In one of today's most fascinating reads, philosecurity interviews Matt Knox, a talented Ruby instructor and coder who once wrote and designed adware for Direct Revenue, a company sued by then-New York attorney general Eliot Spitzer in 2006 for allegedly stealthily installing adware on millions of computers.
So why did he do it?
In Knox's own words: "I was utterly and grindingly broke."
But that's not all. There are lots of little gems in this interview, including:
- "I deployed more Scheme runtime than anybody else on the planet."
- "It’s hard to get people to do something bad all in one big jump, but if you can cut it up into small enough pieces, you can get people to do almost anything."
- "I actually believe that if you sum up everything I did it comes out positive, if only because I kicked off an awful lot more adware than I installed."
- "[Direct Revenue] would say to users 'Hey, if you want this, install our adware and you can have it for free.' An astonishing number of people will do that."
- "In their licensing terms, the EULA people agree to, they would say 'in addition, we get to install any other software we feel like putting on.' Of course, nobody reads EULAs, so a lot of people agreed to that."
- "It was effectively impossible for a civilian to get us off the machine -- unless they went through our uninstall process. You had to go to some web site, download an uninstaller, take a short survey about why they were getting rid of us, and then it would actually remove us and we would also leave a Registry key to make sure we didn’t reinstall. Sadly, some misguided antivirus and anti-adware software would go in and remove that, which therefore meant that we would reinstall again."
- "If you're using IE, then either you don’t care or you don’t know about all the vulnerabilities that IE has."
Make sure to read the interview, which also goes into depth as to how adware works its way into your system. It's really a great read.