|
Interviews: Aluria Software Responds to 20 Questions Open Letter |
|
|
We believe that while many of the questions that have been asked by this person, have been asked with an obviously slanted and leading view, moderate and objective readers deserve answers and information concerning WhenU and the changing landscape of spyware/adware. As such we have put together this lengthy response. We will however, not be drawn into a debate with people posing as objective, when in fact many many have hidden adgendas. That said, we will not respond publicly any further on this issue.
For objective readers seeking information, we hope you find our position and the information helpful. If you has any comments or questions that are not covered below, we will answer them privately. Please send all inquiries through our contact form at www.aluriasoftware.com.
Finally, on forums such as these, it is often only the radicals that are moved to post comment, and too often facts are ignored. We believe this issue is too important to let these few, use misinformation, or unfounded allegations to steer the conversation. If you consider yourself a moderate on this issue, please look for these comments and address them accordingly.
What are your thoughts on the Aluria and WhenU arrangement?
Aluria has, and always will be, at the leading edge of spyware issues and solutions. We view our role, not as a simple remover of spyware applications, but rather a company that uses multiple avenues to protect the public’s privacy and security. As such, Aluria is the first (and only) anti-spyware company to put out detailed list criteria for software publishers to follow in order to be labeled Spyware-SAFE. Here are our standards.
Many questions are being asked of Aluria, and we are happy to answer them, but I must ask one question as well – why have no other anti-spyware vendors posted solid guidelines as to what spyware is, or helped to move companies toward best practices?? Some are conveniently critical of Aluria’s progressive stance, but these same companies fail to provide any guidelines or best practices to help companies do business the right way.
Unfortunately, many anti-spyware vendors are desperately hanging on to the status quo, and labeling as “spyware” as many applications (and even cookies, jpegs, and other benign files) as they possibly can. Why? Because it makes these product look like they detect more, and thus they sell more anti-spyware. But does this protect the public? We have seen that despite the exponential growth in anti-spyware sales, that new spyware continues to spread and multiply. Whatever your view on WhenU, please keep in mind that the public no longer needs an anti-spyware application to remove them – WhenU applications can be removed through Add and Remove Programs and this fact scares some anti-spyware companies.
Aluria has guided, not just WhenU but several companies in stopping all Active-X downloads, creating easy and complete removal processes through Add and Remove Programs, and providing complete and obvious disclosure OUTSIDE, AND IN ADDITION TO the End User License Agreement (EULA). Aluria has done this work alone, while others have failed to list even the first guideline or standard for companies to follow.
Simply put, Aluria believes it is better to have three part solution:
1. Provide a clear list of best practices criteria to follow for companies that would like to operate correctly
2. Protect the public by working with these companies to ensure they meet all guidelines on an ongoing basis
3. Protect the public by aggressively removing nonconforming applications through our anti-spyware application.
The fact is, if we skip step one and two, we provide no incentive or guidance for these companies to change their business practices. While this would be good for the anti-spyware industry because we continue to sell our products, it would be bad for the public because companies continue to use evasive tactics to land on the desktop, collect and transmit private information, and fight removal as much as possible. That said, and regardless of your specific opinion concerning WhenU, I would like to enlist your help as influencers in the spyware space to call on other anti-spyware vendors to publicly list the standards that they use when label something spyware. We believe our criteria are comprehensive, but perhaps we have missed something, and if so, we would gladly add it to our list. This is not a rhetorical request - we believe this is a crucial step toward progress within the industry and we would like your help in pushing this forward.
Question - is all software that serves advertising bad? If so, the popular Opera web browser, Eudora email client, and almost every file sharing application should be listed as spyware. So what makes Opera, Eudora, and Limewire (a good file sharing app) different? Simple, they inform users of what they are doing and give them a choice, they don’t violate privacy, and they don’t fight removal if the user decides they don’t want them. These are the basic principles behind the 36 rules the comprise our Spyware Safe Criteria.
We believe that like ad supported television programming, there is a large demand for freeware that is supported by advertising – but the user must be in complete control and completely informed. Obviously, a large percentage of the public wants these applications and countless other ad supported “freeware’ so standards must be set that allows software publishers to provide these applications, but in a way that is not risky to consumers – full-disclosure of what is being installed, easy and complete removal processes, and privacy protection are key. Again, I humbly ask that each of you use your influence to call for all anti-spyware vendors to post their criteria so that we can work toward a common industry standard.
Getting to WhenU - WhenU approached Aluria about participating in our Spyware-SAFE program – in part because we are an industry leader, and also the only anti-spyware vendor to date to think about the issues and offer a clearly defined set of guidelines.
Over a four month period, we studied WhenU’s installation, operation, and removal practices as they related to our Spyware Safe Criteria. We reviewed their co-bundle distribution partner policies and disclosure screens and found the vast majority of them compliant with our criteria and in line with industry standards for co-bundling (eg Yahoo). They agreed to fix the issues we uncovered, and to terminate certain practices such as ActiveX based disclosure that we did not find compliant. In addition to our own investigation, WhenU showed us that their contextual software had been audited by reputable outside privacy experts, including Richard Purcell, former Chief Privacy Office for Microsoft (see http://www.whenu.com/pc_role_audit.html), who confirms that it does not track browsing of individual users and is extremely privacy protective. They agreed to be contractually committed to all of Aluria’s Spyware-SAFE criteria, and while I can’t tell you the specifics of our certification contract (Non0Disclosure Agreements), I can tell you WhenU would face financial and public relations consequences if they were found to be in violation of the rules. Honestly though, we don’t expect this, WhenU has been extremely forthcoming, proactive, and responsive on these issues since they have made this move toward legitimacy. The have hired top-level executives from eTrust and About.com and
been praised by Chairman Barton, the sponsor of the Spyblock Act (HR 2929) for their efforts and move towards best practices.
After this exhaustive process, we concluded that WhenU was Spyware-SAFE, and we agreed to license them our anti-spyware scanning technology on a private label basis. There was no financial arrangement in-place whatsoever to offer WhenU Spyware-SAFE certification, and the certification was not contingent upon any financial arrangement, nor was it influenced by any financial arrangement.
Do you think this puts Aluria's reputation (along with COAST) in jeopardy?
Absolutely not. Aluria Software was founding member of COAST, and while the individual members sometimes disagree, all the members are very good companies that are dedicated to fighting spyware and resolving spyware related issues.
Without putting out detailed criteria and standards for what makes something "spyware", the anti-spyware community and other vendors create a wild west atmosphere where there is no road map for companies who want to be legitimate and are willing to do what it takes to become legitimate. If we are going to improve the Net for consumers, we need to offer companies that could go one way or the other the chance to improve their practices and be granted legitimacy. Just because a company distributes co-bundled advertising software does not automatically make it spyware. The key questions should be centered on disclosure, privacy, and ease of removal.
If a company is willing to adhere to best practices, regardless of the economic cost or the cost to their user base and growth - then regardless of how Aluria treated them in the past we need to give them a fair evaluation based on their current practices.
Who profits from its software being bundled in WhenU distributions?
Like Eudora, Opera, and Limewire, the WhenU consumer is given a choice as to whether they would like to purchase our spyware application or have it for free, and WhenU pays us a licensing fee for the use of our anti-spyware technology in their software on a private label basis.
Will the software target the removal of competing anti-spyware/adware solutions?
No - the software targets products for removal that do not meet Aluria's detailed criteria for being spyware-SAFE, available at our website. Nothing else. WhenU has no say whatsoever in who is included in our spyware definitions, nor have they asked for one.
Why does Aluria work with WhenU when other security companies describe them as spyware/adware?
I think I answered that mostly above, but we encourage other security companies to evaluate WhenU in as detailed a manner as we have and we would not be surprised if many changed their opinions about WhenU in the coming months
How can Aluria be an objective security company when it is partnered with a known offender?
The question itself is indicative of the whole problem with this debate - jumping to conclusions without giving a chance for WhenU to prove that it is committed to adhering to legitimate practices. Everything we have seen so far indicates that they are, and we encourage the anti-spyware community to give this a chance.
Andrew Clover has provided details at the Aluria Forums, why is he ignored?
Andrew Clover has not been ignored. We have responded to Andrew via email not public forum. Moreover, Andrew Clover has a more sophisticated view than most on this issue. While he has not necessarily agreed with everything we done, he consistently approaches the issue with thoughtfulness and consideration. We appreciate his, and other evenhanded points of view and actively respond to his requests. Because we don’t post our emails on a public forum, don’t assume it is not happening.
That said, all of his claims have been investigated by both Aluria and WhenU, and we have seen very fast response on the part of WhenU - most of them involve either old inactive distributions or distributions not sanctioned by WhenU and quickly shut down when WhenU found out about them.
Unlike most adware companies, WhenU does not maintain an automated affiliate program and has committed to us going forward that they will not allow their co-bundle partners to redistribute through automated affiliate programs - which has been a source of some past issues. With this level of control over their distribution, we are confident that these past issues will not exist moving forward.
Will you be marketing your products and advertising when consumers call your anti-spyware hotline for help?
No - The spyware hotline’s chief purpose is for current ASE users and the public to report new spyware threats for inclusion in our DAT files. Since we do not actively promote the hotline (except in the initial press release) we expect that vast majority of the callers to be Aluria customers that already own Spyware Eliminator. People who contact the hotline can talk directly with a level one spyware hunter (not a marketing person). Certainly, if someone calls with a spyware problem that we know ASE can fix then we will tell them about it.
Any comments on WhenU being linked to SP2fucked?
See previous answer to question about Andrew Clover
How can the 'Spyware Safe' program be reputable when well known companies like Symantec label WhenU bad?
. Did you know that Symantec did not consider CLARIA/GATOR malicious until three days ago, and did not remove it?
Here is the quote that was on their site until three days ago:
This adware is a component of other, legitimate programs such as DashBar, which is a product of GAIN Publishing. Symantec antivirus products that support Expanded Threat detection can detect, but cannot remove Adware.Gator.
To remove the adware component, you must uninstall all GAIN-enabled programs."
Here is the link: http://securityresponse.symantec.com/avcenter/venc/data/adware.gator.html
Please note that they just revised this page on 12/10/2004 with a removal for Gator. You can see this on the bottom of the page which reads:
Revision History:
December 10, 2004: Updated with link to removal tool.
Again, this is an argument for universal industry standards. We don’t look to other companies to guide us, we created comprehensive standards and we evaluate applications based on these standards.
Obviously, someone has to be the first to make the decision that WhenU is Spyware-Safe. It is extremely easy to just continue to call something spyware without knowing the detail that we do. We believe our stance is the fair and objective one, and you will see more companies coming out with criteria in the next few months and coming to similar conclusions.
Does Aluria consider the use of Installers which doesn't clearly indicate all the software being installed on a system a legitimate and ethical practice?
No.
How can Aluria claim that WhenU is spyware safe when it is bundled with known spyware products?
WhenU is not bundled with known spyware products and any associations of this have been investigated, per answers above
Do you condone AdwareReport for suggesting SpywareGuide lied?
We appreciate AdwareReport, and all other objective views on this matter.
FYI - here is our actual privacy policy: http://www.aluriasoftware.com/other/privacy/
Did you send a cease and desist order to SpywareGuide when clearly their comments reflected your privacy policy in complete accuracy as shown by Web Archive?
We did send a Cease and Desist and it was complied with.
Is Aluria hoping to profit from the 80 million people Avi Nader has previously declared have WhenU installed on their systems, even though over 70% of those people aren't aware of how the software got there, and wish to remove the software once they are aware of it's presence?
From what we have learned, WhenU is focused on improving the quality and legitimacy of their distribution - not on being the largest player. No, Aluria hopes to profit from providing users with the best anti-spyware product available, and by providing users with the most information, pricing flexibility, and choice.
How does this WhenU partnership and public skepticism reflect on your partnership with AOL in delivering Spyware Eliminator to its dial-up members?
The public (as measured by sales and feedback) and the mainstream media, as measured by the Boston Globe, have not been negative or overly skeptical because we have publicly posted what we have done, and how WhenU has moved toward best practices. Again, WhenU has been praised by members of Congess for their recent efforts. Our relationship with AOL remains strong and ongoing, beyond that I will not discuss our relationship with AOL.
AOL is offering SpyZapper in its 9.0 release. Has AOL dropped Aluria?
See above.
How do you feel about being delisted on security sites and therefore losing faith in the public eye?
We feel that its unfortunate that some sites immediately jump to conclusions without giving understanding to the facts, or giving this a chance to work. The one site that I know of “delisting us” , never called to ask what took place or what our position was. As a founding member of COAST, and one of the most well respected and widely deployed anti-spyware technologies on the market, we would like to think that an objective authority on these issues would have called to get some information before jumping to conclusions. Obviously, we would have liked to have received the benefit of the doubt, or at least have been contacted by this site before they took the action that they did. Still, this will not prevent us from moving forward, pushing for standards, and continuing to help define the anti-spyware space.
So by delisting WhenU, will user's using Aluria Spyware Eliminator receive no notification or deletion of older versions of WhenU?
Prior to WhenU’s moves toward becoming Spyware Safe, Aluria technology detected and removed all WhenU applications – as such Aluria users do not have older versions of WhenU on their systems. In part because of our efforts, users will know when WhenU is being installed, and all new WhenU software and can be easily and completely removed without an anti-spyware application through add and remove programs.
Since Aluria has declared WhenU "Spyware Safe" for the world, why does America Online insist on keeping them listed for its members? And how can you justify this inconsistent practice?
See above concerning AOL
References:
Exclusive AOL Interview on Aluria and WhenU
Open Letter to Aluria
|
|
|
 |
| "Interviews: Aluria Software Responds to 20 Questions Open Letter" | Login/Create an Account | 0 comments |
|
| | The comments are owned by the poster. We aren't responsible for their content. |
|
|
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 4.14
Votes: 7
|
|
|
