StopBadware: Difference between revisions
No cites at all - looks like original research. |
m spelling fixes |
||
| Line 37: | Line 37: | ||
#* Then, obtaining the user's affirmative consent to that aspect of the application. [http://www.stopbadware.org/home/guidelines] |
#* Then, obtaining the user's affirmative consent to that aspect of the application. [http://www.stopbadware.org/home/guidelines] |
||
Stopbadware takes the position that software is badware if it does certain prohibited things, despite any |
Stopbadware takes the position that software is badware if it does certain prohibited things, despite any disclaimer in an [[EULA]] or purported consent by the user. "Silently downloading" and |
||
"Installing additional software without informing the user of the identity and purpose of that software (bundling)" are examples of such prohibited behavior. |
"Installing additional software without informing the user of the identity and purpose of that software (bundling)" are examples of such prohibited behavior. |
||
| Line 49: | Line 49: | ||
==Criticism== |
==Criticism== |
||
{{verify}} |
{{verify}} |
||
StopBadware has drawn broad and damning criticism from the IT professionals, particularly those involved in consumer internet security for the manner in which it receives and deals with complaints. An |
StopBadware has drawn broad and damning criticism from the IT professionals, particularly those involved in consumer internet security for the manner in which it receives and deals with complaints. An anonymous complaint lodged at StopBadware.com is not investigated for it's validity until the site's owner specifically requests it, a process taking anything up to ten days during which potentially libelous statements remain in print, with the very real risk of personal and financial loss for companies and individuals affected. |
||
Google, StopBadware's partner, to whom it extends carté blanche to level unproven accusations using it's name for |
Google, StopBadware's partner, to whom it extends carté blanche to level unproven accusations using it's name for anecdotal weight has deepened criticisms, as Google's own vetting procedure which StopBadware accepts to be sound with total credulity, despite the obvious conflict of interest that arises from Google being a corporate sponsor of StopBadware; a practice which has led to many legitimate websites operating no malware whatsoever to be accused of potentially harming a user's computer. Such examples include several websites owned and administrated by official departments of the government of the Philippines, Matt Groening's Life in Hell website and a respected independent anti-spyware website Adwarereport.com |
||
The difficulty faced by a site owner in having such flags removed is a source of yet further criticism as frequently, Google will tag a site as being |
The difficulty faced by a site owner in having such flags removed is a source of yet further criticism as frequently, Google will tag a site as being potentially harmful, referring a user to StopBadware.com for validation of why, only to find that StopBadware.com has no file on the website in question at all. Requesting that either Google, StopBadware.com or both remove such claims is subject to an online request which may take between ten days and three weeks to take place, for which a site owner receives no validation that the matter will be dealt with, no temporary removal of accusations while the evidence is examined and no apology or retraction issued when the complaint is found to be in error. Attempts to contact either Google or StopBadware.com by the provided email contact details receive only automated responses insisting that a high volume of email prevents any reply being made. |
||
==Google and Badware== |
==Google and Badware== |
||
Revision as of 12:31, 29 February 2008
| File:Stopbadwarelogo.png | |
Key people | John Palfrey, Jonathan Zittrain |
|---|---|
| Website | stopbadware.org |
Stopbadware.org is a consumer-oriented nonprofit organization aimed at fighting malicious software, or "badware". The organization is run by the Berkman Center for Internet and Society at Harvard Law School, and Oxford University's Oxford Internet Institute. Support is being provided by Google, Lenovo, PayPal, VeriSign, and Sun Microsystems. Consumer Reports WebWatch is serving as an unpaid special advisor.
Staff
Directors of "Stopbadware.org" are John Palfrey, Executive Director of the Berkman Center and Harvard Clinical Professor of Law, and Jonathan Zittrain, Harvard Law Visiting Professor and Professor of Internet Governance and Regulation at Oxford University. Advisory board members include Esther Dyson and Vint Cerf. [www.stopbadware.eu]
Defining "badware"
Stopbadware.org defines "badware" as follows:
- If the application acts deceptively or irreversibly.
- If the application engages in potentially objectionable behavior without:
- First, prominently disclosing to the user that it will engage in such behavior, in clear and non-technical language, and
- Then, obtaining the user's affirmative consent to that aspect of the application. [1]
Stopbadware takes the position that software is badware if it does certain prohibited things, despite any disclaimer in an EULA or purported consent by the user. "Silently downloading" and "Installing additional software without informing the user of the identity and purpose of that software (bundling)" are examples of such prohibited behavior.
Stopbadware investigates reports of improper behavior by programs, and may offer vendors the opportunity to reply to the findings of Stopbadware. The "Cross and Hourglass" symbol to the right is used to designate programs where problems have been found but the vendor claims to be attempting to remedy the problem.
Stopbadware uses a yellow "Caution" logo to indicate "applications that have behaviors that users may find objectionable, but that clearly inform users of those behaviors during installation". This covers the case where an End User License Agreement purports to allow the application to perform undesirable behavior.
For comparison, see the "Trusted Download" standards [2] proposed by TrustE for adware and spyware.
Criticism
 | This article needs additional citations for verification. |
StopBadware has drawn broad and damning criticism from the IT professionals, particularly those involved in consumer internet security for the manner in which it receives and deals with complaints. An anonymous complaint lodged at StopBadware.com is not investigated for it's validity until the site's owner specifically requests it, a process taking anything up to ten days during which potentially libelous statements remain in print, with the very real risk of personal and financial loss for companies and individuals affected. Google, StopBadware's partner, to whom it extends carté blanche to level unproven accusations using it's name for anecdotal weight has deepened criticisms, as Google's own vetting procedure which StopBadware accepts to be sound with total credulity, despite the obvious conflict of interest that arises from Google being a corporate sponsor of StopBadware; a practice which has led to many legitimate websites operating no malware whatsoever to be accused of potentially harming a user's computer. Such examples include several websites owned and administrated by official departments of the government of the Philippines, Matt Groening's Life in Hell website and a respected independent anti-spyware website Adwarereport.com
The difficulty faced by a site owner in having such flags removed is a source of yet further criticism as frequently, Google will tag a site as being potentially harmful, referring a user to StopBadware.com for validation of why, only to find that StopBadware.com has no file on the website in question at all. Requesting that either Google, StopBadware.com or both remove such claims is subject to an online request which may take between ten days and three weeks to take place, for which a site owner receives no validation that the matter will be dealt with, no temporary removal of accusations while the evidence is examined and no apology or retraction issued when the complaint is found to be in error. Attempts to contact either Google or StopBadware.com by the provided email contact details receive only automated responses insisting that a high volume of email prevents any reply being made.
Google and Badware
The Google search engine is now teaming up with many antivirus companies to warn users of the search engine from going to sites that have been anonymously reported to distribute badware. When a user searches for a site which has been reported, Google warns the user and only lets them enter by inputting the site URL in the box on their browser. This feature cannot be disabled by the user, and the operator of the website may not be informed about the block. The anonymous reporting together with the slow processing of complaints has caused complaints by some site operators targeted by Google [3].