Sunbeltblog comments
perhaps i'm missing something...
is it not a security toolbar? does it not provide security features/functionality? is the toolbar not from the same company as the software it was bundled with? would this be any different from mcafee bundling site advisor with it's scanner?
at what point does it stop being 'bundling' and start simply being a 'suite'...
It's the Ask Toolbar. I'm not sure if that's considered a "security toolbar".
That's odd...Spy Sweeper, now Zone Alarm, what's next? Kaspersky Antivirus?
-Yair
Xeydo NO!
Kaspersky are teaming up with russian portal Rambler.
Rambler.ru
Do your research!
Oh here we go with the IAC bashing again...
@alex:
i certainly noticed it had ask search functionality in it, but the way it was described in the install and the way it is branded in the browser suggests that it's not *just* the "ask toolbar"...
if that's all just smoke and mirrors to hide the fact that it is just the ask toolbar then not only do i agree, i think it's even worse than simply bundling crap...
When are these vendors, and not just Webroot & ZA people, going to realize that this is just something that 90% world don't need.
These 'ticked-by-default' installs are annoying, regardless of whether or not users can opt out. We all know 'why' they are default ticked, because they(the vendors) know that if they leave it up to the users, they will 'not' opt in for it.
Thusly giving them about nothing for their effort, meaning no $$$. And we all know that the only reason any vendor offers these toolbars in this manner is only after the $$.
From what I understand its, as so often, an "opt out" toolbar which is overseen by most average users as they would most likeley just click "next" til the install is complete. I recall reading at one of the forums that there is no mentioning of the toolbar in the EULA (or no clear mentioning). Not that many people would read the EULA in the first place, but if it wasnt mentioned at all, it would additionally be a major lead down. Its been removed from my list of suggested Firewalls in the forums and so has it by a few others already. I would say in the long run its more a downturn to them than an advantage. Though they still make good money til no one suggests their software anymore in the forums...
The EULA is displayed "2 stages" afterwards, after the Toolbar option screen. That's is not right. It shouldn't be pre-checked and the EULA should be displayed at the stage where the Toolbar optional is present.
All it says at that stage - as you see in the screenshot - is the fact that it will protect you from dangerous spyware sites. So most users will leave the optional toolbar checked anyway.
*sigh*
Just the security toolbar part isn't so bad, but the fact that it contains the Ask search bar (earning affiliate commissions) and that the box is checked by default makes this unacceptable, IMO.
As far as the *other* company mentioned goes I unchecked install and what do you know,It went and installed itself anyway.
BTW it is a total pain to get rid of.
Just a clarification (I updated the blog):
This is not the full Ask Toolbar. It's a subset which only offers the pop-up blocking. Nevertheless, you still get the Ask Searchbar, and it is pre-checked prior to install.
I use ZoneAlarm and over the years I've noticed it getting more bloated and more of a system hog (similar to what happened with Norton). I was amazed how quickly my computer booted and ran when I had uninstalled it in the process of upgrading.
Now this questionable tactic (IMHO). I guess this is another reason to find another security vendor for my computers other than ZoneAlarm when I'm due to reup.
I would have to say that this is probably just the beginning. AdAware briefly partnered with WhenU. Now we have Spy Sweeper and Zone Alarm partnering with Ask.
Money definitely is the motivator here and the majority of computer users know nothing about spyware or viruses. They see this as extra protection and Zone Alarm is capitalizing on it.
This is really is no different to the old free software with ads, and you could get rid of the ads by buying the full version.
Does anyone know if Check Point is the original company that developed Zone Alarm or was it purchased by them? I remember when it first came out, Steve Gibson used to plug the hell out of it.
(Kirk here from IAC Search and Media)
A couple of quick points:
First, as I understand it, the functionality is not a popup blocker, but rather a malicious site blocker. If you go to a known bad site, e.g. http://winfixer(dot)com, it will intervene and throw up a blocking page.
Second is this notion of a pre-checked box during the install. There seems to be a lot of concern raised over the fact that users must opt out of the install. Keep in mind that this is a Zone branded toolbar with specific Zone functionality built into it. It is an integral part of the product offering similar to Symantec’s toolbar in Norton. If Google powered the search of the toolbar, would you feel differently? Yahoo? Microsoft? These search companies appear to have immunity from this line of thinking because they all use the same opt-out methodology. If you check out the Flash download (adobe.com), you’ll see how Google sets the standard. If you download Yahoo Messenger, you’ll see how Yahoo pushes the boundary. Having done that, then when you take another look at this, I think you’ll see that it’s a non-issue.
-K
Currently on ho-ho-holidays here, but I do have five spare minutes to post so...
I've said for the longest time that pre-ticked checkboxes are a big plate of suck. Doesn't matter who does it - Google, Yahoo, Microsoft - it sucks regardless.
pre-ticked checkboxes are hacker gold. they eat your pre-ticked checkboxes for breakfast. Many types of installer out there are susceptible to sendkeys attacks, and if your checkbox is pre-ticked, its the easiest thing in the world for a hacker / rogue affiliate to force install the vulnerable software, or use something like a Clicker Trojan (that blindly clicks the mouse button on the desktop, activating whatever program / install happens to be there at the time). The EULA box *will* appear....but only for a nanosecond as the sendkeys / clicker attack does its thing and installs without permission.
If you pre-tick a checkbox, you may well be contributing to forced installs even if it *appears* to you that the install was legitimate.
At that point, it all comes down to whether or not the company behind the install monitors each stage of the install process to work out if it was a valid "yes please" or not - when the software is installed on a users PC, did they have ways to monitor how long the box was up for before the EULA was accepted? How long each stage of the install process was on the screen for?
As we know, not many do (and another good chunk of people installing things out there don't actually care, which simply makes things worse).
In conclusion? Don't care who does pre-ticked checkboxes, it's irresponsible and does half the rogue affiliate / evil hacker / whoevers job for them. Porting this "functionality" into legitimate applications such as Zone Alarm is a real bad idea, and also flies in the face of what these security companies have actually had to battle against for the past however many years.
@Kirk
Symantec’s toolbar is part of Norton; but ask tool bar is not a sole part of Zone Alarm;
When the application is bundling a third party tool then it should allow the user to choose whether they want to install it or not. Now Zone Alarm falls into Software Bundler as per AntiSpywareCoalition documentation.
If ask toolbar was created by Zone Alarms and was bundled with its application suite then users wouldn’t have raised an issue. But due to the Bad Practices of Ask.com Toolbars in past and the pre checked option raises many questions in the users mind.
Kirk if you say that your applications has really cleaned up then why do you have the pre-checked option rather that allowing the user to select if they really want ask tool bar installed on the system.
@Kirk
Thanks Kirk, you are right we are making a big deal out of this (must be a slow news week)!
PG - Happly Hols!
In the situation where there is a 3rd party that monetarily benefits from the installs (e.g. affiliates on a cost per acquisition basis), then I would certainly agree. In this case, there are no 3rd parties, just the primaries. We do have a compliance team (that includes myself) that will periodically monitor the back end numbers (on an aggregate basis) and installation practices to make sure that no funny business is going on.
Sparsha -
The toolbar is Zone branded - and whether or not it is considered a "software bundle" is open to interpretation IMHO (like much of the ASC documentation). I don't know who created the Symantec toolbar - but it easily could have been a 3rd party. However, the fact that SpyBlocker is adding value to the product offering tells me that, whether or not its "bundled", it's a good thing. ZoneAlarm stops baddies from getting through networking weaknesses, whereas the SpyBlocker stops them from getting through via social engineering means.
-K
I share others' concerns about the installation method used by ZA in this instance. The totality of the circumstances -- the method and format of disclosure, the functionality of the toolbar, the prechecked checkbox -- makes it too likely that users will receive this toolbar without wanting it or, for that matter, realizing that they're getting it.
Meanwhile, just last night I was testing a big "adware" bundler. Without any notice or consent at all, and without any EULA at all, the bundler installed Ask's MyGlobalSearch toolbar on my test PC. When I reported similar nonconsensual installations in 2005, Ask said it took action and promised this couldn't happen again. Not so. I have appropriate video and packet-log proof demonstrating what happened last night.
The net effect remains: When I see a user with an Ask toolbar, my standard inference is that the user wasn't fairly asked if he wanted it, and the user probably doesn't want it.
@ Alf:
AdAware briefly partnered with WhenU.
Actually, I believe that was Aluria, not Lavasoft.
Does anyone know if Check Point is the original company that developed Zone Alarm or was it purchased by them?
Zone Labs was purchased by CheckPoint some time ago.
There are a few additional points I would add to this whole discussion.
Some reasons why this is a problem:
1. Questionable judgement.
Ask is a clean company these days (and a lot of that credit goes to Kirk Lawrence, who has posted above). However, pre-Kirk, the company did have some real problems, which we highlighted in the following (admittedly old) report:
http://www.sunbelt-software.com/...ihs/alex/
aj.pdf
In that report, we documented instances of Ask Jeeves (the precursor to Ask) being installed through exploits and the like. It's not pretty. Read the report, see for yourself.
Again, I want to stress that Ask has really cleaned up their act, and I recognize that fact, and commend them for it.
Nevertheless, I really find it surprising that a highly reputable security company like CheckPoint would partner with these folks. I guess those of us in the antimalware field have a long memory, and perhaps that's unfair. But it's a question of context – would we really care much if we saw this toolbar bundled with a screensaver? I doubt it. But with a highly reputable security product such as ZA?
We know the folks at Checkpoint, and they are hardcore security types, and make excellent products. So I can only imagine that this was some decision driven by the marketing people there, which is disappointing. Perhaps the culture has changed.
And it absolutely would be different if we saw this bundled with Google or Yahoo, because they don’t have a history of drive-by downloads using exploits.
2. The toolbar is pre-checked.
I don't care what anyone says, that's a real problem. Those of us who have spent time cleaning up systems know that most end-users are completely clueless as to how stuff got on their machine, and many don’t even understand how to uninstall an application (sorry, Mom). Is it fair to that end-user to pre-check an item, when we know that in most cases, users will simply click “next” and then have that toolbar on their system?
3. The toolbar is not an integral part of ZA.
It’s a separate uninstall. This speaks to point (2) above – most people are not clueful about these intricacies.
1. This is meant to be a spyware blocking tool, which should SURELY mean that it should be added into all versions of ZoneAlarm. Not just the "free version" - which is the case if you check the release notes.
Zone Alarm Antispyware
http://download.zonelabs.com/
bin...tml#7.0.462.000
Zone Alarm Pro
http://download.zonelabs.com/
bin...tml#7.0.462.000
Zone Alarm Free:
http://download.zonelabs.com/
bin...tml#7.0.462.000
If you check, its only in the free version, which means that its not being added for "functionality" particularly. Given that the Pro does not have any antispyware capability whatsoever, why wasnt it added in there?
2. Last month they had a great offer of getting the antispyware version free on patch tuesday, and that generated a whole lot of good press for it (apart from the minor server problems)...and now it goes and does something like this. What goes on in the heads of the marketing department? Why couldn't you have teamed up with a more reliable brand such as Google or Yahoo...instead of a once dodgy toolbar provider. All the good work done last month (or whenever it was) is going to be undone by this!
I notice some conflicting reports here, one by Ben saying he just captured some rogue style installs by ask.com and Alex saying how much they've cleaned up.
Based on Ben's comment I suppose it's high time Sunbelt prepared a new report to see if they can duplicate Ben's findings as Ben has only just finished his last nite.
And some great detective work there kk, nice to see how their new found spy blocker is only found in the freeware version. Tho I'm sure they will point out that the other versions have similar protection already built in. If that is the case then one needs to inquire what is the point of having ask involved at all?
Oh, wait, I know the point.....$$$$$$$
TeMerc... you're right, we'll have a chat with Ben... that video might be interesting viewing.
to all those griping about the pre-checked checkbox, here is why you're unlikely to get any real traction with that complaint: there are plenty of installs out there where functionality for the main product you're installing is optional but checked by default... if you're going to complain about installer checkboxes that are checked by default then you wind up complaining about a huge number of perfectly acceptable installers that include absolutely no 3rd party functionality...
it seems to me that the *real* gripe is about installing additional 3rd party tools by default, not simply pre-checked checkboxes... the ambiguity and abstraction of griping about pre-checked checkboxes is going to work against you...
@Ben - Nice work and look forward to seeing the test results if you are going to publish them...
@Kurt - You are putting the effect before the cause with your argument. The real thing you should look at here is the legitimacy or percieved legitimacy of the bundled content or the content's creator...
@ Kurt, I can only assume you're not reading the same comments as everyone else, pretty much everyone has complained about the 'pre-ticked' box, it's really not an issue of 'third party' so much as so well pointed out that many others do it. And all need be brought to task for it. What helps these other companies get away with it is the overall reputation of them, which is held in a much higher regard than is Ssk and rightly so.
The pre-ticked box is a simple ploy to get installs, plain and simple. If it wasn't done by default they wouldn't get any installs.
Funny thing I never hear anyone complain that a box 'wasn't' pre-ticked and they had some hard time getting something they wanted.
It's always the other way around.
@michael wood:
i was fairly certain (and the pre-ticked checkbox complaint seems to bear this out) that bundling additional content in an install in and of itself isn't a big issue so long as it isn't installed by default (due to a pre-ticked checkbox that the user is likely to ignore)...
@temerc:
the point is that 'pre-ticked' boxes can be found in all sorts of installs that people here would have absolutely no problem with...
ever installed vlc? there isn't just one pre-ticked box, there's an entire checked listbox full of them, and they're all for features/components of vlc...
ever installed visual studio? there are so many of them they provide UI for checking/unchecking groups of them at once...
the pre-ticked checkbox is too abstract a complaint... i'm sure you all have a very particular, concrete behaviour in mind when you make your complaints, but "pre-ticked checkbox" does not adequately describe it, whatever it is...
(and if the component getting installed isn't 3rd party then we really are talking about a suite, even if that component isn't actually part of the main application getting installed)
*sighs*
Again...?!
PG hit one of the primary issues head on. If I don't know I have it, I don't know that I'm open to attacks via the software.
In conjunction with this is the primary issue. Users.
Users are smart and savvy, in THEIR arena. Expecting a user to understand the ins and outs of everything they are installing (in regards to security based software) isn't fair. It's why so many tools come "auto configured".
Adding pre-checked options puts the user in, what they may perceive as a "must have" situation with the software. There is a strong possibility that the user won't understand that they DON'T need this piece of software and therefore have "no" opt-out option.
Opt-in software is relying on user ignorance to get installed. Which isn't fair. If you have a piece of software that you want a user to try out, bundle the software...by all means! But leave the check box unticked. Is that so difficult?
If your intentions are honorable and to make your software more accessable to users, this shouldn't be an issue. If your intention is to garner as many installs as possible (regardless of whether or not the user actually WANTS your product) this is the path you take.
And Kirk, while we've exchanged words frequently in the past. I would take this stance against any piece of software. NOTHING should automatically opt-in it's user base.
When I download product A I do not want product B embedded in it. There is so much unrelated crapware out there - it is a waste of time.
There aren't any morals out there anymore....
@ Kurt:
As I mentioned(read it again), yes other apps do this, lots of them, but it all comes from where the end user can either trust them or not.
Ask, IMHO, cannot be trusted at all, especially based on all the evidence garnered over the time that Ben has, with the latest as new as last nite!
No doubt this will again be blamed on.....drum roll please......yeah....I don't even have to say it do I?
I am a user of ZoneAlarm firewall.
Am I better off switching to a different firewall?
What about the free Sunbelt Personal Firewall?
Cheers.
Anyone else waiting for Alex's unbiased, objective opinion with a big grin on their face, for Alex's response to Jerome's question? 
Ben's video will make for some interesting viewing indeed.
Anyone else waiting for Alex's unbiased, objective opinion with a big grin on their face, for Alex's response to Jerome's question?
lol
I am usually fastidious about unchecking offers for toolbars, but even I missed this one last night. I have been toolbar-free for all these years and made the mistake of assuming that the ZA install would be much like all the previous ones. Doh.
ZA et mea culpa.
Iwannabetoolbarfree
There is a similar "Web Security Guard" toolbar for Spyware Terminator discussed on http://www.net-security.org/revi...view.php?
id=160
I know money is in the game, but it looks really bad for the vendors to do this type of "cohabitation".
JerryM, I don't think their WebSecurityGuard is the same as this -- it seems to be part a security offering that's part of their product. I don't know if they're actually making money off of it (unlike bundling Ask).
use firefox
don't install any toolbars
I want to respond to the comment earlier that pre-ticked checkboxes are acceptable because so many installers use them for functionality.
I believe that only makes it more obvious that preticked boxes should not be used for third party or optional software. Joe User is more likely to accept anything pre-ticked as good and just click whatever box lets them proceed to the next step.
Even IT people who are in a hurry are likely to make that mistake especially when they are dealing with software from reputable companies.
Most users have no idea how or why they have so many toolbars. Sometimes it seems that half the free software on the web installs some toolbar or extra that you don't need. (even if its not adware)
Then you get the situation where one toolbar/search provider is blocking changes that another toolbar is trying to make to the search provider. And back and forth they go.
Something about all this is just not right.
Hmmmm
If I was to install the freebie ZA on a family box which includes children under the age of 18 I guess I need to know before hand (which is not possible since the EULA is not displayed untill I have already passed the prechecked option) about the install of the toobar only to be installed/used, etc by those over 18.
This means if I had kids under 18 I can't make use of the bad site blocking from the toolbar because it includes Ask.com stuff only to be used by those 18 or over.
Since there is no way to disable Ask.com part -- I will have violated something I didn't know about till I already past it.
Huh?
Why does the ZA install initially say I need to be 13 or older to install then after the prechecked toolbar part the EULA states I have to be 18+ to install the toolbar that was already pre-checked?
I'm confuzzled.
@mark r:
"I want to respond to the comment earlier that pre-ticked checkboxes are acceptable because so many installers use them for functionality.
I believe that only makes it more obvious that preticked boxes should not be used for third party or optional software. Joe User is more likely to accept anything pre-ticked as good and just click whatever box lets them proceed to the next step."
i absolutely agree... what's more, i absolutely agree with you being more specific about what is really wrong here... it's not just pre-ticked boxes, it's default installing 3rd party crud and using the pre-ticked box as a shield of sophistry to skirt responsibility for it...
Alex: According to the review, the toolbar is called Web Security Guard, but when you install it you see that it is Crawler.com Toolbar with Web Security Guard. WSG seems to be just a small part of the toolbar that mainly links to different smileys, postcards and similar stuff, as well as offers searching of the web which generates additional revenue to the developer.
JerryM... well, well, that's interesting... we'll take a look.
Hi there,
By way of introduction, I'm the Product Manager for TRUSTe's Trusted Download Program.
The issue of first party vs. third party toolbar is not necessarily clear-cut either. In TRUSTe's Trusted Download Program, we're seeing many companies who are in the business of making white-labeled toolbars for third parties. In many cases they give the toolbar away for free and resell Yahoo, or Google or Ask search results for the revenue. (see goodsearch.com, conduit.com, as just a couple of examples. Note neither of these companies are TDP-certified).
So, skirting the pre-checked box issue for the moment, would it have been OK if the bundled toolbar was presented as a Zone-branded product? How would a user know whether it was developed by Zone or "outsourced" to a toolbar developer? Would it make a difference? Should it?
One distinction is the payment scheme - was the toolbar developer paid once for development, or is he getting paid on a per download basis? But again, how would the end-user know?
"would it have been OK if the bundled toolbar was presented as a Zone-branded product? How would a user know whether it was developed by Zone or "outsourced" to a toolbar developer? Would it make a difference? Should it?"
As long as the thing ISN'T pre-checked, let whoever makes it make it and let the end-user physically decide whether they want it or not.
Paperghost is dead on. I don't care if it says "ASK.com, Zonealarm approved!"
But clearly label (IE. This is a {insert name here}) what the installer is for and leave the option unchecked.
I think there should be clear labeling that there is third-party software included. A link to more information and privacy policy about the toolbar should be included at least.
The fact that there is just a few words, educated users have no idea just what they are getting and whether to include it or not.
@Irina -- Perhaps what is being used is a rebranded version of the "AskEraser" toolbar described by FoxNews at http://www.foxnews.com/wires/
200...tection,00.html
To all:
In addition to the other issues raised regarding pre-checked, EULA availability, etc., it appears to me that ZA is taking advantage of the trust relationship and name recognition established over the years. We try to teach users to read the EULA and watch what they are installing. Then a "trusted" security vendor betrays that trust not only by not providing full disclosure but also by pre-checking the installation box.
"Then a "trusted" security vendor betrays that trust not only by not providing full disclosure but also by pre-checking the installation box."
It should not be pre-checked. I know you can argue it can be unchecked, but if it's to be there at all, it should come unticked.
Personally, these secondary installs shouldn't even be offered in such programs. If I wanted ZA, that's all I want, no secondary installs, offered or otherwise. This speaks volumes about their business model if they are having to resort to such practices.
If anyone is keeping count, you can also add Stopzilla having the Ask toolbar...
"the point is that 'pre-ticked' boxes can be found in all sorts of installs that people here would have absolutely no problem with..."
Your statement is just not true, plenty of us have never met a pre-checked box we liked. These boxes have come from a history of manipulation of users. Even to the extent of being hidden right below the page line where you have to scroll down to see it, with the Next button clearly visible above.
There is only ever one reason for these pre-checked boxes - the purposeful intent of getting programs onto a users computer without them realizing what they are doing.
From what I hear zonealarms pre-checked box does not say next to it - Zonealarms Ask toolbar
Why? Because if it did more people might take notice and uncheck that box. This is proof enough what the real zonealarms real intent is.
That is manipulation. Manipulation has no place in security programs.
@drewcat:
"Your statement is just not true, plenty of us have never met a pre-checked box we liked."
ever installed vlc? better yet, ever chosen custom instead of typical for any install?
i'll put it another way, not all pre-checked boxes are for secondary installs, some are for the primary application...
this is the point i'm trying to get across - people are harping on the pre-checked box with the hidden assumption that pre-checked boxes are only associated with secondary installs... that assumption is false...
i understand why people are upset over what was done with zonealarm but folks need to complain about the right things... the pre-checked box was just a mechanism used in what was really wrong - a secondary install that was enabled by default (by a pre-checked box in this case but in reality there are many ways of achieving the same ends)...
@Kurt
"a secondary install that was enabled by default (by a pre-checked box in this case"
Um ya, thats the subject here.
"people are harping on the pre-checked box with the hidden assumption that pre-checked boxes are only associated with secondary installs."
You are assuming people assume. We are talking about a specific subject. And that subject is not the variety of boxes or primary versus secondary installs.
"but folks need to complain about the right things... the pre-checked box was just a mechanism used in what was really wrong - a secondary install that was enabled by default"
You say it yourself, the pre-checked box causes the toolbar. How is complaining about the problem without mentioning the cause useful? Especially if the cause is designed specifically to land you with the problem.
Are you implying we shouldn't mention the pre-checked manipulation box which you yourself say is the "mechanism" because there are other kinds of pre-checked boxes out there?
The subject is this type of pre-checked box which is a known highly effective tactic in causing people to install things they never wanted. If this "mechanism" wasn't effective for them the companies wouldn't use it. Therefore, I think complaining about the pre-checked box and recognizing it for what it is, is necessary.
We should also be sure people know about these boxes and how/why they are used so that they can protect themselves in the future.
You should notice people are complaining about 3 things - the pre- checked box, the toolbar, the Eula. They all go together here. Both the box and the EULA are being called out for subtle manipulation. The toolbar is the end point problem, that doesn't make the other two less problematic.
Being devious to fool people into putting something onto their computer, that you get paid to put there is as big of an issue as the toolbar itself.
When installing the current update to Nero 6, it is very clear in a separate step that you are about to install the Ask toolbar.
There is no blurring the line where one product ends and another begins.
@drewcat:
"You are assuming people assume. We are talking about a specific subject. And that subject is not the variety of boxes or primary versus secondary installs."
people *are* assuming... there is no other reasonable explanation for complaining about pre-checked boxes in an *unqualified* manner except the assumption that pre-checked boxes are used for only one thing... that assumption is false, as i've explained *and given examples of* multiple times...
"You say it yourself, the pre-checked box causes the toolbar. How is complaining about the problem without mentioning the cause useful? Especially if the cause is designed specifically to land you with the problem."
the pre-checked box most certainly does *not* _cause_ the toolbar... as such, by complaining about the pre-checked box you are *not* complaining about the cause of the problem...
"Are you implying we shouldn't mention the pre-checked manipulation box which you yourself say is the "mechanism" because there are other kinds of pre-checked boxes out there?"
as i've already stated in my previous response *to you*, pre-checked boxes are also used for primary installs - not as a form of manipulation but simply to represent the default install options... also, the pre-checked box isn't *the* mechanism, it's *a* mechanism... people designing installs could use anything - a toggle button, a pair of yes/no buttons with a carefully worded message that makes people think they have to click yes to get any part of the install to work, etc...
"Being devious to fool people into putting something onto their computer, that you get paid to put there is as big of an issue as the toolbar itself."
fine, but a pre-checked box by itself isn't devious... it isn't even the lie that's being told to users, it's more like one of the words in the lie... if i say i'm the next king of england, it's certainly a lie but which of those words is 'bad'?
enabling the secondary install by default was bad, but no single part of how they did it was bad...
@drewcat:
"Are you implying we shouldn't mention the pre-checked manipulation box which you yourself say is the "mechanism" because there are other kinds of pre-checked boxes out there?"
my mistake, sorry, i misread this the first time round...
no, there's no problem *mentioning* the pre-checked box, the problem is complaining about the pre-checked box or using it as an identifying mark for bad/misleading installs... people here were making a big deal out of pre-checked boxes themselves, as though they were bad or as though you could use their presence to infer something bad is going on...
I think the issue with the pre-checked box in this case has more to do with the user not really knowing what is being installed.
The description simply implies it is a toolbar that will protect you from malicious sites and it is recommended to use.
This would cause the average user to leave it checked.
Little do they know till AFTER the install that there is ASK.com stuff.
And only AFTER the install are users presented with the EULA for the toolbar and Privacy agreement URL.
Installers for other programs (like Windows Live Messenger) for example also have pre-checked toolbars (Live toolbar, Live search, etc in this case) But -- these installers also include the "Terms of Service" and "Privacy agreement" links included right on the installer screen so users can click those links and read those articles before contuing install and therefore make a better informed decision.
Acrobat Reader also includes pre-checked toolbar (Google) but again -- the Privacy agreement and Terms of Service links are available & clickable so those who are so inclined to read these articles can.
Wether or not users do this or not is an entirely different matter -- but the options are there.
Those that are inclined to read these things do have access to before the actual install takes place.
It is only once PAST the initial ZA install and leaving the Toolbar checked (because it looks like something we really need) do you see the Terms of Service link.
That is what my main complaint is about.
Include the TOS & Privacy URLs for users beside the toolbar option (most would preferr it unchecked -- but whatever)
Then the end user can see what that toolbar includes and make a better informed decision.
If they don't read it -- their issue but the options should at least be available BEFORE it is installed.
Regards,
Blender
BTW -- Happy New Year everyone.
Best wishes for 2008!
"it isn't even the lie that's being told to users, it's more like one of the words in the lie"
ok lol
Look, its a very simple concept
They pre-check them for a reason. If the boxes are such a small "part of the lie" why aren't they left unchecked? Seems to me you could get people to check them themselves if the bigger "part of the lie" was elsewhere.
The prechecked box and the wording next to it is in fact the biggest part of the lie. Or as I prefer to call it, manipulation.
"... people here were making a big deal out of pre-checked boxes themselves, as though they were bad or as though you could use their presence to infer something bad is going on..."
They are and you can.
Where are your exact examples of angelic pre-checked boxes? And what does that have to do with this conversation anyways?
"but a pre-checked box by itself isn't devious"
Look up the definition of devious.
When we accept pre-checked boxes for offered programs just because there is a EULA right there, what we are saying is, people are intelligent enough to read a EULA but not intelligent enough to click a box to get the offered program. That makes no sense to me.
Then it becomes a win win for companies seeking approval because they can pre-check the box (which gives them what they want) and stick a EULA next to it (which shuts some folks up) A EULA mind you that is typically not easy to read or straightforward. It is basically rearranging the lie.
Theres only ONE reason those boxes are pre-checked. We should at least be intelligent enough to understand that. Although the companies are banking on the fact that we aren't.
Bottom line - pre-checked boxes for offered programs take advantage of people for the purpose of padding the companies wallets. Is that something you support or not? Is that something you are willing to bargain with for better EULA access? Does better EULA access really mean anything in the outcome? Are people not capable of checking their own box?
Yea this is about all I have to say about it. I am 100% against pre checked boxes for offered programs within a download.
@drewcat:
"They pre-check them for a reason. If the boxes are such a small "part of the lie" why aren't they left unchecked?"
with the 'single word in a lie' analogy it becomes quite clear - changing a single word can change the entire meaning... 'i am the next king of england' vs. 'i am the next critic of england'...
"Seems to me you could get people to check them themselves if the bigger "part of the lie" was elsewhere."
in fact you could... you could have a message that made checking the box seem like agreeing to an EULA...
""... people here were making a big deal out of pre-checked boxes themselves, as though they were bad or as though you could use their presence to infer something bad is going on..."
They are and you can."
no you can't...
"Where are your exact examples of angelic pre-checked boxes?"
i have already provided ample examples...
"And what does that have to do with this conversation anyways?"
according to you just now, the presence of a pre-checked box is supposed to be enough to say something bad is going on... i say this is trivially false and anyone can verify that pre-checked boxes are present even in installs where there is no secondary install and/or no deception (and i've provided examples)...
what this has to do with this conversation is that the initial actionable advice that people could have taken away from this comment thread (considering all pre-checked boxes as an indicator of bad things) is a knee-jerk reaction and poorly conceived...
It's really sneaky, I just updated zonealarm, and as it was just an update, which i've done many times before, I didn't check.
The's really quite nasty, playing on the consumers trust.
I ended up with some new version of zonealarm, which I don't want and this shady looking toolbar.
Just your average simi-informed pc user here.
My download took forever, but at least I thought the install would be easy. No luck, as the first screen stopped me dead. Sigh. What IS that program in the checked box? I had to spend a lot of my time researching about something I never asked for. I see now that I do not need it, so I do not need to do even more research to see it it would have nterfered with my resident anti-malware program.
I see Kirk complaining over word choice, and not budging a millimeter over anything. I'm new here. Is he an Zone Alarm employee?
If so, then I suspect that no matter how many people complain, or point out legitimate concerns, or how much the users say they do not WANT or NEED a practice of Zone Alarm to continue, it will not matter.
ZA is a good product, but let's hope they do not look only at short term profits, rather than long term customer satisfaction.
Commenting by HaloScan
