Mike On Ads

Someone pointed me to an interesting blog post from StatCounter, that discusses how they were approached by an advertiser to place a ‘spyware’ cookie. What is a spyware cookie? It’s funny, I’ve always thought of “Spyware” as “Shitty desktop software that installs without user consent.” Which is, in fact, exactly what this wikipedia article says about it:

Spyware is computer software that collects personal information about users without their informed consent. The term, coined in 1995 but not widely used for another five years, is often used interchangeably with adware and malware (software designed to infiltrate and damage a computer respectively).

Interestingly enough, this dictionary.com entry has a strikingly different definition:

any software that covertly gathers information about a user while he/she navigates the Internet and transmits the information to an individual or company that uses it for marketing or other purposes

Ok, so I”m getting confused as hell. So next I did a Google Search for “spyware cookie” and clicked on the first entry and found this page.

Spyware Cookies are Intrusive
A spyware cookie is any cookie that crosses the line from helpful to intrusive. Spyware cookies are not interested in making your surfing experience better; the sole interest is to gather free marketing data to promote a sale of a product or service. Spyware cookies are placed on your machine by a consortium of websites that track your movement from one website to another.

Spyware cookies can track your every click and record all information you enter into non-encrypted online forms [...]

So I don’t know where the jackass from “anti-spyware-review.toptenreviews.com” got his education in online technology, but a cookie is a text file. I will personally pay someone $100 if they explain to me how a TEXT file can track your every click and record all information you enter into non-encrypted online forms. But really, what IS the proper definition? Well, I don’t like any of the three above, so why not throw in an academic’s perspective while we’re at it — namely here’s a quote from Ben Edelman’s site:

[...]“spyware” software — programs that monitor user activities, and transmit user information to remote servers and/or show targeted advertisements. As distinguished from the design model anticipated by whatis.com’s definition of adware (“any software application in which advertising banners are displayed while the program is running”), these spyware programs run continuously and show advertisements specifically responding to the web sites that users visit. Companies making programs in this latter category include Gator (recently renamed Claria), WhenU, and 180Solutions. Other spyware programs include keystroke recorders, screen capture programs, and numerous additional software systems that surreptitiously monitor and/or transmit users’ activities.

Wow, similar, but yet again, different! Ok, so since everyone and their mother seems to define spyware, I will too! I see a couple key themes: shitty, intrusive, advertising, personal information, communication, uberpowerful. So here goes!

Spyware, an uberpowerful software application that provides rather shitty and intrusive advertising on a desktop computer which communicates your personal information to some shady 14 year old in a basement in Oklahoma.

Spread the word! I won’t be the one to put this on wikipedia, but I dare someone to try! In all seriousness though — if we as an industry can’t get together an actually define what ‘spyware’ is, how can we stop it?

Sandi Hardmeier, author of ‘Spyware Sucks‘, has caught AOL not properly auditing their ads and running Banner Pop and Active-X ads. Click for article. What’s interesting is that she caught MSN running Errorsafe just a month ago, which she detailed here.

I’ve spent a lot of time tracking down this scam and I think it’s time to share that knowledge. Shortly I will post all my knowledge of this scam — what to look out for and how I think as an industry we can stop it. Stay tuned.

-Mike