 |
|||||
|
|||||
|
|||||
|
|||||
| NewDotNet Client Support Website |
Is NewDotNet Really Spyware? Note: To avoid confusion, everywhere I say "New.net", I am referring either to the company or its web site. Everywhere I say "NewDotNet", I am referring to the software plug-in. Since I'm already on the topic of NewDotNet, I guess it is time to discuss why it is considered by some to be spyware. NewDotNet is a plug-in for your computer which allows you to access unofficial top level domains, such as .shop and .xxx. What New.net does is sell a sub domain of the new.net site. For example, the domain http://www.book.shop actually resolves to http://www.book.shop.new.net if you are a NewDotNet user. These domains are unofficial and won't resolve without the plug-in unless you receive your internet access from an ISP which has modified its customer's name servers to use new.net domains. There is a list of these ISP 's at http://www.new.net/about_us_partners.tp#ISP. New.net estimates that they have 178,386,226 users worldwide as of this writing. One thing which gives New.net a bad name is the fact that their software is bundled with "partner" software. Nearly all of these programs have bad reputations because they also bundle adware and spyware. For instance, NewDotNet is bundled with Radlight Media Player, which also installs WhenU.com's SaveNow. These are two particularly disgusting companies. Radlight once included instructions in its installer that would secretly remove Lavasoft's Ad-aware. After a massive public outcry (and a particularly nasty case of the /. effect), CNet and Simtel briefly pulled the software from their archives until Radlight produced a new build which doesn't tamper with Ad-aware. WhenU's SaveNow is even worse, for not only does it spam you with pop up ads, those ads are based on the context of the web site you are currently visiting or the words you just searched for. For instance, if you are on the Chevrolet web site, SaveNow might pop up an ad for a competing Ford vehicle. Or perhaps you search for the term "automobile" at Google and Ford has purchased advertising on Google for that keyword. SaveNow may pop up an ad for Daimler-Chrysler. In effect, it is sending you ads on web sites for which WhenU has no relationship (and reporting this fact to WhenU servers). Most webmasters consider this activity to be theft and many of them include detection scripts on their sites which will alert a visitor that it is installed and redirect them to a page with instructions on how to remove it. Another issue that people have with NewDotNet is the automatic update component. The plug-in will automatically contact New.net servers to check for an updated version. There is no prompting for this and it cannot be disabled. It also downloads a GUID (Globally Unique Identification Number) on its first update so that New.net can keep track of how many people are using their service. All of that in combination leads many people to avoid it and to suspect it of being spyware. Certainly it is unsavory. Nothing on my computer is permitted to check for updates unless I've gone out of my way to tell it to do so. For that matter, nothing on my computer is permitted to connect to the internet unless I've decided to allow it to do so (Mailwasher, my ISP 's satellite connection software, Trillian, etc). Any software which attempts to connect to the internet, whether to check for updates or for any other reason, without giving me an option to disallow it quickly gets uninstalled and deleted off of my hard drive. One issue which I have debated with David Hernand, CEO of New.net, is the way NewDotNet loads at startup. Rather than loading an application named "NewDotNet" or similar, the application loads by calling the Windows system file "Rundll32.exe", which means that you don't see it when you look in the Windows task manager. I argued that it made it look suspicious. If there is nothing to hide, why hide? The answer I got back was that it was done this way to keep people from looking for all files named "newdotnet" and deleting them and endangering their network. That's sounds logical, but some people are going to stubbornly ignore add/remove and use the delete key anyway. When doing this breaks their network, they have no one to blame but themselves. I don't believe that this is reason enough to hide the running process. This is nothing bad by itself, but it does nothing to improve NewDotNet's image. Two years ago, Lavasoft added NewDotNet as a spyware target to Ad-aware. New.net objected to its software being labeled spyware and invited open testing of its software to look for any privacy violations. When none were found, Lavasoft removed them as a target (and got flamed mercilessly for it at their support forums). One of the original members of "Team Lavasoft" who helped test the software was Craig Rashad. Mr. Rashad is no longer associated with Lavasoft and now hosts the Net-Integration message boards which is also the home of Spybot S&D's support forums. With the introduction of Ad-aware 6, Lavasoft has once again started targeting NewDotNet. No one knows why and even Lavasoft can't seem to decide what the reason for that is, as there have been contradictory statements made at their own support forums about it. Heated arguments have been popping up on message boards everywhere between people who say NewDotNet is spyware and those who say that it is not. Rashad decided to load several test computers with New.net's software to see whether or not it was collecting and uploading personal information about its users. After extensive testing, Mr. Rashad concluded that no, NewDotNet is not spying on its users in any way. No personal information leaves the machine, period. He has posted his opinion of New.net's software at his message boards here: http://www.net-integration.net/cgi-bin/forums/ikonboard.cgi?act=ST;f=8;t=1634 While I haven't personally tested the software, I'll take Rashad's conclusions at face value. He's been doing this for a lot longer than I have. If he says that NewDotNet is not spyware, then it is not spyware. NewDotNet is not even adware, much less spyware. The worst that it can be called is "foistware", a term defined by CounterExploitation as "Unwanted application programs that come along, trojan-style, with completely unrelated software." Rashad's final conclusion is that NewDotNet does not warrant targeting by Ad-aware, Spybot, or any of the other spyware removers. That took courage, because there seems to be something magical about NewDotNet. As soon as anyone dares to disagree that it is complete and utter scum, people begin to revert to the mental equivalent of school children. It is truly fascinating to watch so many grown adults lower themselves to below the mental age of their own children rather than simply stating their disagreement. It never, ever fails to happen when the issue is NewDotNet. Rashad has already receive dozens of hate mails, insults, and outright threats. Here is my 2 cents on the subject. I don't like the GUID and personally will not ever run this program for that reason alone. Many others agree with me on the issue of software which uses a GUID, especially when it is passed back to the vendor's servers as part of a "head count" of users. However, NewDotNet is not the only program which uses a GUID, and there is a legitimate reason for having it. I don't like that it reaches out to the internet without asking, and then also downloads and installs updates without asking. That is extremely rude behavior and very questionable. When asked why they don't make the auto updater a manual updater, their unsatisfactory answer is that it would raise the size of the download. As rude as this is, there is nothing malicious about it and no personal information other than the GUID is sent to New.net in the process. Neither of these issues, nor any of the other issues mentioned earlier warrants New.net's software being targeted by spyware/adware removal tools. NewDotNet is not spyware. NewDotNet is not adware. NewDotNet does not install using drive-by activex scripts the way Xupiter and others do. Every known third party installer discloses NewDotNet's presence and has boxes which the user can uncheck if they don't want NewDotNet to install. If it is already installed, then the uninstaller provided with each copy works perfectly. NewDotNet is not worth targeting in my opinion. P.S. SOURCE:
|
