In gist, Donna is punishing Ask Toolbar and its pimps. She's
boycotting Ask Toolbar.
"Event Date: 02-July 09 ends 02-July 11 (Recurring Event)
Due to the inclusion/bundling and/or default (pre-checked) opt-in of
the Ask Toolbar and Ask Search Assistant, it has been determined that
this site will no longer provide update information for the products
of the following vendors:
1. Check Point or ZoneLabs - Delisted. It's no longer offering Ask
Toolbar but Conduit Toolbar with Google Search Assistant. Discussion
here.
2. Webroot - Delisted. Please see the post here. Listed again. See
post here.
3. Comodo - Delisted today (June 12, 2010). See discussion in
http://www.calendaro...howtopic=31254. The EULA was revised by
removing information about HopSurf (Version 4.1.150349.920, June 9,
2010). The setup file do not include HopSurf/Ask Toolbar anymore. The
Comodo website continue to offer HopSurf Toolbar as standalone
installer. Note that HofSurf Toolbar is NOT required. Do not download
it if you don't need it.
4. StopZilla
5. Symantec
6. BitDefender
7. ClamWin
8. IMMUNET - see report here. Delisted: Update: June 22, 2010 -
Immunet announced the removal of Ask Toolbar in its installer. See
information here and here. Another update: Listed AGAIN. See report in
http://www.calendaro...ndpost&p=108415 9. ClamAV
10. Avria AntVir Free - http://www.calendaro...ndpost&p=117421 Added -
June 12th 2011
We highly recommend to users of the products by the said vendor to
ALWAYS check for updates. Their programs are not in any way bad but we
do not want users to be at risk by installing a toolbar that has
questionable reputation. Un-checking the installation of the toolbar
is easy but NOT ALL USERS are advanced users. There are thousands of
BEGINNERS that can fall into installing a questionable toolbar and
most of this thousand of beginners DO NOT know that it is NOT
necessary to install such toolbar to operate the program.
CoU will no longer provide update information for the above-mentioned
vendor's products until the questionable toolbar is found clear by
respected researchers, malware scanners and/or removed from their
installer.
Again, we would like to advise users to manually check for updates or
configure any anti-malware scanner to check for definitions update
prior running a scan. If the program is running its real-time
protection against malware, it is HIGHLY recommended to enable
automatic updates.
Let us hope this list will not grow!
@Software Authors/Developers/Vendors: Users want a security tool. Not
a toolbar. Users know where to download a toolbar (if they need one)
that do NOT have questionable status.
The was originally posted in CoU forums and calendar last year but now
gone due to database issue (sorry for the inconvenience).
Google Cache is here.
Update (June 8, 2009 9:30AM Board Time): The comments on the above is
quite long (many readers might not see the new info) but below is the
recap on why Ask/IAC on any security program is unacceptable to many
of us:
Unnecessary addition and unacceptable method to push the add-on by
"security" software vendors that should provide clean installer
instead of including Adware/Spyware/PUPs. These vendors should focus
in improving their products, fix the bugs and continue to look for
methods in protecting people instead of pushing unwanted toolbar or
search assistant:
1. Symantec did not only add Ask.com Search Assistant in its installer
for new installations or re-install (if the user downloaded the new
installer with Ask.com Search Assistant) but also pushed the Ask.com
Search Assistant together as or with a "patch" or "program update" to
existing Norton users. No option to remove the Ask.com Search
Assistant. They originally enabled Ask.com Search Assistant by default
and later decided to disable it by default but again, no option to
remove the unnecessary Ask.com Search Assistant.
2. ZoneLabs offering free ZoneAlarm: Misleading their ZoneAlarm Free
users by offering Spy Blocker which is actually Ask.com Toolbar which
is not necessary to have the protection by ZoneAlarm.
3. Comodo is offering also Ask.com Toolbar in its installer of Comodo
Internet Security. It was offered too in Comodo Firewall Pro. They
plan to remove the Ask.com Toolbar in Comodo installer but they
continue with their partnership with Ask/IAC by offering HopSurf/Ask
Toolbar. Update (July 3, 2009) - Comodo released the new version of
CIS without SafeSurf anymore but with HopSurf/Ask/IAC Toolbar and yes,
it is pre-checked again so beginners can fall into installing unneeded
and unnecessary third party with questionable status toolbar/service.
Screenshots here. Update: July 18: Please note that CIS do not have
EULA for HopSurf and no EULA for people to read/agree or not about
Ask.com search integration in CIS. There should clear disclosure of
this but Comodo do not has it. They offer 2 EULA online but it is not
linked in CIS installer or HopSurf installation wizard. They claim
another EULA is available which is in PDF format but there is no
mention about Ask.com which obviously misleading because Ask is
integrated in HopSurf Toolbar. They claim that there is a mistake in 2
online EULAs so they modified it now by removing references of IAC/
Ask. Still they failed to realize that it is important for them to
provide clear disclosure on what their HopSurf Toolbar has to offer:
It has Ask.com search, this should be mentioned in EULA.
4. Webroot is offering Ask Toolbar on the installer of Webroot product
(trial version).
5. StopZilla is also offering Ask Toolbar on the installer of
StopZilla
6. BitDefender suddenly offers a free anti-phishing toolbar with
Ask.com Search Assistant. Can't they offer the free anti-phishing
toolbar without Ask?
7. After some weeks of running a poll by ClamWin whether to include or
not Ask Toolbar.. they decided to release the final and for public use
of ClamWin with Ask Toolbar. Discussion here and here.
If the above security software vendors are thinking that Ask.com
Search Assistant and/or Ask.com Toolbar is Harmless... think again by
reading below. How in the world a security software vendor decided to
associate or partner their name to company with below practices?
Privacy Issue
Ask.com Search Assistant or Ask.com Toolbar if in use by people will
send/receive data from the following third party domains:
othersonline.com
ad.doubleclick.net
media.adrevolver.com
everesttech.net
All these is not in the EULA of Ask.com Search or Toolbar
Note: Search/Toolbar of Google, Yahoo and Windows Live do not have to
do what Ask.com is doing when using their search engine.
This is documented by me here and here.
Note: Ask.com offers AskEraser to delete searches that is known
tracked by third party. However, AskEraser does not apply or will not
work in Ask.com Toolbar or Ask.com Search Assistant provided by third
party software like Norton, Webroot, StopZilla, Comodo/HopSurf,
ZoneAlarm, Glary Utilities, FoxIt Reader etc:
Quote
Where does AskEraser work and where does it not work?
AskEraser works if you come directly to Ask.com and perform a search
within the Ask.com search box. It also works on searches conducted on
Ask.com search boxes embedded within Firefox, Internet Explorer and
other browsers. However, even if you have AskEraser enabled, the
feature will not work on searches performed through an Ask.com search
toolbar or an Ask.com search box available on a third-party site or
through third-party software that you choose to install on your
computer and AskEraser will not display as an option.
Screenshot was taken on June 9, 2009 1-09-17 AM (my time which is GMT
+8)
Security Issues in using Ask/IAC business, software or services
1. Documented by MVP Mike Burgess on August 26, 2008:
Quote
Ask routes their Sponsored Result thru Google then redirects to the
(un)desired site ..."avxp-2008(dot)net" is yet another site maintained
by the "Pandora Software Group"
2. One of the business or services by IAC is offering MyFunCards and
MyWebSearch which is also known as Spyware and IAC has no control at
all with their services putting people at risk?
Documented by MVP Mike Burgess on February 23, 2009:
Quote
MyWebSearch (MyFunCards) using the Microsoft format for an Information
Bar prompt ... can't you people come up with anything better that
copying someone else's idea? ... Anyway look at the type of content
(adult video) that they are trying to attract new customers
from ...Not only that ... the prompt is a complete lie! ..."The video
will start after you download it ..." simply clicking the embedded
link in the video will allow the video to play without installing
anything from MyWebSearch ... if you do fall for this deceptive prompt
you end up at their Toolbar install ...
3. Ask Toolbar Critical Vulnerability: Ask Toolbar ToolbarSettings
ActiveX Control Buffer Overflow. If any vendor refuse to fix
vulnerability... it makes you wonder why they will not fix? As far as
we know, vulnerability on software is one of the methods by spyware,
malware and exploiters to infect people's machine. You might argue
that the security vendors created/developed their own toolbar but
added only the Ask.com Search Assistant... well, if there's no other
security and privacy risk and the method of pushing by security
vendors the unnecessary function or feature on security software, you
will think they are serious to secure a person's machine by partnering
with a company with spyware/adware business?
Of course, let's not forget the popular documentation by Ben Edelman
on Practices of IAC/Ask: http://www.benedelma...e/ask-toolbars/ And the new one from Ben Edelman on SmileyCentral which is another
...
In gist, Donna is punishing Ask Toolbar and its pimps. She's
boycotting Ask Toolbar.
"Event Date: 02-July 09 ends 02-July 11 (Recurring Event)
Due to the inclusion/bundling and/or default (pre-checked) opt-in of
the Ask Toolbar and Ask Search Assistant, it has been determined that
this site will no longer provide update information for the products
of the following vendors:
1. Check Point or ZoneLabs - Delisted. It's no longer offering Ask
Toolbar but Conduit Toolbar with Google Search Assistant. Discussion
here.
2. Webroot - Delisted. Please see the post here. Listed again. See
post here.
3. Comodo - Delisted today (June 12, 2010). See discussion in
http://www.calendaro...howtopic=31254. The EULA was revised by
removing information about HopSurf (Version 4.1.150349.920, June 9,
2010). The setup file do not include HopSurf/Ask Toolbar anymore. The
Comodo website continue to offer HopSurf Toolbar as standalone
installer. Note that HofSurf Toolbar is NOT required. Do not download
it if you don't need it.
4. StopZilla
5. Symantec
6. BitDefender
7. ClamWin
8. IMMUNET - see report here. Delisted: Update: June 22, 2010 -
Immunet announced the removal of Ask Toolbar in its installer. See
information here and here. Another update: Listed AGAIN. See report in
http://www.calendaro...ndpost&p=108415 9. ClamAV
10. Avria AntVir Free - http://www.calendaro...ndpost&p=117421 Added -
June 12th 2011
We highly recommend to users of the products by the said vendor to
ALWAYS check for updates. Their programs are not in any way bad but we
do not want users to be at risk by installing a toolbar that has
questionable reputation. Un-checking the installation of the toolbar
is easy but NOT ALL USERS are advanced users. There are thousands of
BEGINNERS that can fall into installing a questionable toolbar and
most of this thousand of beginners DO NOT know that it is NOT
necessary to install such toolbar to operate the program.
CoU will no longer provide update information for the above-mentioned
vendor's products until the questionable toolbar is found clear by
respected researchers, malware scanners and/or removed from their
installer.
Again, we would like to advise users to manually check for updates or
configure any anti-malware scanner to check for definitions update
prior running a scan. If the program is running its real-time
protection against malware, it is HIGHLY recommended to enable
automatic updates.
Let us hope this list will not grow!
@Software Authors/Developers/Vendors: Users want a security tool. Not
a toolbar. Users know where to download a toolbar (if they need one)
that do NOT have questionable status.
The was originally posted in CoU forums and calendar last year but now
gone due to database issue (sorry for the inconvenience).
Google Cache is here.
Update (June 8, 2009 9:30AM Board Time): The comments on the above is
quite long (many readers might not see the new info) but below is the
recap on why Ask/IAC on any security program is unacceptable to many
of us:
Unnecessary addition and unacceptable method to push the add-on by
"security" software vendors that should provide clean installer
instead of including Adware/Spyware/PUPs. These vendors should focus
in improving their products, fix the bugs and continue to look for
methods in protecting people instead of pushing unwanted toolbar or
search assistant:
1. Symantec did not only add Ask.com Search Assistant in its installer
for new installations or re-install (if the user downloaded the new
installer with Ask.com Search Assistant) but also pushed the Ask.com
Search Assistant together as or with a "patch" or "program update" to
existing Norton users. No option to remove the Ask.com Search
Assistant. They originally enabled Ask.com Search Assistant by default
and later decided to disable it by default but again, no option to
remove the unnecessary Ask.com Search Assistant.
2. ZoneLabs offering free ZoneAlarm: Misleading their ZoneAlarm Free
users by offering Spy Blocker which is actually Ask.com Toolbar which
is not necessary to have the protection by ZoneAlarm.
3. Comodo is offering also Ask.com Toolbar in its installer of Comodo
Internet Security. It was offered too in Comodo Firewall Pro. They
plan to remove the Ask.com Toolbar in Comodo installer but they
continue with their partnership with Ask/IAC by offering HopSurf/Ask
Toolbar. Update (July 3, 2009) - Comodo released the new version of
CIS without SafeSurf anymore but with HopSurf/Ask/IAC Toolbar and yes,
it is pre-checked again so beginners can fall into installing unneeded
and unnecessary third party with questionable status toolbar/service.
Screenshots here. Update: July 18: Please note that CIS do not have
EULA for HopSurf and no EULA for people to read/agree or not about
Ask.com search integration in CIS. There should clear disclosure of
this but Comodo do not has it. They offer 2 EULA online but it is not
linked in CIS installer or HopSurf installation wizard. They claim
another EULA is available which is in PDF format but there is no
mention about Ask.com which obviously misleading because Ask is
integrated in HopSurf Toolbar. They claim that there is a mistake in 2
online EULAs so they modified it now by removing references of IAC/
Ask. Still they failed to realize that it is important for them to
provide clear disclosure on what their HopSurf Toolbar has to offer:
It has Ask.com search, this should be mentioned in EULA.
4. Webroot is offering Ask Toolbar on the installer of Webroot product
(trial version).
5. StopZilla is also offering Ask Toolbar on the installer of
StopZilla
6. BitDefender suddenly offers a free anti-phishing toolbar with
Ask.com Search Assistant. Can't they offer the free anti-phishing
toolbar without Ask?
7. After some weeks of running a poll by ClamWin whether to include or
not Ask Toolbar.. they decided to release the final and for public use
of ClamWin with Ask Toolbar. Discussion here and here.
If the above security software vendors are thinking that Ask.com
Search Assistant and/or Ask.com Toolbar is Harmless... think again by
reading below. How in the world a security software vendor decided to
associate or partner their name to company with below practices?
Privacy Issue
Ask.com Search Assistant or Ask.com Toolbar if in use by people will
send/receive data from the following third party domains:
othersonline.com
ad.doubleclick.net
media.adrevolver.com
everesttech.net
All these is not in the EULA of Ask.com Search or Toolbar
Note: Search/Toolbar of Google, Yahoo and Windows Live do not have to
do what Ask.com is doing when using their search engine.
This is documented by me here and here.
Note: Ask.com offers AskEraser to delete searches that is known
tracked by third party. However, AskEraser does not apply or will not
work in Ask.com Toolbar or Ask.com Search Assistant provided by third
party software like Norton, Webroot, StopZilla, Comodo/HopSurf,
ZoneAlarm, Glary Utilities, FoxIt Reader etc:
Quote
Where does AskEraser work and where does it not work?
AskEraser works if you come directly to Ask.com and perform a search
within the Ask.com search box. It also works on searches conducted on
Ask.com search boxes embedded within Firefox, Internet Explorer and
other browsers. However, even if you have AskEraser enabled, the
feature will not work on searches performed through an Ask.com search
toolbar or an Ask.com search box available on a third-party site or
through third-party software that you choose to install on your
computer and AskEraser will not display as an option.
Screenshot was taken on June 9, 2009 1-09-17 AM (my time which is GMT
+8)
Security Issues in using Ask/IAC business, software or services
1. Documented by MVP Mike Burgess on August 26, 2008:
Quote
Ask routes their Sponsored Result thru Google then redirects to the
(un)desired site ..."avxp-2008(dot)net" is yet another site maintained
by the "Pandora Software Group"
2. One of the business or services by IAC is offering MyFunCards and
MyWebSearch which is also known as Spyware and IAC has no control at
all with their services putting people at risk?
Documented by MVP Mike Burgess on February 23, 2009:
Quote
MyWebSearch (MyFunCards) using the Microsoft format for an Information
Bar prompt ... can't you people come up with anything better that
copying someone else's idea? ... Anyway look at the type of content
(adult video) that they are trying to attract new customers
from ...Not only that ... the prompt is a complete lie! ..."The video
will start after you download it ..." simply clicking the embedded
link in the video will allow the video to play without installing
anything from MyWebSearch ... if you do fall for this deceptive prompt
you end up at their Toolbar install ...
3. Ask Toolbar Critical Vulnerability: Ask Toolbar ToolbarSettings
ActiveX Control Buffer Overflow. If any vendor refuse to fix
vulnerability... it makes you wonder why they will not fix? As far as
we know, vulnerability on software is one of the methods by spyware,
malware and exploiters to infect people's machine. You might argue
that the security vendors created/developed their own toolbar but
added only the Ask.com Search Assistant... well, if there's no other
security and privacy risk and the method of pushing by security
vendors the unnecessary function or feature on security software, you
will think they are serious to secure a person's machine by partnering
with a company with spyware/adware business?
Of course, let's not forget the popular documentation by Ben Edelman
on Practices of IAC/Ask: http://www.benedelma...e/ask-toolbars/ And the new one from Ben Edelman on SmileyCentral which is another
...
In gist, Donna is punishing Ask Toolbar and its pimps. She's
boycotting Ask Toolbar.
"Event Date: 02-July 09 ends 02-July 11 (Recurring Event)
Due to the inclusion/bundling and/or default (pre-checked) opt-in of
the Ask Toolbar and Ask Search Assistant, it has been determined that
this site will no longer provide update information for the products
of the following vendors:
1. Check Point or ZoneLabs - Delisted. It's no longer offering Ask
Toolbar but Conduit Toolbar with Google Search Assistant. Discussion
here.
2. Webroot - Delisted. Please see the post here. Listed again. See
post here.
3. Comodo - Delisted today (June 12, 2010). See discussion in
http://www.calendaro...howtopic=31254. The EULA was revised by
removing information about HopSurf (Version 4.1.150349.920, June 9,
2010). The setup file do not include HopSurf/Ask Toolbar anymore. The
Comodo website continue to offer HopSurf Toolbar as standalone
installer. Note that HofSurf Toolbar is NOT required. Do not download
it if you don't need it.
4. StopZilla
5. Symantec
6. BitDefender
7. ClamWin
8. IMMUNET - see report here. Delisted: Update: June 22, 2010 -
Immunet announced the removal of Ask Toolbar in its installer. See
information here and here. Another update: Listed AGAIN. See report in
http://www.calendaro...ndpost&p=108415 9. ClamAV
10. Avria AntVir Free - http://www.calendaro...ndpost&p=117421 Added -
June 12th 2011
We highly recommend to users of the products by the said vendor to
ALWAYS check for updates. Their programs are not in any way bad but we
do not want users to be at risk by installing a toolbar that has
questionable reputation. Un-checking the installation of the toolbar
is easy but NOT ALL USERS are advanced users. There are thousands of
BEGINNERS that can fall into installing a questionable toolbar and
most of this thousand of beginners DO NOT know that it is NOT
necessary to install such toolbar to operate the program.
CoU will no longer provide update information for the above-mentioned
vendor's products until the questionable toolbar is found clear by
respected researchers, malware scanners and/or removed from their
installer.
Again, we would like to advise users to manually check for updates or
configure any anti-malware scanner to check for definitions update
prior running a scan. If the program is running its real-time
protection against malware, it is HIGHLY recommended to enable
automatic updates.
Let us hope this list will not grow!
@Software Authors/Developers/Vendors: Users want a security tool. Not
a toolbar. Users know where to download a toolbar (if they need one)
that do NOT have questionable status.
The was originally posted in CoU forums and calendar last year but now
gone due to database issue (sorry for the inconvenience).
Google Cache is here.
Update (June 8, 2009 9:30AM Board Time): The comments on the above is
quite long (many readers might not see the new info) but below is the
recap on why Ask/IAC on any security program is unacceptable to many
of us:
Unnecessary addition and unacceptable method to push the add-on by
"security" software vendors that should provide clean installer
instead of including Adware/Spyware/PUPs. These vendors should focus
in improving their products, fix the bugs and continue to look for
methods in protecting people instead of pushing unwanted toolbar or
search assistant:
1. Symantec did not only add Ask.com Search Assistant in its installer
for new installations or re-install (if the user downloaded the new
installer with Ask.com Search Assistant) but also pushed the Ask.com
Search Assistant together as or with a "patch" or "program update" to
existing Norton users. No option to remove the Ask.com Search
Assistant. They originally enabled Ask.com Search Assistant by default
and later decided to disable it by default but again, no option to
remove the unnecessary Ask.com Search Assistant.
2. ZoneLabs offering free ZoneAlarm: Misleading their ZoneAlarm Free
users by offering Spy Blocker which is actually Ask.com Toolbar which
is not necessary to have the protection by ZoneAlarm.
3. Comodo is offering also Ask.com Toolbar in its installer of Comodo
Internet Security. It was offered too in Comodo Firewall Pro. They
plan to remove the Ask.com Toolbar in Comodo installer but they
continue with their partnership with Ask/IAC by offering HopSurf/Ask
Toolbar. Update (July 3, 2009) - Comodo released the new version of
CIS without SafeSurf anymore but with HopSurf/Ask/IAC Toolbar and yes,
it is pre-checked again so beginners can fall into installing unneeded
and unnecessary third party with questionable status toolbar/service.
Screenshots here. Update: July 18: Please note that CIS do not have
EULA for HopSurf and no EULA for people to read/agree or not about
Ask.com search integration in CIS. There should clear disclosure of
this but Comodo do not has it. They offer 2 EULA online but it is not
linked in CIS installer or HopSurf installation wizard. They claim
another EULA is available which is in PDF format but there is no
mention about Ask.com which obviously misleading because Ask is
integrated in HopSurf Toolbar. They claim that there is a mistake in 2
online EULAs so they modified it now by removing references of IAC/
Ask. Still they failed to realize that it is important for them to
provide clear disclosure on what their HopSurf Toolbar has to offer:
It has Ask.com search, this should be mentioned in EULA.
4. Webroot is offering Ask Toolbar on the installer of Webroot product
(trial version).
5. StopZilla is also offering Ask Toolbar on the installer of
StopZilla
6. BitDefender suddenly offers a free anti-phishing toolbar with
Ask.com Search Assistant. Can't they offer the free anti-phishing
toolbar without Ask?
7. After some weeks of running a poll by ClamWin whether to include or
not Ask Toolbar.. they decided to release the final and for public use
of ClamWin with Ask Toolbar. Discussion here and here.
If the above security software vendors are thinking that Ask.com
Search Assistant and/or Ask.com Toolbar is Harmless... think again by
reading below. How in the world a security software vendor decided to
associate or partner their name to company with below practices?
Privacy Issue
Ask.com Search Assistant or Ask.com Toolbar if in use by people will
send/receive data from the following third party domains:
othersonline.com
ad.doubleclick.net
media.adrevolver.com
everesttech.net
All these is not in the EULA of Ask.com Search or Toolbar
Note: Search/Toolbar of Google, Yahoo and Windows Live do not have to
do what Ask.com is doing when using their search engine.
This is documented by me here and here.
Note: Ask.com offers AskEraser to delete searches that is known
tracked by third party. However, AskEraser does not apply or will not
work in Ask.com Toolbar or Ask.com Search Assistant provided by third
party software like Norton, Webroot, StopZilla, Comodo/HopSurf,
ZoneAlarm, Glary Utilities, FoxIt Reader etc:
Quote
Where does AskEraser work and where does it not work?
AskEraser works if you come directly to Ask.com and perform a search
within the Ask.com search box. It also works on searches conducted on
Ask.com search boxes embedded within Firefox, Internet Explorer and
other browsers. However, even if you have AskEraser enabled, the
feature will not work on searches performed through an Ask.com search
toolbar or an Ask.com search box available on a third-party site or
through third-party software that you choose to install on your
computer and AskEraser will not display as an option.
Screenshot was taken on June 9, 2009 1-09-17 AM (my time which is GMT
+8)
Security Issues in using Ask/IAC business, software or services
1. Documented by MVP Mike Burgess on August 26, 2008:
Quote
Ask routes their Sponsored Result thru Google then redirects to the
(un)desired site ..."avxp-2008(dot)net" is yet another site maintained
by the "Pandora Software Group"
2. One of the business or services by IAC is offering MyFunCards and
MyWebSearch which is also known as Spyware and IAC has no control at
all with their services putting people at risk?
Documented by MVP Mike Burgess on February 23, 2009:
Quote
MyWebSearch (MyFunCards) using the Microsoft format for an Information
Bar prompt ... can't you people come up with anything better that
copying someone else's idea? ... Anyway look at the type of content
(adult video) that they are trying to attract new customers
from ...Not only that ... the prompt is a complete lie! ..."The video
will start after you download it ..." simply clicking the embedded
link in the video will allow the video to play without installing
anything from MyWebSearch ... if you do fall for this deceptive prompt
you end up at their Toolbar install ...
3. Ask Toolbar Critical Vulnerability: Ask Toolbar ToolbarSettings
ActiveX Control Buffer Overflow. If any vendor refuse to fix
vulnerability... it makes you wonder why they will not fix? As far as
we know, vulnerability on software is one of the methods by spyware,
malware and exploiters to infect people's machine. You might argue
that the security vendors created/developed their own toolbar but
added only the Ask.com Search Assistant... well, if there's no other
security and privacy risk and the method of pushing by security
vendors the unnecessary function or feature on security software, you
will think they are serious to secure a person's machine by partnering
with a company with spyware/adware business?
Of course, let's not forget the popular documentation by Ben Edelman
on Practices of IAC/Ask: http://www.benedelma...e/ask-toolbars/ And the new one from Ben Edelman on SmileyCentral which is another
...
In gist, Donna is punishing Ask Toolbar and its pimps. She's
boycotting Ask Toolbar.
"Event Date: 02-July 09 ends 02-July 11 (Recurring Event)
Due to the inclusion/bundling and/or default (pre-checked) opt-in of
the Ask Toolbar and Ask Search Assistant, it has been determined that
this site will no longer provide update information for the products
of the following vendors:
1. Check Point or ZoneLabs - Delisted. It's no longer offering Ask
Toolbar but Conduit Toolbar with Google Search Assistant. Discussion
here.
2. Webroot - Delisted. Please see the post here. Listed again. See
post here.
3. Comodo - Delisted today (June 12, 2010). See discussion in
http://www.calendaro...howtopic=31254. The EULA was revised by
removing information about HopSurf (Version 4.1.150349.920, June 9,
2010). The setup file do not include HopSurf/Ask Toolbar anymore. The
Comodo website continue to offer HopSurf Toolbar as standalone
installer. Note that HofSurf Toolbar is NOT required. Do not download
it if you don't need it.
4. StopZilla
5. Symantec
6. BitDefender
7. ClamWin
8. IMMUNET - see report here. Delisted: Update: June 22, 2010 -
Immunet announced the removal of Ask Toolbar in its installer. See
information here and here. Another update: Listed AGAIN. See report in
http://www.calendaro...ndpost&p=108415 9. ClamAV
10. Avria AntVir Free - http://www.calendaro...ndpost&p=117421 Added -
June 12th 2011
We highly recommend to users of the products by the said vendor to
ALWAYS check for updates. Their programs are not in any way bad but we
do not want users to be at risk by installing a toolbar that has
questionable reputation. Un-checking the installation of the toolbar
is easy but NOT ALL USERS are advanced users. There are thousands of
BEGINNERS that can fall into installing a questionable toolbar and
most of this thousand of beginners DO NOT know that it is NOT
necessary to install such toolbar to operate the program.
CoU will no longer provide update information for the above-mentioned
vendor's products until the questionable toolbar is found clear by
respected researchers, malware scanners and/or removed from their
installer.
Again, we would like to advise users to manually check for updates or
configure any anti-malware scanner to check for definitions update
prior running a scan. If the program is running its real-time
protection against malware, it is HIGHLY recommended to enable
automatic updates.
Let us hope this list will not grow!
@Software Authors/Developers/Vendors: Users want a security tool. Not
a toolbar. Users know where to download a toolbar (if they need one)
that do NOT have questionable status.
The was originally posted in CoU forums and calendar last year but now
gone due to database issue (sorry for the inconvenience).
Google Cache is here.
Update (June 8, 2009 9:30AM Board Time): The comments on the above is
quite long (many readers might not see the new info) but below is the
recap on why Ask/IAC on any security program is unacceptable to many
of us:
Unnecessary addition and unacceptable method to push the add-on by
"security" software vendors that should provide clean installer
instead of including Adware/Spyware/PUPs. These vendors should focus
in improving their products, fix the bugs and continue to look for
methods in protecting people instead of pushing unwanted toolbar or
search assistant:
1. Symantec did not only add Ask.com Search Assistant in its installer
for new installations or re-install (if the user downloaded the new
installer with Ask.com Search Assistant) but also pushed the Ask.com
Search Assistant together as or with a "patch" or "program update" to
existing Norton users. No option to remove the Ask.com Search
Assistant. They originally enabled Ask.com Search Assistant by default
and later decided to disable it by default but again, no option to
remove the unnecessary Ask.com Search Assistant.
2. ZoneLabs offering free ZoneAlarm: Misleading their ZoneAlarm Free
users by offering Spy Blocker which is actually Ask.com Toolbar which
is not necessary to have the protection by ZoneAlarm.
3. Comodo is offering also Ask.com Toolbar in its installer of Comodo
Internet Security. It was offered too in Comodo Firewall Pro. They
plan to remove the Ask.com Toolbar in Comodo installer but they
continue with their partnership with Ask/IAC by offering HopSurf/Ask
Toolbar. Update (July 3, 2009) - Comodo released the new version of
CIS without SafeSurf anymore but with HopSurf/Ask/IAC Toolbar and yes,
it is pre-checked again so beginners can fall into installing unneeded
and unnecessary third party with questionable status toolbar/service.
Screenshots here. Update: July 18: Please note that CIS do not have
EULA for HopSurf and no EULA for people to read/agree or not about
Ask.com search integration in CIS. There should clear disclosure of
this but Comodo do not has it. They offer 2 EULA online but it is not
linked in CIS installer or HopSurf installation wizard. They claim
another EULA is available which is in PDF format but there is no
mention about Ask.com which obviously misleading because Ask is
integrated in HopSurf Toolbar. They claim that there is a mistake in 2
online EULAs so they modified it now by removing references of IAC/
Ask. Still they failed to realize that it is important for them to
provide clear disclosure on what their HopSurf Toolbar has to offer:
It has Ask.com search, this should be mentioned in EULA.
4. Webroot is offering Ask Toolbar on the installer of Webroot product
(trial version).
5. StopZilla is also offering Ask Toolbar on the installer of
StopZilla
6. BitDefender suddenly offers a free anti-phishing toolbar with
Ask.com Search Assistant. Can't they offer the free anti-phishing
toolbar without Ask?
7. After some weeks of running a poll by ClamWin whether to include or
not Ask Toolbar.. they decided to release the final and for public use
of ClamWin with Ask Toolbar. Discussion here and here.
If the above security software vendors are thinking that Ask.com
Search Assistant and/or Ask.com Toolbar is Harmless... think again by
reading below. How in the world a security software vendor decided to
associate or partner their name to company with below practices?
Privacy Issue
Ask.com Search Assistant or Ask.com Toolbar if in use by people will
send/receive data from the following third party domains:
othersonline.com
ad.doubleclick.net
media.adrevolver.com
everesttech.net
All these is not in the EULA of Ask.com Search or Toolbar
Note: Search/Toolbar of Google, Yahoo and Windows Live do not have to
do what Ask.com is doing when using their search engine.
This is documented by me here and here.
Note: Ask.com offers AskEraser to delete searches that is known
tracked by third party. However, AskEraser does not apply or will not
work in Ask.com Toolbar or Ask.com Search Assistant provided by third
party software like Norton, Webroot, StopZilla, Comodo/HopSurf,
ZoneAlarm, Glary Utilities, FoxIt Reader etc:
Quote
Where does AskEraser work and where does it not work?
AskEraser works if you come directly to Ask.com and perform a search
within the Ask.com search box. It also works on searches conducted on
Ask.com search boxes embedded within Firefox, Internet Explorer and
other browsers. However, even if you have AskEraser enabled, the
feature will not work on searches performed through an Ask.com search
toolbar or an Ask.com search box available on a third-party site or
through third-party software that you choose to install on your
computer and AskEraser will not display as an option.
Screenshot was taken on June 9, 2009 1-09-17 AM (my time which is GMT
+8)
Security Issues in using Ask/IAC business, software or services
1. Documented by MVP Mike Burgess on August 26, 2008:
Quote
Ask routes their Sponsored Result thru Google then redirects to the
(un)desired site ..."avxp-2008(dot)net" is yet another site maintained
by the "Pandora Software Group"
2. One of the business or services by IAC is offering MyFunCards and
MyWebSearch which is also known as Spyware and IAC has no control at
all with their services putting people at risk?
Documented by MVP Mike Burgess on February 23, 2009:
Quote
MyWebSearch (MyFunCards) using the Microsoft format for an Information
Bar prompt ... can't you people come up with anything better that
copying someone else's idea? ... Anyway look at the type of content
(adult video) that they are trying to attract new customers
from ...Not only that ... the prompt is a complete lie! ..."The video
will start after you download it ..." simply clicking the embedded
link in the video will allow the video to play without installing
anything from MyWebSearch ... if you do fall for this deceptive prompt
you end up at their Toolbar install ...
3. Ask Toolbar Critical Vulnerability: Ask Toolbar ToolbarSettings
ActiveX Control Buffer Overflow. If any vendor refuse to fix
vulnerability... it makes you wonder why they will not fix? As far as
we know, vulnerability on software is one of the methods by spyware,
malware and exploiters to infect people's machine. You might argue
that the security vendors created/developed their own toolbar but
added only the Ask.com Search Assistant... well, if there's no other
security and privacy risk and the method of pushing by security
vendors the unnecessary function or feature on security software, you
will think they are serious to secure a person's machine by partnering
with a company with spyware/adware business?
Of course, let's not forget the popular documentation by Ben Edelman
on Practices of IAC/Ask: http://www.benedelma...e/ask-toolbars/ And the new one from Ben Edelman on SmileyCentral which is another
...
