The "badware" problem—the plague of viruses, Trojan horses, worms, spyware, adware, and similar applications that hurt business and consumers alike—has become so pervasive that three major technology companies, two universities, and a consumer's watchdog group have banded together in an attempt to deter these malicious software programs. In January, Harvard University's Berkman Center and the Oxford Internet Institute launched the Stop Badware Coalition, which seeks to inform Internet users about companies that use deceptive practice to trick Internet users into putting spyware, adware, or other deceptive software on their computers. "We recognize the wave of bad things coming across the Internet and want to do our part to push back," says Clain Anderson, director of the ThinkVantage suite of features for Leonovo Group. Leonovo is one of three technology companies supporting the project through monetary funding and ad hoc commitments of technicians to identify and provide remedies for badware, often called malware, through the coalition's Web site, StopBadware.org. Google, Inc. and Sun Microsystems, Inc. are also supporting the coalition.
The coalition's Web site solicits reports of malicious software from Web users and, in return, provides users with information about companies and offers that attempt to place badware on computers. The offending companies seek access to consumers' computers via emails, advertisements, or other misleading materials that present themselves as legitimate offers or services but instead are fronts for badware, which slow down or otherwise damage PCs and laptops. Offending companies make millions in profits in the process, according to StopBadware.org. Examples include many emails and pop-up ads that offer free products or services or that instruct the user to click on a link to scan for spyware, then load spyware, adware, or other badware on the unsuspecting user's computer. "There's been a huge explosion of the badware," Anderson says. "If an offer looks too good to be true, then it probably is."
Beyond just being misleading offers of something free or sharply discounted, or providing "unbelievable" benefits from a business opportunity, these emails and ads end up costing consumers money. One in six respondents to a survey by Consumer Reports complained they had been victims of badware in 2003-04, spending $250, on average, to repair computer damage, or around $3.5 billion in total.
"These are the companies that operate in the shadows," says Beau Brendler, director of Consumer Reports WebWatch (a project of Consumers Union, the nonprofit publisher of Consumer Reports magazine), which seeks to improve the credibility of content on the World Wide Web. "Some of these companies are trying to come forward and have initial public offerings. We believe that we need to help the average person recognize badware." Consumer WebWatch is working with the coalition in an advisory capacity.
Brendler adds that there is legislation in some state legislatures seeking to thwart badware as well. However, some companies guilty of these practices are domiciled offshore and, therefore, are out of the reach of the state and even the federal government. However, consumer notification via the StopBadware site can help consumers protect themselves before accessing badware. The site enables Internet users to check to see if programs they want to download from the Web are infected with badware.
Part of the problem, Brendler adds, is the distinction between spyware, adware, viruses, and other badware. Even when a consumer takes some steps like using an anti-virus program, he may not know he needs another program to help protect against adware.
The consumer is not at fault when unknowingly accessing badware, Brendler adds. "There's a tremendous amount a non-techie has to learn," he says. "We have to help the average person learn more about badware."