Matousec new results

Discussion in 'other firewalls' started by MeFer, Feb 16, 2009.

Thread Status:
Not open for further replies.
  1. 3xist

    3xist Guest

    Soon... The Toolbar in Comodo Internet Security will be replaced by something else, So yes It's being adopted - But even now, The Toolbar does NOT execute any malicious or illegal activity, and you have the choice to not install it anyway (See Kevin's Analysis I posted before)... But the replacement that is taking place is very good, Key word "Social authentication".

    That's the latest news for now...

    Cheers,
    Josh
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Get with it vendors, GOOGLE is your best bet in offering a search toolbar. IMHO all others pail and fall woefully short as well as attract unwanted suspicions.

    Google is the LEADER, so they should solicit them, but they likely already did and got refused. :D
     
  3. Iam_me

    Iam_me Registered Member

    Joined:
    Feb 6, 2009
    Posts:
    89
    Simply click no to the tool bar..
    Hurray! o_O o_O

    Its easy to uninstall and its easy not to install..
     
  4. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I might be wrong, but if I well remember, COMODO BOClean used to flag it. Not anymore since the deal between COMODO and Ask.com.


    I know I read it somewhere. Perhaps, some security forum. I'll check it out. But, I'm pretty sure.



    Regards
     
  5. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,841
    Location:
    KEEP USA GREAT
    3xist, you can paint a barn any color..its still a barn
    good choice in words though

    here is a little reading on toolbars and how folks look at the whole idea
    http://msmvps.com/blogs/donna/archi...is-symantec-partner-with-ask-com.aspx#1671629
    http://www.calendarofupdates.com/updates/index.php?showtopic=16253&st=0&gopid=74562&#entry74562
     
  6. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    Don't think we ever did get an answer back on what Comodo (and others) had to report back to Ask to get paid, although Fuzzfas posed the question pretty clearly. The companies, like Comodo, have a whole lot of information about you available, keyed by IP address-including email address and browsing habits if you use the forums. Just a byproduct of using somthing like the SMF bulletin board. And the Ask usage is another thing that probably goes in it so it can be reported to them. Other demographics may be used to help a company with marketing and product decisions, but hopefully aren't reported outside. So what data does a client need to collect and report to Ask to get paid?
     
  7. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,658
    Location:
    Sydney, Australia
    As the leader, Google probably does not *need* as many companies to distribute it's bar. As someone who is not the leader, Ask.com need to partner with people to generate customers.

    It's like Symantec - they are big enough and ugly enough so that if some small program like OA is incompatible, they just put it on a list. Sorry, doesn't work. Smaller companies like OA and Admucnher, for example when we found out we were incompatible rushed around to fix it.... (and then, though the pleasure of being local , went out a few times for beers!) We can't afford to have issues that may prevent people from using our stuff.


    Quite honestly, I don't think this would ever happen. Here's why: Ask.com need to have a clean reputation. People don't really like toolbars, so if they do *anything* dangerous, they risk their brand, they risk their name, and they risk being blacklisted by everyone.

    One thing that Tall Emu does is Search Engine Optimization and Search Engine Marketing

    So - this is a space that we're quite familiar with. Our Marketing Director(Hi David!) does work for all sorts of companies helping them to use Google to market their business.

    Let's look at the economics of it.

    To advertise in Google, you bid for a keyword. Keywords like "Antispyware" can bid for many dollars per click. Keywords for Asbestos related diseases (purchased by lawyers) can go for *ridiculously* high prices, because if a lawyer gets a case - its worth a fortune.

    Think about your own business. How much would you pay me to deliver you a customer? If you're selling a $39.95 firewall, you may pay me $5.00. If you're selling Jet Airliners, you may be prepared to pay me several million.

    Google works the same way, so does Yahoo and so does Ask.com.

    What does this mean?

    For every click on an advertisement, the search engine company makes money - it can be 20c, or it can be hundreds of dollars. One of our clients (no names) is spending a few thousand dollars per month - and depedning on search term, they are paying between $2 and $7 per click in a pretty competitive industry.

    Roll that around in your head a while - $7 per click. $2 per click. If they can get you using their search engine, and you click on one $2 advertisement per day, you're worth $700+ of gross revenue to them. If you're the sort that clicks on $7 adverts - well, you do the math...

    My point is - what they want is for you to use the search engine. It's worth money to them if you do. If I were in their place there is no way I would risk so much possible revenue by trying to do a bit of extra sneaky datamining with a company like Comodo. Why would they do it ? It doesn't make commercial sense.

    All they want is when you do a search for Mesothelioma that you use their engine so that they can extract hundreds of dollars from lawyers.

    Of course, with big money involved there will always be temptation - but assuming money is the motivator, they'd be silly to do anything to screw that up, lose their reputation and get listed as a spyware vendor.
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Mike,

    Well said: money counts, conspiracy theories are nice to discuss over a beer.

    Look at the fortune top 500 companies, big brands and how they often also score the highest on reputation lists. You will also find that the brand value of Fortune 500 companies is worth over 30% of the total assets on the balance sheet.

    Brand value is derived with the following formula: (the number of shares of a company sold multiplied by the current stock value) minus the value of their assets = brand surplus (meaning you pay only for the good name). When you devide this surplus by the annual profit, you will get the brand leverage factor. This multiplication factor is often discussed and mentioned by stock analists.

    Just try a few maths for yourself and you will be convinced that only a lunatic would risk to damage a comapny's (good) name.

    Regards Kees
     
    Last edited: Feb 21, 2009
  9. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    You are not wrong.
    I have read the same.
     
  10. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I don't blame ASK.COM or any other truly reputable Search Engine Bar for trying to build a concensus by soliciting security programs or maybe vice-vera? But isn't it a little late now that Google has the corner for all purposes when it comes to toolbars? That leaves little room for others even if they do get in and begin to draw some attention. But as the saying goes, better late then never, but why wait all this time?

    I agree with you MikeNash and you make a very valid case for them, but user's are still skeptical when it comes to toolbars, even Google in some respects, but just maybe that trend is coming of age now.

    EASTER
     
  11. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,658
    Location:
    Sydney, Australia
    I remember when google launched, and it was like "huh, why would I use anything other than Altavista". Or, when we launched OA - Symantec had the market pretty much cornered :) Nothing ventured....

    Users have a right to be skeptical. Toolbars have been abused. Pretty much every part of the computing experience has been abused.
     
  12. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Easter, give them a brake. They started later compared to google. Then they had to raise money cooperating with adware and spyware companies (Zango says hello), in order to be now "reputable". This took some time. So, now that they made the required cash, they decided to take on google.

    Post no. 51 is interesting.

    http://www.calendarofupdates.com/updates/index.php?showtopic=16253&st=50
     
  13. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    The toolbar end of the business has been pretty well discussed here and elsewhere. Question was just on how the accounting was done if someone is paying you $1/installation for placing the toolbar with your users as was reported in the Norton thread. Report how many installed for some minimum period over the billing period or something similar, or o_O Determined how? Or is it done completely differently? Not dangerous or conspiracy, just business. With opt-outs and removals allowed, sounds like a little more work to track activations and de-activations.
     
    Last edited: Feb 21, 2009
  14. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,658
    Location:
    Sydney, Australia
    Well..

    If *I* were doing this, what I would do is this:

    1. On install of a toolbar, take some sort of unique PC Hash.

    2. When a search request is sent, add a header to the HTTP request containing it.

    From here, it's a simple matter to see what traffic comes from what bar, who installed the bar (could be part of the hash or another header, or something) - and then apply my policies. Private, non identifiable - and traceable for revenue.
     
  15. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    If it is tied to searches instead of installs, seems like a very simple way to do it. Could well be the Norton thread is completely mistaken about revenue per install, and thought Comodo might explain or correct it, since they also have a deal with Ask. Or even someone who has turned down a deal with Ask. o_O but really just a curiousity on how it all works.
     
  16. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,658
    Location:
    Sydney, Australia
    If you gather a unique ID per toolbar, then you implicitly know that it has been installed after you receive it's first search request :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.