Stealware: Kazaa et al Stealing Link Commissions 684
goombah99 writes "We all heard about spyware, well now Kazaa, Morpheus and LimeWire are sneaking a new type of nastiness onto your computer, software that - without you even knowing it - redirects commissions for online purchases you make from other vendors you make back to them. For example, if you buy a CD from an affiliate of Amazon.com, say some charity, the software fools Amazon into crediting the commission to Morpheus, not the charity! The story quotes a LimeWire Developer who admits 'While I agree that this is really a
bit of a scam, it is a way for us to pay salaries while not adversely affecting our users.' The insidious part is the stealware
program remains even if you delete the original P2P software. And you supposedly gave your permission when you clicked through the EULA."
Kazaa Lite (Score:4, Informative)
People *still* use that crap? (Score:5, Informative)
Re:just great... (Score:2, Informative)
It's already been done [kazaalite.com].
Re:just great... (HOW TO REMOVE) (Score:5, Informative)
A Software Cleanup
Computer users who want to remove shopping software from their machines can do so in a few steps. Instructions for removing three of the most common programs:
BUYERSPORT - The shopping software with Morpheus:
Click the Start button.
Click on Find.
Click on Find Files or Folders.
Type in mbho.dll. Click on find now. When the file appears in the directory window, drag mbho.dll into the trash.
LIMESHOP - The software with LimeWire:
Click the Start button.
Click on Settings.
Click Control Panel.
Double-click Add/Remove Programs.
Click LimeShop.
Click Add/Remove.
SAVENOW - The software used by Kazaa:
Click on Start.
Click Settings.
Click on Control Panel.
Double-click on Add/Remove Programs.
Click SaveNow.
Click on Add/Remove.
Gnucleus (Score:5, Informative)
You can beat them. (Score:5, Informative)
Using AdAware to delete cydoor.dll will likely leave your P2P client not working. That's where the dummy cydoor.dll [cexx.org] comes in. It allows the client to start without providing any of the unwanted cydoor functionality.
For more info on spyware and scumware in general, check out the quite wonderful Counterexploitation [cexx.org] site...
Hope this helps...
Furthurnet.com (Score:5, Informative)
Furthurnet.com is a system where fans of bands which allow bootlegging of live concerts post full sets from those shows.
Pros:
*Free, no ads, no spyware, nothin
*Legal - music is only by bands who approve
*New stuff - you can get stuff no on CD's yet
*Live stuff - could be a plus or minus depending on the artist, but its a new perspective.
Cons:
*Bigger - they're recorded in a non-lossy format shn, so a full concert is anywhere between 200-600 meg
*Recording quality not as good - depending on the band, the recorder and show, the acoustics and equipment aren't as good as live CD's and certainly not as clean as studio.
*Fewer artists
I just discovered this a few days ago looking for Jack Johnson stuff. I love it. Take a look. Its on Win and linux (maybe Mac too, not sure)
Re:Suggestions for the not-so-techincally adept? (Score:3, Informative)
Use vmware (Score:3, Informative)
Re:Fer Chrissake, it's FRAUD! (Score:5, Informative)
s178BA - Obtaining money by deception - 5 years
s178BB - Obtaining money etc by false or misleading statements (it doesn't require the statement to be in writing, false claim as to referrer will definitely count) - 5 years
s180 - Causing payment etc by false pretence etc (the false referrer will count here too) - 5 years
This could be prosecuted under any one of these.
How to rid of it (Score:2, Informative)
It's against the affiliate agreement for amazon. (Score:5, Informative)
Section 5, at the end:
In addition, you may not: [snip] (b) read, intercept, record, redirect, interpret, or fill in the contents of any electronic form or other materials submitted to us by any person or entity;
Re:The price of freedom. (Score:3, Informative)
>that is allowing them to distribute and download
>music that a lot of the major companies don't want
>you to do?
Insightful.
>I'm uneffected by this because i'm a happy WinMX
>user. I've never had a problem whatsoever, unlike
>AudioGalaxy and Bearshare (this is awhile ago) that
>deleted some of my system files, thus making me
>have to reformat!
Yeah, isn't that something? It's faster to reformat a Window's partition than it is to deltree c:\windows and c:\progra~1. It takes hours to deltree and mere minutes (usually) to format.
I just boot LOAF (Linux on a Floppy) if I have to rm -fR the windows and the program files dirs on a windows partition... much much faster.
As for the stealing of commissions intended as charitable contributions, I have no first hand information on it but... if it is going on, it diminishes the spirit of charitable giving and probably breaks the law. Flame on!
Gnucleus (Score:2, Informative)
http://www.gnucleus.com/
http://gnucleus.sourceforge.net/
And it's Not Evil.
Unlike many file sharing systems, Gnucleus is not run by a company. This project has been active for over a year and no one has made a dime of it. We do not want your money, we want your support in development and making this program something great. Few windows programs are open-source, this is one of the few, because of that it is impossible for us to ever charge you for this program or future versions. I make this program out of my need for a honest file sharing system.
The article (Score:1, Informative)
By JOHN SCHWARTZ and BOB TEDESCHI
ome popular online services are using a new kind of software to divert sales commissions that would otherwise be paid to small online merchants by big sites like Amazon and eToys.
Critics call the software parasite-ware and stealware. But the sites that use the software, which is made by nearly 20 companies and used by dozens, say that it is perfectly legal, because their users agree to the diversion.
The amounts involved are estimated by those in the industry to have mounted into the hundreds of thousands of dollars and are likely to continue to grow -- in part because most users are unaware that the software is operating on their computers.
Advertisement
There is no cost to the customer, but those who run small Web sites that funnel sales to the big merchants say that they are being hurt. "It's painful when someone walks in and takes sales right from under me," said Shawn Collins, who runs a number of sites that feed customers to Amazon and other merchants. "I probably saw a drop-off of 30 percent in income for the past six months."
The diversion begins when consumers get software from the Internet that helps them swap music or other files, or find bargains online. As they install the software, they are asked whether they would also like to show support for the software maker by shopping through an online affiliate program. These programs typically give a percentage of each purchase back to the affiliate -- in this case, the software maker -- as a commission.
What the consumers are not told clearly is that if they agree to participate, their computers may be electronically marked: all future purchases will look as if they were made through the software maker's site, even if they were not.
In many versions of the software, a purchase will look as if it was made through the software maker's site even if the shopper came in through another site that has its own affiliate agreement with the online store in question. Those affiliate sites include small businesses and even charities that use affiliate links as fund-raisers.
Some version of the diversion software is used by some of the most popular music trading sites that have tried to fill the void left by the collapse of Napster, including Morpheus, Kazaa and LimeWire. The companies say their software has been downloaded by tens of millions of Web surfers.
Although estimates are hard to come by, those in the business say that the amount of money involved could be large. The affiliate market, in which smaller sites funnel sales to larger ones in return for commissions, accounts for roughly 15 to 20 percent of the estimated $72 billion online market, said Carrie Johnson, an analyst with Forrester Research. A successful affiliate Web site can make $60,000 a month from referrals alone, said Haiko De Poel Jr., chief executive of Abestweb, an online forum devoted to affiliate marketing. He has organized owners of sites to fight Morpheus and others.
A spokeswoman for Amazon, which has 800,000 affiliate sites feeding it customers, said the company worked to protect those sites from hijacking. "We don't allow sites that use a download or a tool to redirect a shopping session to their account if they do not initiate the shopping session," said the spokeswoman, Patty Smith. "We've kicked out a number of sites for doing that."
Last week, Amazon cut off affiliate payments to Morpheus, one site that employs the shopping software, said an online executive. Coldwater Creek, an online clothing store, has also blocked Morpheus.
Some companies that make and use the diversion software said they were rewriting the programs so that they would no longer take money intended for others. But these changes may not affect copies of the software already installed on millions of computers. "We're not interested in stealing any Web site's revenue," said Greg Bildson, chief operating officer for LimeWire. "We know that this is sort of a new and sort of strange area, but we're interested in doing the right thing." He referred calls to TopMoxie, the maker of the software that LimeWire uses to get affiliate money.
Patrick Toland, a vice president for sales and marketing at TopMoxie, said that the company did not intend for its software to displace other affiliates' rights and that his company had altered the software in the last two weeks to stop substituting its affiliate identification code for those of other sites. "The second we realized this is a problem, we turned that boat around and said, `Let's get this out,' " he said. He added that the amount of money involved was minuscule.
Mr. Toland attributed the losses that the Web sites claimed to a tougher marketplace for small players.
Morpheus referred inquiries to Wurld Media, which operates its shopping rebates program. Kirk H. Feathers, the chief technical officer of Wurld Media, said that it had been wrongly accused of stealing and that the company would readily go to court to defend itself.
He acknowledged that an earlier version of the company's software did divert commissions away from other affiliate sites but said that new versions dealt with that situation. Now, the company said, the softwareoffers a choice to the consumer before each purchase: whether to give the commission to the affiliate or to himself in the form of a rebate, with a portion of the rebate going to Morpheus. The software does not misrepresent the user's computer to sellers' sites, Mr. Feathers said.
Arguments that the diversions are somehow the fault of an unintentional flaw do not persuade Erik Petersen, the chief technical officer at an Internet security company, Polar Cove, in Providence, R.I. Mr. Petersen said that he had received complaints about TopMoxie and LimeWire from friends and took a closer look. After conducting a detailed analysis of the software, he concluded that the TopMoxie program was intricately designed to substitute its affiliate identification code for that of other sites as transactions were made. He said that the program remained on the computer even if the user removed the original LimeWire music sharing software. "I don't buy their explanation," he said. "What kind of accident is that?"
Mr. Petersen also pointed to a statement made in an online forum where the technology was discussed, in which a LimeWire developer characterized accusations that the software diverts money as "pretty accurate," but said, "While I agree that this is really a bit of a scam, it is a way for us to pay salaries while not adversely affecting our users."
A chief executive of one software company was similarly unapologetic about the diversion of commissions. "We look at affiliates as competitors," said Avi Naider, the chief executive of WhenU.com, which makes the diversion software used by the music swapping services Kazaa and BearShare. The software, he said, provides services to users and money to each company "so it doesn't have to charge" for the currently free software and services.
The companies also argue that consumers give consent to the terms of the contract when they download the software, whether they read the agreement carefully or not. An expert in online consumer protection said the companies had a point. In the case of the LimeWire agreement, for example, "there does seem to be some indication to the user of what's going on," said David Medine, a Washington lawyer and former Federal Trade Commission official.
Mr. Medine said that he was, however, uncomfortable with the degree of disclosure. "The question is whether the quality of the notice is as good as it could be," he said. "They don't tell you that it's interfering with other business relationships."
Jeff Pullen, the president of Commission Junction, a company that helps link affiliates with Web sites, said that he was not inclined to cut off companies that divert commissions if the customer has agreed to the diversion. "The tactics that they use, maybe they're on the edge," he said. "Maybe, personally, I don't find them particularly attractive. But if they aren't illegal, it's hard for me to point to my public service agreement and say, `I have a reason to kick you off my network.' "
Still, other online merchants are taking action after being confronted by angry affiliates -- and they find that they are dealing with a moving target. TigerDirect, an online computer and electronics store, blocked Morpheus from its program earlier this year after discovering that the company was diverting online commissions. "I obviously thought it wasn't honorable," said Andy Rodriguez, the company's manager of affiliate marketing. "They said, `It's our right.' I said, `It's our right to remove you.' "
Morpheus changed its software, Mr. Rodriguez said, but a few weeks ago TigerDirect noticed that sales through Morpheus were "going through the roof" at the same time that many affiliates were complaining of a drop in commissions. So he blocked them again. "Guys at Morphus wanted a piece of the pie for each of our sales," he said. "I'm sorry. Absolutely not.
The diversion programs have made life difficult for affiliate marketers in the last year, said Steve Messer, chief executive of LinkShare, a company that runs a major affiliate network. But he sees a silver lining. "It's showed affiliate marketing has come of age," Mr. Messer said. "If you look at it, the volume of transactions passing through LinkShare's affiliate marketing got so big that when affiliates get upset, the largest merchants in the world react. If it's just a few dollars, nobody would've noticed."
LinkShare is working with other companies in their market to come up with industry standards to govern ethical practices in online advertising, Mr. Messer said. "For some people, WWW stands for the Wild, Wild West," he said. "Hopefully, that's coming to an end."
Re:I guess Amazon will be changing their contract. (Score:4, Informative)
you may not: [..] read, intercept, record, redirect, interpret, or fill in the contents of any electronic form or other materials submitted to us by any person or entity;
This should be enough to boot any account from amazon that has transactions coming from altering affiliate links. I'm starting to wonder how much my site 'lost' due to things like this.
Re:Moral issues anyone? (Score:5, Informative)
Just use winMX (Score:3, Informative)
It's a much better client than morpheus/kazaa, its network size has passed the threshold to be useful.
What it basically says... (Score:3, Informative)
"By signing this contract you allow us to steal from your neighbor."
This is the same thing, period.
First, it asks the permission to someone not related to the contract's target, which is illegal. (You cannot have a contract that says: By signing this, you agree that your friend X owes us XX bucks.)
Second, stealing is illegal.
So, it doubly illegal!
This is just sick.
Re:What it basically says... (Score:2, Informative)
Fucking disgusting thing to do, but Im not convinced that its as clearly illegal as some people think. By aggreeing to the EULA, you agree to the installation and operation of this software and you know about its presence and function.
Removing spyware (Score:2, Informative)
http://download.com.com/3120-20-0.html?qt=spyware& tg=dl-2001 [com.com]
I would personally recommend Lavasoft Ad-Aware from Lavasoft.de [lavasoft.de]. "Ad-aware is a free multi spyware removal utility that scans your memory, registry and hard drives for known spyware and scumware components and lets you remove them safely. It is updated frequently. If you are new to Ad-aware, we recommend you read the getting started tutorial."
Don't forget to download the Reference file Updater [lavasoft.de] v2.01 for Ad-aware.
Re:Dancing with the devil (Score:2, Informative)
This is the problem.
Re:Victimless crime? (Score:4, Informative)
Their diversion of cash does hurt the customer.
Many co-op preschools in my area, in order to be able to charge less tuition money, permit parents to agree to engage in a certain amount of fundraising. Among the options available is to sign up for Schoolpop [schoolpop.com], at which point the school gets a quite generous cut of commissions for purchases on Amazon and similar sites.
However, if the KaZaa folks steal the commissions, the parent is liable, since the parent must raise some minimum amount (yes, Schoolpop provides the data to the school so the school knows who's raised the money for them). In cases like this, which are quite common, the KaZaa folks and their hitchhikers are directly stealing from their users, as well as from schools and charities.
Re:What did you expect (Score:2, Informative)
Please, stop calling theft. When I walk up to you, snag the cd from your hand and walk away, that is theft. When I walk up to you, borrow your cd, put it into my handy-dandy portable TiBook and rip it to OGG or MP3 and walk away, now that is copyright infringement. One involves a tangible object, the other is dealing with a something more abstract than a physical object.
Re:What it basically says... (Score:2, Informative)