Aurora Installed with Full
Disclosure"> Direct Revenue admitted to using MMG to push Aurora distributions via BitTorrent, but insisted that the actual adware installation was done with adequate and up-front disclosure. In an interview, Direct Revenue chief technology officer Daniel Doman said MMG is "one of many affiliates" used to distribute Aurora. "They [MMG] specialize in doing content distribution on peer-to-peer channels, and we think they provide an easy mechanism for people like us who want to monetize software or content.""We just recently launched a full awareness and campaign to the entire user base, and the fact that those files are showing up in logs shows that were having success," he said. The campaign, announced on May 17, includes the placement of an uninstall facility within the add/remove panel on Windows for PCs that points users to the previously hard-to-find MyPCTuneUp Web site for adware program removal. "Weve taken pains to brand all of our windows so that the source and prominence of the advertising we serve are extremely clear," Doman said. So far, about 90 percent of Direct Revenues user base has received the branding updates, which happen without any user action. Direct Revenue has been heavily criticized for forcing users to visit the MyPCTuneUp site to complete the program removal, but Doman defended that strategy, insisting the Web-based uninstall utility is the most efficient way to make sure the removal is properly done. He said the company was seeing increased traffic to the site since the launch of the campaign, adding that the daily uninstall count was "in the thousands." Even so, he said, the thousands of daily uninstalls represent only a fraction of a percentage of the entire user count and are not materially affecting Direct Revenues business. Doman described Boyds posts on VitalSecurity.org as "misleading" and pointed out that the screenshots provided by the researcher "clearly show full disclosure" before the Aurora program is installed. He acknowledged that a "grey area" exists in the timing of the disclosure, but insisted that it was done in full compliance with existing laws. "We require all our distributors to fully inform end users about what is being installed. Its a clear opt-in procedure," he said. "The user is downloading something through BitTorrent that is ad-supported and [Boyds screenshot] shows the disclosure that is provided. The idea that somehow the download is surreptitious is wrong. Its very apparent that if the BitTorrent user goes through with the MMG download, they agree to install the ad-supported software." Doman added: "The notion that the user has accidentally found all this software on his machine is false. [MMG] is using a pull technology. Nothing is being snuck in the back door." Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
Doman, a former director of engineering at DoubleClick Inc., said the increased visibility of Aurora and the "nail.exe" component was not the result of new installations, pointing out that Direct Revenue is auto-updating its file-naming convention to address criticisms that the adware program was hidden on purpose.