27 September 2013. Retrieved 20 November 2012.
  15. Fried, Ina (14 November 2005). "Microsoft eyes making desktop apps free". CNET . Archived from the original on 24 November 2005. Retrieved 20 November 2012.
  16. Hoffman, Chris. "How to Disable All of Windows 10's Built-in Advertising". howtogeek.com. Retrieved 25 August 2020.
  17. Teeter, Ryan; Karl Barksdale (9 February 2011). Google Apps For Dummies. pp. 3–27. ISBN   978-1-118-05240-2.
  18. by Jolie O'Dell 203 (17 January 2011). "Facebook's Ad Revenue Hit $1.86B for 2010". Mashable . Mashable.com. Retrieved 21 December 2011.
  19. Womack, Brian (20 September 2011). "Facebook Revenue Will Reach $4.27 Billion, EMarketer Says". Bloomberg. Retrieved 21 December 2011.
  20. Foley, Mary Jo (3 May 2007). "Meet Microsoft, the advertising company". ZDNet . Retrieved 20 November 2012.
  21. Majoras, Deborah Platt (March 2005). "FTC Staff Report. Monitoring Software on Your PC: Spyware, Adware, and Other Software" (PDF). Federal Trade Commission. Retrieved 4 April 2005.
  22. Morris, Anne M; Katzman, Debra K (5 September 2003). "The impact of the media on eating disorders in children and adolescents". Paediatrics & Child Health. 8 (5): 287–289. doi:10.1093/pch/8.5.287. PMC   2792687 . PMID   20020030.
  23. National Cyber Security Alliance. "Malware & Botnets". StaySafeOnline.org. Archived from the original on 13 December 2012. Retrieved 4 December 2012. The terms 'spyware' and 'adware' apply to several different [malware] technologies...
  24. "Viruses and other forms of malicious software". Princeton University Office of Information Technology. 5 July 2012. Archived from the original on 24 December 2012. Retrieved 4 December 2012. malware also includes worms, spyware and adware.
  25. Vincentas (11 July 2013). "Adware in SpyWareLoop.com". Spyware Loop. Archived from the original on 23 March 2014. Retrieved 27 July 2013.
  26. "Malware from A to Z". Lavasoft . Retrieved 4 December 2012. [Adware] delivers advertising content potentially in a manner or context that may be unexpected and unwanted by users.
  27. National Cyber Security Alliance. "Data Privacy Day Glossary". StaySafeOnline.org. Archived from the original on 20 March 2013. Retrieved 4 December 2012. Adware: type of malware that allows popup ads on a computer system, ultimately taking over a user's Internet browsing.
  28. "Spyware, Adware and Malware — Advice for networks and network users". RM Education . Retrieved 4 December 2012. [Adware] tend[s] to be more of an irritant than do actual damage to your system, but [is] an unwanted presence nonetheless.
  29. "McAfee, Inc. Names Most Dangerous Celebrities in Cyberspace". McAfee. Archived from the original on 4 June 2013. Retrieved 4 December 2012. online threats, such as spyware, spam, phishing, adware, viruses and other malware... Copy available at Bloomberg.
  30. Stern, Jerry. "Spyware, Adware, Malware, Thief: Creating Business Income from Denial of Service and Fraud" (PDF). ASPects, Newsletter of the Association of Shareware Professionals. Association of Software Professionals. Archived from the original (PDF) on 17 September 2012. Adware has become a bad word, linked to spyware and privacy violations by everyone except the publishers of the products... [it was] a good thing ten or fifteen years ago, and [is] bad now... [t]he lines for adware are even being blended into virus and trojan territory.
  31. Spyware Workshop: Monitoring Software on Your Personal Computer: Spyware, Adware and Other Software. Federal Trade Commission. March 2005. p. 2. ISBN   9781428952577.
  32. Schwabach, Aaron (2005). Internet and the Law: Technology, Society, and Compromises. ABC-CLIO. p. 10. ISBN   978-1-85109-731-9.
  33. Urban, Tobias, Dennis Tatang, Thorsten Holz, Norbert Pohlmann. 2019. “Analyzing leakage of personal information by malware”. Journal of Computer Security 27(4): 459-481.
  34. 1 2 Casey, Henry T. (25 November 2015). "Latest adware disables antivirus software". Tom's Guide. Yahoo.com . Retrieved 25 November 2015.
  35. Honeycutt, Jerry (20 April 2004). "How to protect your computer from Spyware and Adware". Microsoft.com. Microsoft. Archived from the original on 7 February 2006.
  36. "Decompile: Technical analysis of the Trojan". Cheetah Mobile. 9 November 2015. Retrieved 7 December 2015.