PARETOLABS

Related

Detection Criteria

ParetoLogic detects and offers to remove certain software programs that users may not know they have, or may not want on their PCs. ParetoLogic assesses programs based on the programs’ direct and indirect effects, as well as their installation practices and user feedback - article written by Benjamin Edelman.

ParetoLogic aims to err on the side of user choice. ParetoLogic therefore alerts users to programs that may be of concern, anticipating that some users will choose to retain some programs that ParetoLogic detects. If a program is likely to be unwanted by some ParetoLogic customers, ParetoLogic seeks to alert all its users to that program’s presence, so each user can decide for him or herself whether to keep that program installed.

Of the programs ParetoLogic evaluates, few display all or even most of the criteria set out below. But where a program matches these criteria, whether individually or in combination, Pareto’s experience is that users generally want to be alerted to the program’s presence and want to be offered an additional opportunity and means to remove it. A program need only match one of the specified criteria in order to be included in Pareto’s listings and detected by ParetoLogic software.

Notwithstanding the criteria set out below, ParetoLogic staff also make professional decisions as to the programs they evaluate. Some programs are omitted from detection lists based on their context, motive, and source. For example, many security programs block access to certain web sites and block the installation of certain programs. These blocking behaviors might ordinarily seem to satisfy Pareto’s detection criteria. But where these programs are installed solely at a user’s specific request, and where their actions are only those reasonably necessary to implement their security features, ParetoLogic does not classify such programs as potentially unwanted.

Because the behaviors of unwanted software programs change frequently, ParetoLogic may change these criteria from time to time.

In evaluating programs for possible detection, ParetoLogic considers the following characteristics:

Installation, Notice, and Consent

ParetoLogic detects and offers to remove software programs with installation practices suggesting that users may not in fact want such programs. Installation practices raising these concerns include:

  • Installing without any notice or consent at all. For example, installing through security holes in other software on a user’s PC.
  • Installing when users are performing some other task, where such software is not reasonably necessary to complete the intended task. For example, installing via ActiveX popups as users browse unrelated web sites.
  • Installing without providing a general description of purpose and effects.
  • Installing without providing a statement of source (e.g. company name and URL).
  • Becoming installed by other software in a “bundle.” For example, installing through a bundle where users request one program but receive one or more others that are functionally unrelated.
  • Soliciting installations via aggressive, misleading, or deceptive statements, including vacuous statements or statements made without specific knowledge of their truth or falsity. For example, claiming “your computer may already be infected.”
  • Paying for installations through a pay-per-installation affiliate network with a documented history of installations using one or more of the methods listed above.

When evaluating the installation criteria described above, ParetoLogic considers not only the behaviors of the software provider itself, but also the behaviors of those affiliates and distributors who receive payment for installing the provider’s software onto users’ PCs.

License Provisions

  • ParetoLogic detects and offers to remove software programs with certain license provisions giving rise to potential user concerns. License provisions raising these concerns include:
  • Claiming the right to install other software on a user’s computer, other than at the user’s specific request and other than that reasonably necessary to update the requested software.
  • Claiming the right to disable, block, or remove other software on a user’s computer, including “competing” software or security software.
  • Claiming the right to use a user’s computer for the software provider’s own purposes without benefit to the user. For example, claiming the right to use a user’s computer for distributed computing or distributed storage.
  • Imposing restrictions on “authorized” methods of removal.

System Configuration

ParetoLogic detects and offers to remove software programs that make certain changes to a user’s system configuration. Configuration changes raising these concerns include:

  • Changing a user’s browser home page, default search engine, error page, or other browser preferences, other than at a user’s specific request.
  • Preventing a user from taking reasonable steps to change browser home page, default search engine, error page, or other browser preferences.
  • Adding a web browser toolbar, other than at a user’s specific request.
  • Modifying a user’s Internet connection settings to block access to certain hosts or web sites, other than at a user’s specific request.
  • Routing a user’s Internet traffic through a particular intermediary, other than at a user’s specific request.
  • Causing a user’s computer to dial premium or international phone numbers.
  • Disabling, reconfiguring, or bypassing privacy or security programs.
  • Disabling, blocking, or removing other software on a user’s computer, including “competing” software.
  • Using a user’s computer for the software provider’s own purposes without benefit to the user. For example, using a user’s computer for distributed computing or distributed storage.
  • Hiding key operating system features. For example, hiding the icons for Control Panel or for System Restore.

Data Transmission and Privacy

ParetoLogic detects and offers to remove software programs that record, track, and/or transmit certain data about users and their actions. Actions raising these concerns include:

  • Collecting or using personally identifiable information from users or their computers, except where reasonably necessary to achieve a program’s core purpose and where users specifically provide this information to the program.
  • Collecting or using information as to a user’s Internet connection and Internet use, other than to diagnose technical difficulties, except at a user’s specific request.
  • Collecting or using information obtained from or provided by a user in a way that reasonable users would find objectionable, unfair, or deceptive.
  • Collecting or using information from encrypted communications, or breaking or deciphering encrypted communications.

Computer Performance, Reliability, and User Experience

ParetoLogic detects and offers to remove software programs that can slow down a user’s PC or make a user’s PC less reliable. Practices raising these concerns include:

  • Causing a substantial reduction in performance.
  • Using excessive bandwidth.
  • Reducing reliability, e.g. by causing crashes.
  • Causing incompatibilities or adversely affecting other programs.

Malware

ParetoLogic detects and offers to remove software programs that can harm a user’s PC or other PCs. Practices raising these concerns include:

  • Installing worms, trojan horses, or other code that can automatically propagate to other PCs without notice or consent.
  • Allowing third parties to remotely control a user’s PC. For example, “backdoors” and “rootkits.”
  • Allowing third parties to send mail using a user’s PC. For example, “spam bots.”
  • Infecting data or program files on a user’s PC with a virus.
  • Deleting user data files or program files.

Advertising

ParetoLogic detects and offers to remove software programs that show advertising in ways particularly likely to harm, inconvenience, interrupt, or annoy users. Practices raising these concerns include:

  • Displaying advertising likely to interrupt or annoy. For example, displaying pop-up advertising or opening new browser windows.
  • Displaying advertising without attribution and removal instructions. For example, displaying advertising without clear and conspicuous listing of the program providing such advertising. For example, displaying advertising without a button or link by which users can learn more about the advertising, including how to stop such ads from appearing. For example, shows one web site when a user requests another.
  • Displaying advertising that users cannot readily control. For example, displaying any full-screen advertisement without the usual operating system elements (e.g. an “X” button in the upper-right corner). For example, displaying any advertisement that a user cannot readily and immediately close or remove. For example, displaying any advertisement that, when closed or removed by a user, opens another advertisement. For example, shows one web site when a user requests another.
  • For programs delivered in a bundle, displaying advertising even when a user is not using the bundled program the user had requested (if any).
  • Adding third-party advertisements to a user’s desktop, start menu, favorites, or other operating system listings. For example, adding icons for web sites (other than the software maker’s own web site) to a user’s desktop.
  • Modifies, obscures, or blocks the contents of requested web sites, except at a user’s specific request.

Removal

ParetoLogic detects and offers to remove software programs with removal practices and procedures that deter or discourage users from removing programs via ordinary methods. Practices raising these concerns include:

  • Failing to offer an uninstall program at all.
  • Failing to provide an uninstall program that users can reasonably locate. For example, failure to place an uninstall program in the ordinary listing used for this purpose (i.e.. Control Panel, Add/Remove Programs). For example, failure to label a Control Panel Add/Remove entry with the ordinary name by which a program is known.
  • Requiring that users obtain a separate uninstall program from a web site.
  • Requiring that users be connected to the Internet in order to uninstall.
  • Including an uninstall procedure that unreasonably deters or delays removal. For example, requiring that users click through multiple uninstallation screens before uninstallation occurs, requiring that users type a special code to uninstall, or requiring that users complete a survey to uninstall.
  • Including an uninstall procedure that unreasonably discourages removal. For example, making false, misleading, or overstated claims as to the consequences of removing a program.
  • Including an uninstall procedure that fails to remove substantially all of the program at issue, or that allows or performs automatic reinstallation.
  • Taking affirmative steps to make manual removal unreasonably and unnecessarily difficult. For example, using randomized filenames. For example, using “buddy” threads to prevent termination through Task Manager.
  • Storing program files in directories and/or filenames that hinder identification. For example, using directories or filenames that falsely suggest association with other software programs. For example, installing into obscure directories or directories nested within multiple levels of other directories. For example, installing into operating system directories without a technical reason to do so.
  • For programs installed in a bundle, failing to automatically uninstall (or offer to do so) when the “host” application is uninstalled.
  • Failing to show any user interface at all, and thereby offering no indication of installation and presence.

The Role of Consent

Where users consent to the various practices described above, the practices are more likely to be consistent with users’ intentions and expectations. However, when assessing user consent, ParetoLogic looks beyond the question of whether a user once pressed a “yes” button and purportedly thereby consented to a program’s subsequent actions. Instead, Pareto’s assessment of user understanding and consent considers the following factors:

  • The extent to which key provisions are specifically brought to a user’s attention via a summary, rather than presented only in a license agreement.
  • Whether key provisions are disclosed in plain language, rather than in euphemisms.
  • Whether prominent provisions are substantially at odds with less prominent provisions. Whether prominent provisions are materially misleading, vague, or deceptive. Whether prominent provisions make material omissions.
  • The format of information provided prior to the purported consent. For example, the use of section headings, bold type, and other formatting to draw attention to key provisions.
  • Whether graphics help explain the effects of consent, e.g. by showing a picture of a resulting advertisement or by showing a new toolbar as it might look once installed.
  • The extent to which the purported consent covers features reasonably necessary to implement features a user had specifically requested.
  • The extent to which the substance of the notice matches industry norms for program operation.
  • Whether a user is asked to accept additional terms not displayed, but merely purportedly incorporated by reference.
  • Whether the purported consent includes a bona fide exchange of value, e.g. a user receiving something substantial in exchange for providing consent.
  • Whether the purported consent includes terms that a reasonable person would consider fair. For example, whether the purported consent includes terms that are so biased or one-sided as to call into question whether a reasonable, informed user would have consented to such terms.
  • Whether a user is informed of the applicable terms at a reasonable time, versus only learning of such terms midway through the process of downloading and installing software.
  • Whether the installation procedure provides an opportunity for saving, printing, and/or searching a license agreement, and whether any special technical skills are required to do so.

Mixed and Changing Characteristics

Some programs defy straightforward classification because they use a mix of practices (e.g. a range of installation practices all providing the same software) or because they have changed their practices over time. Pareto’s evaluation of such programs generally looks to the practices most likely to indicate that programs are unwanted - for example, the most aggressive installation practices a given program has used.

However, where practices have changed substantially over time, ParetoLogic aims to focus on behaviors actually and currently affecting ordinary users. In general, if a practice has been discontinued for one year or longer, ParetoLogic will cease evaluating the program on the basis of that practice.

Real-Time Blocking

Some ParetoLogic programs include features that prevent the installation of certain software or that offer users an extra opportunity to confirm their intent to install certain software. These real-time blocking features apply to programs meeting the criteria described in the preceding sections.

Cookies

In general, ParetoLogic believes that cookies do not present risks or harms to user privacy, because cookies only store and transmit information that web sites have already previously received. However, where cookies are used to track user behavior across multiple web sites, cookies can present privacy concerns by combining information that could not otherwise be linked back to a single user. ParetoLogic therefore detects and offers to remove so-called “third-party cookies” which track users’ activities at multiple otherwise-unrelated web sites. For example, ParetoLogic detects and offers to remove cookies that track users’ web browsing at multiple news sites, where those cookies are used for the purpose of showing targeted advertisements.

About This Document

This document was written by Benjamin Edelman in consultation with ParetoLogic staff. However, detection decisions are made by ParetoLogic itself, and questions about ParetoLogic’s detections should be directed to ParetoLogic through biz@paretologic.com.