The Big Money Behind Silicon Valley's Scumware Industry
If your experience is anything like mine, the amount of spam in your email inbox has declined in a big way in recent years. The economics of e-mail spam aren't what they used to be, thanks largely to crackdowns by ISPs and legal actions by governments around the world. Another factor: the rise of social media and "Web 2.0," which offer new and exciting opportunities for the Internet's scuzziest denizens. There are still plenty of "chickenboners" out there, of course, but now they're plying their trade on Twitter and Facebook, in Internet comments sections, and via text messaging.
But another group of spammers hasn't changed tactics much at all: the big-money, corporate sponsored ones. Their chicken is Kiev rather than KFC and they have people on staff to dispose of the bones.
They also have big-time financiers backing them. Today, Long Zheng, the developer of MetroTwit, a well-regarded Twitter app for Windows, relates how he has been barraged with offers from well-financed developers of what I like to call scumware (spyware, adware, foistware, etc. "Crapware" is another name for it.) Zheng could make all kinds of money selling out his users by allowing third parties to sneak their toolbars and behavior-tracking adware onto the installs of MetroTwit. Zheng shares an e-mail exchange with one huckster who tried to get him to add such garbage to his app.
TechCrunch, the site that is somehow popular despite the fact that it mostly just regurgitates press releases from tech companies, coughed up a particularly awful one yesterday with the news that InstallMonetizer, whose business is built on this junk, has gotten $500,000 in financing from, among others, Y Combinator and Andreesen Horowitz -- outfits that have financed such companies as Reddit, Dropbox, Instagram, and Skype.
The Verge describes InstallMonetizer (as if the name alone weren't enough of a red flag) as a company that combines "the user tracking of advertising networks with the annoyance of crapware packagers."
To be fair, TechCrunch did do a bit more than regurgitate the press release -- it also allowed the company's founder and CEO, Vince Mundy, to talk about how great his product is. For instance, he was able to say, unchallenged, that his company is very picky about which app publishers it deigns to work with. No mention about how picky legitimate developers might be about which scumware they allow on their products.
Zheng also brought up InstallMonetizer, though it's unclear whether that's where the e-mail entreaty he quotes came from. Speaking of InstallMonetizer's backers, Zheng wrote: "It's genuinely disappointing to see such respected and influential people and companies put their weight behind a practice that has undermined and continues to undermine the credibility of the Windows app ecosystem."
Meanwhile, ZDNet's Ed Bott cites some of the many complaints about InstallMonetizer, and notes that big companies like Oracle play the game, too. That company recently "fixed" a hole in its Java software with an update that might not even work. The hole made it possible for "drive-by" installations of malware on machines that use Java -- which is pretty much all of them. But the update itself, Bott says, by default installs a toolbar from Ask, the substandard search engine. Users who tend to quickly click through the install procedure (which is basically all of us) might not see the box that must be unticked in order to prevent the toobar from being installed in their browsers. And their default search engine and home page might be changed, too.
With big money like this financing such skeevy practices, the chickenboners are the least of our worries. After all, it's easy enough to delete an e-mail promoting "V!a g r@," or to avoid clicking on Facebook shoe spam. It's much harder to avoid the sophisticated tactics employed by people who put on suits and pull this kind of crap as a real profession.