|
ISearch Update:
On July 1, 2004 I received an email from iSearch with several corrections about the toolbar, its method of installation and its distribution. I have addressed their concerns with corrections & updates where appropriate. The following is an official statement from iSearch:
iSearch offers an affiliate network allowing individuals and companies
to promote the iSearch toolbar. Affiliates are paid per-installation.
In certain cases we have found affiliates packaging our product with
other products. This type of packaging is a violation of their
agreement with iSearch and is vigorously enforced when it is
discovered. Often the complaints associated with the iSearch toolbar
have nothing to do with the iSearch toolbar, but rather with additional
products that are on the user's machine.
The iSearch toolbar is sometimes installed via Active-X. Active-X is an
integral part of the Internet Explorer web browser from Microsoft and
offers developers an effective means of delivering software to end
users. If end users manually modify their system to have "low" security settings, then any and all Active-X object installations initiated by a web page are "automatically" installed. Please note that this is *not* the default setting, and that by default in order for a user to install the iSearch toolbar via an Active-X prompt they must manually accept the installation. It is the position of iSearch that by setting your security settings to anything other than Medium or Medium-High you are inviting unwanted software onto your computer.
While we and the general public may find conjecture and rumors entertaining, the fact is that the iSearch toolbar has never installed itself via an "exploit" and your suggestion that it is being delivered in such a manner is irresponsible journalism and potentially libelous behavior.
While the iSearch toolbar is in a beta state, our experience is that is stable and well written code presenting no known security risks to the end users aside from risks inherent to Internet Explorer because it acts as a Browser Helper Object and inherits security settings from the browser's security settings.
Finally, the iSearch does not track identifiable user behavior OR aggregate user behavior. Your statement that the iSearch toolbar has matched keywords with advertisers in any way is false and misleading. All advertising delivered via iSearch toolbar is system wide meaning that it is displayed to the entire user base without any logic based on either keywords entered or user behavior.
Our recommendation to surfers who do not wish to have items such as the iSearch toolbar installed is two-fold:
1) Read the prompts you are provided with. If a user is provided with a "Would you like to install the iSearch Toolbar" prompt and they click "Yes" without reading the details of the product or learning about the publisher as listed in the digital signature, the user is making an unwise choice and has little room to complain about the product they have chosen to install.
2) If you are certain that you never want to install Active-X controls and software that is delivered via Active-X, disable the Active-X technology by setting your browser security to "High".
Arlo C. Gilbert, Principal iDownload.com
Description:
Isearch Toolbar is a downloaded 'helper' addition for Internet Explorer and installs directly on your web browser.
How do you get it?
The Isearch Toolbar is provided by isearch.com which is actually owned by iDownload.com, based at 701 Brazos, Suite 500, Austin, Texas 78701. It can be installed by downloading the toolbar from the iSearch site. iSearch can also be downloaded and installed on your PC without consent by exploiting a common functionality in the Microsoft Internet Explorer Web Browser.
Correction & explanation:
(I found the following definition of 'exploit' from dictionary.com ex·ploit·ed, ex·ploit·ing, ex·ploits ( k-sploit,  k sploit )
- To employ to the greatest possible advantage: exploit one's talents.
To further explain, Microsoft's Internet Explorer has been designed with a set of controls called ActiveX. ActiveX technology allows a website to create an interactive experience for the user and perform a variety of functions that aren't possible with a static web page. By default Internet Explorer is set with a 'medium' security level. To an average user that means that ActiveX controls and plug ins and scripting controls marked 'safe' will run while unsigned controls and those marked 'not safe' will not be run. Any ActiveX downloads will prompt the user before continuing.
So far so good, but what about the 'safe' portion of this? To determine whether a control is 'safe' for downloading Microsoft has developed a digital signature process. A digital signature for an ActiveX control verifies:
- The contents of a file.
- That the file comes from a responsible source.
"You provide a digital signature by purchasing a certificate from a certificate authority. A certificate authority is a company that validates your identity and issues a certificate to you. The certificate contains your digital signature and is a verification of your credentials. In the event of any problems, the certificate authority becomes a witness to your identity."
To conclude, just about anyone can mark controls as 'safe' - all you have to do is buy a certificate that says you are who you say you are. These certificates are readily available from companies like Thawte and for a code signing certificate run $199USD. Plug ins and scripting controls are limited only by the creativity of the programmer so unless you specifically change your Internet Explorer Settings to 'high' which disables all ActiveX controls and plug ins (even the 'safe' ones) any user browsing the internet is at risk.
Once downloaded iSearch also installs 180Search Assistant, another advertising program on your PC. Together, these programs serve to deliver a variety of intrusive advertisements such as numerous popup ads and new browser windows.
Correction & explanation:
iSearch promotes the toolbar using an affiliate network where affiliates are paid per installation and in some cases the toolbar is packaged with other products - a direct violation of the iSearch agreement and enforced by the company. Discovering 180Search Assistant on your PC at the same time is the result of an particular affiliate who has packaged both together to try and garner some more money. iSearch has since taken measures to prevent this problem from occuring.
Details:
The Isearch Toolbar is a 'Browser Helper Object' meaning that it will load whenever Internet Explorer starts, shares its memory and performs actions in any available windows. It can also detect events, create windows to display additional information on a viewed page, monitor messages and actions.
ISearch made headlines on May 20,2004 when thousands of PC's were hijacked to the iSearch homepage prompting a story by ABC News.
"iSearch works something like this: Some time during the course of surfing the Web, you unknowingly trip over the iSearch applet, which is instantly downloaded — without your knowing it — into your computer.
This program then does two things: 1) It orders your computer to permanently switch to .iSearch.com as your new home page, and 2) Covers its tracks, so that you can't simply go into your computer's utilities and replace it. You are now trapped. "
Although iSearch provides removal instructions on site, several users have experienced substantial difficulty both removing it and turning it off. A user from the DesignTechnica forums indicated that when clicking View>Toolbars the iSearch toolbar was shaded out rendering it impossible to turn it off. It has also become apparent that some automatic removal tools will not remove all of the scummy components of iSearch, crippling the toolbar options menu in Internet Explorer. There are some additional removal instructions provided by Wilders Security Forums if you are experiencing this problem.
ISearch has also been known to close popular Spyware removal tools such as AdAware before starting and even disables programs such as Spybot.
Isearch offers the following information in their Terms of Service:
b) Licensee shall receive, and desires to so receive, various product/services, marketing ads, and campaigns of third parties through the appearance of links, menus, pop-ups, and other methods on and/or in connection with the Service and the Software (all of the foregoing "Third Party Promotions").
IN NO EVENT SHALL ISEARCH OR ITS LICENSORS OR SUPPLIERS BE LIABLE TO LICENSEE OR ANY THIRD PARTY FOR ANY UNAVAILABILITY, DELAYS, INACCURACIES, ERRORS OR OMISSIONS WITH RESPECT TO ANY OF THE CONTENT (AS DEFINED ABOVE) USED RECEIVED OR TRANSMITTED BY THE SOFTWARE AND/OR SERVICE, OR FOR ANY DAMAGE ARISING THEREFROM OR OCCASIONED THEREBY, OR FOR THE RESULTS OBTAINED FROM THE USE OF SUCH CONTENT INCLUDING WITHOUT LIMITATION ANY RISK OF THE INTRODUCTION OF COMPUTER VIRUSES, INVASION OF PRIVACY, VIOLATION OF APPLCABLE LAW OR ANY PERSON OR ENTITY'S RIGHTS OF WHATEVER TYPE.
How does it Violate
Privacy?
To display an advertisement to a user both iSearch and 180Search Assistant matches the keywords entered with an advertiser. The site that is visited and the keywords that are entered can be tracked by cookies. Although both programs indicate in their respective privacy policies they do not share or retrieve personally identifiable information, the value of the policy itself is questionable. (Especially with iSearch which has been known to install without consent).
Correction & explanation:
This information is inaccurate, iSearch explains:
"Finally, the iSearch does not track identifiable user behavior OR aggregate user behavior. Your statement that the iSearch toolbar has matched keywords with advertisers in any way is false and misleading. All advertising delivered via iSearch toolbar is system wide meaning that it is displayed to the entire user base without any logic based on either keywords entered or user behavior."
Although iSearch does not track behavior or match advertisers 180Search Assistant does:
"180search Assistant is a small application that is downloaded to your computer and runs in the background looking to show website's with information, offers and products that match keywords that you are looking for when either shopping or searching online."
Courtesy of 180Search website.
Are there any known
security issues?
Within their TOS, iSearch explicitly outlines that they aren't responsible for viruses or invasion of privacy in any way.
Stability problems:
iSearch specifically outlines the following clause in their TOS:
The Software and the Service is in a pre-release beta state only and may contain errors or inaccuracies that could cause failures, loss of data, and/or conflicts or problems resulting from the use and/or operation of other software installed on your computer or which you may wish to install in the future, whether used separately or in conjunction with the Software.
Correction & explanation:
iSearch wrote with concerns about both of the statements regarding security and privacy. Risks that users will experience from iSearch are related the the inherent risks when using Internet Explorer.
Provided courtesy of iSearch: "While the iSearch toolbar is in a beta state, our experience is that is stable and well written code presenting no known security risks to the end users aside from risks inherent to Internet Explorer because it acts as a Browser Helper Object and inherits security settings from the browser's security settings."
Although iSearch does monitor affiliates, there may be some risk associated with programs installed with iSearch as the result of affiliates packaging software, as was the case with 180Search Assistant.
Terminating iSearch:
If you choose to click the 'Uninstall' link for iSearch, you'll be in for a scummy little surprise. ISearch offers the 'uninstall' program for sale at $29.95. Manual removal seems to be the only remedy to solve the iSearch problem properly. Both of the following removal instructions are posted on the iSearch and 180 Search sites respectively. It may be necessary to run a program such as "Hijack This" to remove all files properly.
- Click on "Start > Run" from the menu that appears.
- Type "Command" (without the quotes) in the "Run" dialog.
- In the new window that has appeared:
•If you are using Windows XP, type "cd c:\windows\system32" (without the quotes) and press the "Enter" key.
•If you are using Windows 95/98/ME, type "cd c:\windows\system" (without the quotes) and press the "Enter" key.
•If you are using Windows 2000 or Windows NT, type "cd c:\winnt\system32" (without the quotes) and press the "Enter" key.
- If you have installed Windows on a different drive (e.g. d:) or directory (e.g. c:\windows2) then you will need to type the appropriate drive letter and/or directory above.
- In the same window
•If you are using Windows 95/98/ME , type "regsvr /u /s toolbar.dll" (without the quotes) and press the "Enter" key.
•If you are using Windows NT/2000/XP , type "regsvr32 /u /s toolbar.dll" (without the quotes) and press the "Enter" key.
In the same window type "del toolbar.dll" (without the quotes) and press the "Enter" key.
In the same window type "exit" (without the quotes) and press the "Enter" key.
Correction & explanation:
iSearch has provided two recommendations for users who do not wish to have programs like iSearch installed:
"Our recommendation to surfers who do not wish to have items such as the
iSearch toolbar installed is two-fold:
1) Read the prompts you are provided with. If a user is provided with a "Would you like to install the iSearch Toolbar" prompt and they click "Yes" without reading the details of the product or learning about the publisher as listed in the digital signature, the user is making an unwise choice and has little room to complain about the product they have chosen to install.
2) If you are certain that you never want to install Active-X controls and software that is delivered via Active-X, disable the Active-X technology by setting your browser security to "High".
Removing 180Search Assistant:
- You may uninstall via the Add/Remove Programs in the Start Menu
- Click on the Start Menu
- Under Settings select Control Panel
- Select Add or Remove Programs
- Click on Uninstall 180search Assistant (If you are running an older version of our software, this will be named PAD Lookups by N-Case)
- Select Remove and follow instructions until prompted with "You have successfully uninstalled 180search Assistant"
|
