Ari Schwartz of the CDT is testifying before the Senate Committee on Commerce, Science, and Transportation on “Spyware” today. The link to the webcast is here.
He has some great information in that testimony. If you’re a dedicated spyware fighter, it’s worth scanning. Those who were at the CNet Antispyware Workshop will be familiar with much of this information.
But briefly, here are some pics from the testimony.
It all starts with this simple model:
Advertisers (either directly or through brokers) pay money to adware companies for impressions or clicks or whatever. Distributors get the adware on people’s machines.
So here is another theoretical slide as to how that works. It looks monstrously complicated, but it’s still based off the same simple idea. Advertisers (either directly or through brokers) pay money to adware companies. Distributors get the adware on people’s machines.
It is Byzantine but understandable if you look at it long enough.
Now, this slide shows the truly pernicious behavior of Seismic Entertainment (Seismic is being sued by the FTC).
What was Seismic doing? Nasty, nasty, nasty stealth installs.
Ok, those with weak stomachs turn away (don’t worry, it’s not nasty pictures, it’s just typical run-of-the-mill criminality exposed):
Here is an email from Seismic:
Date: Sat, Mar-6-2004 4:51 PM
Subject: I DID IT
I figured out a way to install an exe without any user interaction. This is the time to make the
$$$ while we can.
Here is another fun one:
Date: Fri, Nov-28-2003 12:37 PM
I do my sneaky shit with adv.com today through Sunday — everyone’s off anyway…. You
then send an email to your contact early Monday AM saying the advertiser was unethical and
pulled a switch and you are no longer doing business with them… Then we stop buying
adv.com through you in any way.
All of these pics and the emails I got from Ari Schwartz’ testimony. (Thanks Suzi for forwarding the link).
Hats off to the CDT and to Ari for this.