February 21st, 2006
180Solutions Still Allowing Nonconsensual Installs
By Jimmy Daniels
Contributing Writer, RealTechNews
If you’ve read any of my previous articles on 180solutions, you know I’m not a fan, same as most of you, we can all see thru the bull, in the past someone catches them with some nonconsensual installs, and they try to turn it into PR, kicking the naughty affiliate to the curb. Well, this was all supposed to stop as of January 1 2006 when they started using the new S3 screen, and I quote,
The company will no longer allow third parties to distribute its software via ActiveX except when using a 180solutions-controlled ActiveX installer. This will allow the company to ensure that every step of the ActiveX installation experience is controlled by 180solutions rather than third parties. Source: 180Solutions
Well, Ben Edelman has already caught their software being installed without consent on his own test machine…
On Friday morning (February 17), I received a nonconsensual installation of 180solutions Zango software through a security exploit. I was browsing an ordinary commercial web site, when I got a popup from exitexchange.com (a major US ad network, with headquarters in Portland, Oregon). The popup sent me to a third-party’s web site. (I’ll call that third party “X” for convenience. Details.) Then X ran a series of exploits to take control of my test PC, including using the widely-reported WMF exploit uncovered last month. Once X took control of my PC, X caused my computer to install and run 180solutions Zango software, among a dozen other programs. Notably, X fully installed 180’s Zango without me taking any action whatsoever — without me clicking “I agree,” “Yes,” “Finish,” or any other button of any kind. X installed 180’s Zango despite 180’s new “S3″ protections, intended to block these nonconsensual installations.
Self-interested installers can easily bypass the S3 prompt. Installers can easily fake a click on the “Finish” button — just by simulating a single stroke of the “enter” key, or by simulating a click on a predictable button location. So faking a user’s consent is trivial — just a single Windows SendKeys API call.
Sure enough, my “X” installation reflects an installer using exactly these methods. In my video of X’s exploit-based installation of 180, the S3 notice was visible on screen for less than half a second — between 19.08 seconds and 19.57 seconds into the video. During that half-second, exploit-delivered software (installed on my test PC mere seconds before) pressed “Finish,” at which point 180 completed its installation, putting itself in my System Tray (next to the Windows clock), beginning to download its supplemental files, and beginning to monitor my web browsing.
180’s October press release correctly describes the serious harms that occur when users receive many advertising programs. “A myriad of unwanted software … can often negatively impact system performance,” 180 admitted. But 180 then claimed that S3 would keep 180 out of such bundles. I disagree. According to my records, the installation at issue also installed Ad-w-a-r-e, Adservs, Integrated Search Technologies, Internet Optimizer, Media Tickets, New.net, Quicklinks, Surfsidekick, Tagasaurus, Targetsaver, Toolbar888, Ucmore, Webhancer, Web Nexus, WinFixer, and more. These many programs collectively bombarded my test PC with an incredible 730 registry keys, 1194 registry values, 461 files, and 43 file folders. Worse, the newly-installed programs caused 61 processes to run on my test PC, via 24 EXEs set to load each time I turned on my computer. The programs even added three different toolbars to my web browser. This overwhelming burden made it difficult even to inventory and track the programs’ additions and effects. So many co-bundled programs hardly satisfy the “prevent[ing] customers … from receiving a myriad of unwanted software” promise in 180’s press release.Source: Ben Edelman.org
We Say: I can’t wait to see what kind of spin Sean Sundwall tries to put on this one, everyone should read this page on Ben’s site as well, as Sean tries to defend their software and installs on msndollz.com. 180Solutions is about as useful as a turd flavored lollipop.
Mathew says:
Why dont they just outlaw these programs and prosecute them. In a sense, these are just a virus. We throw virus writers in jail for causing us computer woo’s. I clean about 20 systems a month of spyware, and I cant really think of the last time I saw a virus. Something is not right here.
February 21st, 2006 at 7:04 pm
Meh says:
The only way to attempt to stop this sort of thing is to make adware illegal.
Assuming that 180 solutions is trying to do the right thing, which i doubt….It is quite easy to capture the installation and then redistribute it. End result is the same, but without all the inbuilt “safeguards” of the initial installation.
February 22nd, 2006 at 1:24 pm
Richard says:
There is no need to make adware illegal. All you have to do is take down the giant flashing neon sign on your computer that says “Spyware, Adware, Malware, Crapware and Scumware enter here”. Not only is it easy, it’s free. Unless you’ve been living under a rock you know what I’m talking about.
People complaining about this stuff attacking their computers (researchers excluded) just advertise their own complacency. They’ve been dumbed down by Microsoft and they don’t care to lift a finger to do something about it.
“Make adware illegal so I can have my computer back”. Your computer was never taken from you. You gave it away.
February 23rd, 2006 at 8:35 am
Jimmy says:
I’ll have to disagree Richard, if it were just the case of everyone being too lazy, then that would be different. These people target kids and newbies because they don’t know any better. Nobody I know has given anything away.
February 23rd, 2006 at 9:01 am
ringtones free says:
http://www.ringtones-dir.com/get/ ringtones site. Download ringtones FREE, Best free samsung ringtones, Cingular ringtones and more. From website .
July 17th, 2006 at 10:24 pm
» 180solutions Blows More Smoke Up…. » Blog Archive Alice Hill’s Real Tech News - Independent Tech says:
[…] In case you didn’t read it, I posted about 180Solutions still allowing nonconsensual installs as discovered by Ben Edelman, if you want to read their response, and a REALLY funny press release, then check out 180solutions Shuts Down Software Hacker. You know, I can just see Keith Smith, CEO of 180Solutions, standing there with his hands on his hips like Superman after saving the world. 180solutions, Inc., the leading provider of Internet search marketing solutions, today became aware of a publisher with an online name of “Sniper84″ who hacked its software in a way that caused the company’s notification and consent process to be automatically accepted, denying users the ability to make that choice for themselves. […]
January 9th, 2007 at 5:43 pm
free wallpaper for sprint phone says:
free wallpaper for nokia phone…
At this point free funny mobile phone wallpaper cell phone ring tone and wallpaper…
February 1st, 2008 at 1:22 pm
advance cash loan online says:
inheritance cash advance…
For advance cash day loan pay first american cash advance…
February 1st, 2008 at 11:02 pm
roberts rule of poker says:
stud poker rule…
After that gioco baccarat gratis poquer on line…
April 30th, 2008 at 7:14 am
juego ruleta descargar gratis says:
black jack money play play black jack…
All jugar gratis portales internet free online texas hold em…
April 30th, 2008 at 4:06 pm
faxless loan payday quick faxless payday loan says:
keno regeln…
Would You home depot credit card application hold em poker…
May 4th, 2008 at 7:04 am