If you read this blog last week you saw that several of the adware vendors have succeeded in getting their software on to a lot of machines. Almost 40 million in the case of Claria and 180Solutions for instance. That’s 40 million each.
You cannot help but wonder how good the software practices are at these companies. Do they do consistent reviews of their code for vulnerabilities? Do they outsource code review to trusted third parties? What are the implications of 40 million machines that are vulnerable to a buffer overflow attack? Say a virus or worm uses a vulnerability in a widely distributed piece of adware? Disaster?
Do the adware vendors have a means of communicating with their end users? Can they push updates to current installs? Is there a way to determine what version of their software is even running? Is there an 800 number to call with these questions?