180solutions explains new technology

Yesterday 180solutions announced "Safe and Secure Search", their new technology to help stop non-consensual installations, without giving any details about how it would work.  I received permission from Sean Sundwall of 180solutions to post his email to me explaining how the new technology works. 

Hi Suzi,

Although I was disappointed in your initial reaction and posting regarding our announcement today, I appreciate the opportunity to explain in better detail how our S3 technology will work, and why this is 180solutions most significant step to date in terms of protecting consumers and stopping bad actors from fraudulently installing our software.

We have always held our distributors to a strict Code of Conduct, and we immediately shut off and/or pursue legal action against distributors who violate this agreement. Because our business model consists of thousands of distributors, no human police force could be strong enough to put an end to illicit installations of our products. This technology adds a security measure that will act as a 'sheriff' for our current police force, enabling us to much better control all of our distributors and sustain a viable business model.

The screenshots (MS Word document) attached will give you additional insight to the new install process, but I'll also explain from a technology standpoint how S3 works.  

Previously, when a distributor began the install process, they were required (by our Code of Conduct) to present the user a consent box, providing disclosure and requiring user consent to continue. We gave them guidelines as to what the dialog boxes should say and how they should appear, but left the execution of it to them. A small few took advantage of this and subverted and manipulated the software installation process to remove this disclosure/consent box, therefore creating the environment for a forced or silent install.

Beginning today when a new distributor initiates an installation of 180search Assistant or Zango, the distributor is no longer responsible for presenting the consent box. Instead, the distributor lays down a 'stub' that automatically calls back to our servers before the installation can begin. Our servers then send the required consent box directly to the user. At that time, the user will see that either 180search Assistant or Zango are trying to be installed. Installation cannot continue until the user gives consent to continue. Since the consent box comes directly from us, distributors are unable to turn it off. The point here is that we now own the entire consent experience. It will be standardized, consistent and always on. Keep in mind that we have given all current distributors until the end of the year to transition to the new technology.

In your posting this morning, you noted that you witnessed a bad install of 180search Assistant as early as 10 days ago. First of all, the new technology was not in place yet. Second, what you saw she saw was the following:

1.  Installations of other software via an exploit (spambots or something of the like)
2.  Attempted forced installation of a bunch of software
3.  A definite non-silent, non-forced install of our software as the UCI box does show up.

Our software was not silently or forcibly installed. Everything else around it was. But ours was not. This is proven on http://www.sunbeltblog.blogspot.com/.

I hope this is sufficient clarification. Please don't hesitate to contact me with further questions. If you are interested in discussing this further on the phone, I'm available anytime today and the rest of this week. I look forward to our continued dialogue and would hope that in the future we can talk in advance of a post rather than after.

Best,

Sean Sundwall

I'd like to thank Mr. Sundwall for sending this information, which I'm sure readers will find interesting.  The description of the stub installer calling the consent box and not allowing installation to continue unless the user accepts the End User License Agreement (EULA) sounds like an improvement. 

Regarding the video Mr. Sundwall refers to, perhaps he saw the video on the Sunbeltblog,  however the video I posted at Spyware Warrior does not show the UCI box that I can see.  It is possible the UCI box could have been hidden behind one of the pop ups, but I did not see any evidence of it.  One interesting note, the 180Search assistant icon did not appear in the system tray, which could mean the installation was incomplete.  The HijackThis log included in the post did show the 180search assistant installer and the file sac.exe in the running processes as well as the line O4 - HKLM\..\Run: [sac] c:\program files\180searchassistant\sac.exe, which means 180search Assistant was set to run when Windows starts. 

But, as Mr. Sundwall said, that was prior to the new technology and I certainly hope that we will not be seeing similar installs in the future. 

I invite readers to ask questions and comment on the new technology as presented here.