General discussion
Goodbye ClamWin, it was nice while it lasted.
mer 14 oct 2009 23:57:58 UTC — MysteryFCMGoodbye ClamWin, it was nice while it lasted
"I'm sorry to say, I've just received the following e-mail from ClamWin, which means I'll now no longer recommend ANYONE use their software, and will be removing it from all computers I own and/or look after for others."
- Vous devez vous identifier ou créer un compte pour écrire des commentaires
I did not see it coming
jeu 15 oct 2009 00:34:35 UTC — jpvipI saw that on your blog earlier. I could not believe it. I gave up on ZoneAlarm, and several others. Who's next? ClamWin. So much for keeping it GOOD freeware.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
rated
mar 20 oct 2009 00:40:49 UTC — g7wI've rated this site before, but I just commented it as Ethical issues
EDIT:
duh!
-------
WOT Services Ltd. - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W
uhh
lun 19 oct 2009 22:23:57 UTC — jpvipYou rated ClamAV over there, not ClamWin. They are two different products, after all.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
yup :/
mar 20 oct 2009 00:42:05 UTC — g7wThanks, in a rush to leave for dinner... I scanned the other thread too quickly without reading fully.
It's a {GOM} thing, heh. :)
-------
WOT Services Ltd. - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W
Sorry ClamWin...
jeu 15 oct 2009 01:42:38 UTC — jpvipBut, malware is not tolerated. Low risk or no risk...it is still malware.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Not Malware
jeu 15 oct 2009 02:21:52 UTC — AlchI am the Clamwin project admin and I feel I need to defend the malware claims.
It is true that Ask.com did have some shady partners in the past and their previous toolbar was flagged as Potentially Unwanted Application (PUA) before. However their policies have changed about a year ago and the new toolbar is clean. In fact because Ask needs to "clean up" their reputation they are more strict in their terms and conditions and proactive in following them than other vendors.
We did test the included toolbar (totally different from the old PUA version) and did not find ANYTHING wrong with it. No spyware, no behaviour tracking - just a plain toolbar. We would NOT have included it if it was otherwise.
Please test it for yourself and publish the confirmed details of what the toolbar does wrong to deserve MALWARE status before making potentially damaging claims.
Regards,
Alch
Ethical issues
jeu 15 oct 2009 02:40:15 UTC — g7w@ Alch
You're correct there is no malware and maybe Ask.com has "cleaned up their act" However, a product claiming to be open source security closed that claim with the addition of a commercially supported toolbar.
Here's my problem, you force the toolbar upon installation by pre-checking the option, requiring the user to Opt-out. It should be the other way around and leave the option un-checked and require the user to Opt-in. ClamWin, like so many others toolbar additives, expect the user to do a quick install: click "Next" to continue, and bang we're done. Very few now-a-days read the ToS, Privacy Policies, quickly agree to any EULA's provided and with this, they now have FAT (For yet Another Toolbar).
I rated this domain low (red) and placed an Ethical Issues comment
-------
WOT Services Ltd. - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W
I realize
jeu 15 oct 2009 03:44:03 UTC — WarxasThis thread is old. http://www.calendarofupdates.com/updates/index.php...
But I think it sums up the ask toolbar pretty well.
I will NOT be rating ClamWin RED becasue I think the Ask toolbar is not enough to warrant a red.
(A YELLOW in certain circumstances .) But I will not recommend ClamWin.
But in reality I never did. hehe
So much for open-source...
jeu 15 oct 2009 04:14:09 UTC — jpvipCompanies that are open-source do not make money automatically. Because, there is no charge inhibited. The problem is, with Ask Toolbar compensating those who distribute it as PPD (pay-per-download, similar to pay-per-click), the company is earning direct income. Therefore, it is no longer open source. It is reprehensible, and should not be allowed to pass. Stop complaining if you are going to do something so controversial.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Open source and income
jeu 15 oct 2009 07:21:49 UTC — AlchJpvip - a company developing an open source product is not necessarily a charity. There are lots of companies earning direct income from Open Source products and I think there would be very little useful open source programs if it was otherwise.The company behind ClamAV is a public listed company yet it does only open source software.
Also I thought we were clear enough that the main reason why we are partnering with Ask is to fund the development of new features.
Many other ways...
jeu 15 oct 2009 07:39:54 UTC — jpvipThere are much more ways to fund a project than a toolbar. For example, I placed a donation widget from Paypal on my site. The option to select a goal was in play. If someone wants to donate to my project, they can. The users are able to see what the project is for, and then donate.
Why not advertise? Search marketing is the cheapest, and ad networks are costly.
Donating and advertising are the most acceptable. There are others, too. Explore opportunities instead of being so short-sighted and having users install Ask Toolbar. The problem is, the toolbar is pre-checked in the installation. During the install, I noticed the installer was calling back to Ask to note an installation...therefore making ClamWin spyware. Ask Toolbar has always been spyware/adware - and any other claims are skewed.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Also...
jeu 15 oct 2009 05:59:15 UTC — jpvipAlso, as soon as ClamAV finishes up the newest version of Win32, then I can tell people not to use ClamWin, but to use ClamAV for Win32. http://www.clamav.net/download/packages/packages-w...
I have posted a formal investigation on it: http://www.helpmyos.com/bad-companies-investigatio...
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Hais
jeu 15 oct 2009 12:18:26 UTC — LiVeRpUdLiAn932Always trusted Clamwin :\
Somehow this reminds me of Comodo.
edit: I don't know if this should be posted in this thread, but I'm curious. Is siteadvisor considered spyware/adware since its 'Safe search' toolbar does not actually search for safe material but actually is a Yahoo search toolbar?
You'll Never Walk Alone
umm...
jeu 15 oct 2009 15:26:51 UTC — jpvipI don't remember Yahoo toolbar being spyware. I think it is just Ask Toolbar. The only bad part about Ask Toolbar is that it sends data through a private stream about you or your computer - to three data loggers, also logging the data for its own.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Problem is
ven 16 oct 2009 07:16:34 UTC — LiVeRpUdLiAn932McAfee Siteadvisor claims that it is a Safesearch toolbar. It doesn't even say anything about it being from Yahoo.
You'll Never Walk Alone
Open Source
jeu 15 oct 2009 15:43:42 UTC — evilfantasyA bit off topic here and I'm not siding with anyone. Just making a point.
Don't let the word open source fool you! Unless you are a very, very small project there is big money backing both open and closed source coded software. Your silly if you think that Mozilla and Linux got where they are working for free.
Free and Open Source are two totally different things.
first foxit reader, applian,
jeu 15 oct 2009 18:08:05 UTC — demonluofirst foxit reader, applian, utorrent, comondo & now, clamwin?
ask toolbar sure got alot of $ to bribe/sponsor the software developer...
ps: i hate to untick the ask everytime i see it on the installation screen (so troublesome),
I'm with Alch and Clamwin on this
jeu 15 oct 2009 23:49:13 UTC — amishrabbitThe companies which now bundle a browser toolbar with an anti-malware product now include:
Symantec
Trend Micro
CA
Sunbelt
Webroot
Clam
Probably others, I haven't checked.
These companies typically bundle either Google or Ask. Both Google and Ask are generic search engines, as far as I'm concerned. You can have privacy concerns about their (the search engines') business practices, but when a reputable security firm bundles this software with their own product, I think it's fair to say that the anti-malware company has much more to lose and (probably) has done whatever technical due-diligence is required to ensure that the software will not harm its users' PCs.
Other software companies are doing the same thing:
Adobe, bundles Google
Apple, bundles Quicktime and a bunch of its other software
The bottom line is, search engines are making a lot of money, but software companies aren't making profits like they used to. They ink these deals to help their own bottom line. And you can bet that the pre-selected checkbox is a requirement in that contract.
That said, you can UNSELECT THE CHECKBOX. It's not hard, you just do it and nothing unexpected happens. You just uncheck it. Done, no problem.
It would be wonderful if we could all do this work for free, but someone, somewhere needs to pay the bills so we can all live. These toolbars keep these companies in business by providing revenue.
Conflating this with Comodo, who sell certificates to anyone no questions asked, is really doing a disservice to the anti-malware companies. It's not as though Clam has decided to partner up with Antivirus 2010 or the Russian malware gangs. Such twisty knickers!
Include a few others...I will list them...
ven 16 oct 2009 00:34:38 UTC — jpvipThese are companies that include some kind of toolbar, not necessarily Ask.
Comodo
AVG
iolo
PC Tools
Spyware Terminator (distributes malware, dummies)
Checkpoint/ZoneAlarm
===========================================
So who are the only ones who have NOT decided to distribute a toolbar?
ESET, ALWIL, AhnLab, Aladdin, Antiy, BitDefender, Avira, Authentium, BullGuard, Cisco, Dr Web, F-Secure, Emsi, Fortinet, Frisk, G-Data, Kaspersky, Microsoft, Malwarebytes, Kingsoft, McAfee, Panda, PrevX, Rising, Sophos, SuperAntispyware, and VirusBlockAda.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
nice info...
ven 16 oct 2009 09:17:20 UTC — demonluonice info...
What's your point?
ven 16 oct 2009 22:58:46 UTC — amishrabbitThat somehow, Comodo, AVG, Iolo, PC Tools (which is owned by Symantec, btw), and Checkpoint (which licenses the engine from CA or Trend, I can't remember) are somehow untrustworthy now, or fall in the same bucket as a known rogue antivirus?
Because they distribute the Ask toolbar or Google toolbar.
I call bullshit.
You also left out a few vendors who include toolbars.
Re: What's your point?
ven 16 oct 2009 23:12:40 UTC — WarxasThey aren't trustworthy.
If they want to distribute a toolbar, then chose a non-malicious one.
Like Google's or even Yahoo's!
Ask IS malware, simple as that. http://www.virustotal.com/analisis/4228da28ef528a7...
I'm going to make it clear
lun 19 oct 2009 20:15:18 UTC — amishrabbitI'm going to make it clear that I do NOT work for Ask.com or benefit directly from their company.
What is your classification criteria?
Those VT results are bogus. VBA is calling it "Myway" which is a completely different company. So that's an FP. McAfee calls it a PUP, which means you might not want it, but that doesn't make it malicious. DrWeb's "Backdoor.Trojan" is both vague to the point of being a false positive, and completely wrong, as the Ask toolbar doesn't have any backdoor functionality.
I'm willing to grant that any browser toolbar -- Yahoo and Google's included -- are "potentially unwanted" but in no way does that mean they're actively malicious. And certainly the fact that a company otherwise does superb work as a free antimalware solution should count for SOMETHING.
I see this as a case of Clam needs to pay the bills, or it will vanish forever, so it's making a compromise. It is not a black and white issue. They are not getting in bed with some sort of "enemy" -- Ask.com is the #4 search engine, after Bing, according to Comscore. They could not possibly get to that adoption rate if the company's actions were considered user-hostile.
Would you characterize Google Toolbar as a backdoor? It updates itself automatically on a schedule, with no notice to the user; It tracks your web searches and associates your online behavior with a static, unique identifier; Data gleaned from searches and browsing can be used to correlate specific facts about the unique, identifiable user who's running the toolbar. And that's just if you haven't signed up for a Google account, in which case your entire browsing and search history are stored indefinitely.
My point is, you're making a bogus distinction of Ask.com vs. Yahoo and Google, based on ancient history and misinformation. Once again, I call bullshit. Own up to your criteria and explain yourself; don't just repeat the same, tired, playground-grade logic (which sums up to "it's bad because it's bad because someone said it's bad, just because. Nyah!") as your justification.
If you can, convince me otherwise. Offer substantial, quantifiable, and independently-confirmable proof. "They aren't trustworthy" is not a valid argument in the absence of any evidence.
Re: I'm going to make it clear
lun 19 oct 2009 22:48:28 UTC — WarxasIf you don't work for ask then why do you care so much?
Just type in ask to and the third result is "Ask Toolbar Removal" the sixth result is "Ask Toolbar Spyware" and the eight result is "Ask Toolbar Uninstall" That should tell you something right there.
You want proof? Fine, here is some;
http://forums.cnet.com/5208-6132_102-0.html?thread...
http://forums.cnet.com/5208-6132_102-0.html?thread...
http://www.prevx.com/filenames/X25035497991507839-...
And look at Deborah S's comment on Ask.com.
Do you want to "call bullshit" on her too?
If you read my earlier post, you'd see that I did NOT rate or comment on ClamWin.
Like I said, I would not recommend Clamwin, but I wouldn't tell someone not to get it either.
BTW I am not mad, just don't understand why you want to push Ask so much?
Recent results from malware test...
lun 19 oct 2009 23:01:15 UTC — jpvip14/42 scanners report spyware. Sorry fellas...lol
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Ooh post those results
lun 19 oct 2009 23:06:37 UTC — WarxasOoh post those results please! :D
Results
mar 20 oct 2009 01:00:21 UTC — jpvipJust read this PDF by Sunbelt, it should help all of you understand why IAC/Ask.com is far from clean: http://www.sunbelt-software.com/ihs/alex/aj.pdf
Ask.com's new AskEraser was blamed to be a tracking tool and is quite the opposite of what it specified to be.
RESULTS (cannot guarantee detection of new installer, this is for the normal install):
McAfee: PUP ASKtoolbarSPY
VBA32: Signed-AdWare.Win32.MyWay.ad
DrWeb: BACKDOOR.trojan (yeah right)
A-Squared and Ikarus: Signed-AdWare.Win32.MyWay.ad!IK
Comodo: Unclassified Malware and not-a-virus:AdWare.Win32.MyWay.ac
Panda: Suspicious File
PC Tools: Adware.MyWay!ct
Ikarus: not-a-virus:AdWare.Ask
Avira: ADSPY/Ask
Fortinet: Misc/Mywebsearch
Webwasher-Gateway: Ad-Spyware.ask
Sunbelt Vipre: PUP AskToolbar
Malwarebytes: Adware.MyWebSearch
Unspecified-Beta-Product: AdTrackSpy:Ask.com/IAC - sec.provider
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Sunbelt PDF link
mar 20 oct 2009 01:10:39 UTC — g7wIS that outdated?
It was created 12 SEP 2005 = 4 years ago.
Do they offer anything more current?
-------
WOT Services Ltd. - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W
mmmm
mar 20 oct 2009 02:05:30 UTC — jpvipDid not see anything...let me look...
http://sunbeltblog.blogspot.com/2009/02/here-comes...
Latest info by Sunbelt. See the comments as well.
No specific info found.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
2005
mar 20 oct 2009 22:02:36 UTC — amishrabbitFour years have passed, during which time Ask was sold, and has entirely new management and a different business model
I'm not denying that several years ago, the company made some dodgy shiat, but they don't anymore, and you're still throwing that old bogeyman in everyone's face.
I'll quote Alex:
Is Ask so terrible? Well, they have a history, which to their credit, has really been cleaned up. Perhaps it’s unfair that some of us in the business have long memories. But now that Symantec has effectively lowered the bar, expect a lot more of this type of bundling by companies anxious to add more dollars to a tight P&L.