========================================
ED FOSTER'S GRIPELOG
The Reader Advocate Column
========================================

In the Company of Spyware

Tuesday, April 4, 2006
By Ed Foster

What do such pillars of American enterprise as Chase, Citi, Sprint, T-Mobile, Travelocity, and United Airlines have in common? Well, at least for one thing, they are all advertisers with adware vendor Direct Revenue. Which means of course that they are all helping fund the plague of intrusive software that threatens the security of our computers and the Internet.

Last week spyware expert Ben Edelman published the results (http://www.benedelman.org/news/033106-1.html) of tests he ran to see which ads would show up on a machine infected with Direct Revenue's software. He documented 21 prominent advertisers: Autoweb, Blockbuster, BMG Music, CarsDirect, Cendant's CheapTickets, Chase, Citi, eHarmony, Howard Johnson, Netflix, Netzero, HSBC's Orchard Bank, People PC, Sage Software, Sprint/Nextel, Super 8 Motels, T-Mobile, Travelocity, True.com, United Airlines, and Vonage.

Edelman's report comes on the heels of a report (http://www.cdt.org/headlines/870) issued by the Center for Democracy & Technology (CDT) about the advertisers for another big adware vendor, 180Solutions. Edelman, who also documented the advertisers for CDT's report, couldn't help but notice some patterns beyond the fact that several companies -- eHarmony, Netflix, Netzero, PeoplePC and True.com -- showed up as advertisers with both Direct Revenue and 180Solutions. Not only did some advertisers appear with alarming frequency, they did so through veritable maze of distributor and/or affiliate relationships.

The company that clearly appears to be most addicted to spyware advertising is Netflix, although Edelman stops short of definitively saying it is the biggest user of spyware adveristing. "Netflix ads appear through literally every single ad-delivering spyware program I have ever looked at in reasonable depth," Edelmen says. "And Netflix usually funds these spyware vendors through multiple channels. For example, Netflix hires aQuantive's Atlas DMT to promote Netflix, and aQuantive hires Specificclick.net. But Netflix also hires LinkShare, which has a relationship with adprofile.net, which has a relationship with Adsprve1, which has a relationship with MyGeek, and so forth."

One result of these complex distributor relationships is that a company like Netflix can claim it didn't know its advertising would show up on a particular adware network. Netflix tried to tell the CDT that the example ad it had found was "unique and random" -- even though multiple Netflix ads continued to appear in Edelman's testing after Netflix made that statement. And it's not just Netflix. "Vonage, for example, is also remarkably widespread, as is CheapTickets," says Edelman. "Both of these fund spyware through multiple advertising channels, just like Netflix. These multi-channel spyware advertisers are deeply enmeshed in the spyware problem. Even if one part of a company decides spyware is bad and kicks it out of their marketing channel, the spyware vendors can still get paid through the other channels."

But just a cursory glance at the Direct Revenue ads in Edelman's study reveals another, and even more disturbing, pattern: many of these companies are running ads that compete for the same market. Chase, Citi and Household/Orchard Bank are offering credit card accounts; Sprint, T-Mobile, and Vonage want sign-ups for their telephony services; Cheap Tickets, Travelocity, and United Airlines hope to book a flight; Netzero and PeoplePC tout low-cost ISPs, Howard Johnson and Super 8 have motel rooms to rent, Autoweb and CarsDirect want to sell you a new set of wheels, and eHarmony and True.com suggest they can set you up with a date. Why is that a problem? Keep in mind that all this isn't just clean, competitive marketing. After all, the whole point for a company advertising with a Direct Revenue is to get their ads to pop up when the user might be about to visit their competitor's website.

In other words, these advertisers really are spending this money with Direct Revenue and its affiliates to try to steal each other's traffic. "Adware advertising is a vicious cycle," says Edelman. "When a company hires an adware vendor to promote its site, the adware vendor almost always targets the site's competitors. So visit T-Mobile on a computer with Direct Revenue installed, and you'll likely get advertising for Sprint. Then visit Sprint, and you'll see ads for T-Mobile. It's clear why the adware vendors like this system -- they make money no matter what happens. But for advertisers, the benefits are far less obvious -- big money spent on adware, yet advertisers would probably be better off in a world where adware didn't exist at all."

And don't forget -- along with the big money these advertisers are so foolishly spending on adware, there's also the money and the considerable time the rest of us are having to spend on anti-spyware software, cleaning up infected PCs or corporate networks, reading spyware EULAs, and learning how to identify the latest surreptitious methods for sneaking these software intruders past us. The 21 companies who have allowed their ads to appear on Direct Revenue's network, and all the other advertisers on the spyware/adware networks, should find themselves with one more thing in common. And that should be the loud and clear message, delivered by all of us through the marketplace, that this kind of "marketing" not only harms those of us who they want as their customers, it is also the worst imaginable form of stupid business on their part.

========================================

Read this column on-line and post your comments at http://www.gripe2ed.com/scoop/story/.../4/03038/17313 or write me directly at Foster@gripe2ed.com.

========================================

========================================

Copyright 2006 Ed Foster's GripeLog. You are granted permission to forward this column to friends who would have an interest in this topic. To subscribe or unsubscribe to this newsletter, please visit:
http://www.gripe2ed.com/mailman/listinfo/edfoster