Google, Bing: time to junk these parasitic download sites

“Users of today’s PCs live on a precipice. One false click and the adware and malware invades,” I remarked in a recent comment on Microsoft’s Surface Pro 3 launch.

The remark was prompted by a recent call from a friend. His PC was playing up. He was getting all sort of security warnings and being prompted to download more and more apps supposedly to fix problems. It all started, he said, when he went to Google to install iTunes.

After the clean-up, I wondered what had happened. I went to Google and typed in iTunes.

image

The top hit is Apple, which perhaps to prevent this kind of problem has actually paid for an ad on its own brand name. However my friend, understandably, went for the link that said iTunes Free Download (actually I am not sure if this was the exact link he clicked, but it was one like it).

Note how the ads are distinguished from the organic hits only by a small yellow indicator.

Microsoft’s Bing, incidentally, is even worse; I presume because Apple has not paid for an ad:

image

Using a secure virtual machine, I investigated what happens if you click one of these links (I advise you NOT to try this on your normal PC). I clicked the Google one, which took me to SOFTNOW.

image

I hit the big Download button.

image

It is downloading a setup from drive-files-b.com which claims to be iTunes, but it is not, as we will see.

The file passes Microsoft’s security scan and runs. The setup is signed by Perion Network Ltd.

image

Now here comes iTunes – or does it?

image

I clicked to see the Terms of Service. These are from Perion, not Apple, and explain that I am going to get an alternative search service for my browser plus other utilities, on an opt-out basis.

image

However I doubt my friend clicked to see these. Probably he hit Next.

image

Apparently I have “elected to download Search Protect”. There are more terms to agree. The Skip and Skip All buttons are in grey; in fact, the Skip button looks disabled though perhaps it is not.

image

Now here comes a thing called Wajam which is going to recommend stuff to me.

image

And another horror called WebSteroids with more terms of use:

image

I am going to get “display ads (banner ads), text ads, in-text ads, interstitial ads, pop up ads, pop under ads, or other types of ads. Users may see additional ads when using their internet browser or other software”.

Thanks.

Now “iTunes” seems to be downloading.

image

Once it downloads, I get an Install Now button. Apparently all those Next buttons I clicked did not install iTunes after all.

image

This last button, of course, downloads the real setup from Apple and runs it. Unfortunately it is the wrong version.

image

Who is to blame for all this? Well, the warning signs may be obvious to those of us in the trade, but frankly it is not that unreasonable to go to your trusted search engine, type in iTunes, and click the download link.

The blame is with Google (and Bing) for taking money from these advertisers whose aim is to get to you download their intrusive ad-laden extras.

Apple iTunes is free software and you can get it from Apple here.

Note that Google is experimenting with removing the address bar altogether, so you can only navigate the web by searching Google (which is what people do anyway). This would make users even more dependent on the search providers to do the right thing, which as you can see from the above, is not something you can count on.

4 thoughts on “Google, Bing: time to junk these parasitic download sites”

  1. “Who is to blame for all this? Well, the warning signs may be obvious to those of us in the trade”

    How come NO ONE EVER asks these guys about this practice? Both have been doing it for years, Cisco has no problem with it, Google is the grand-daddy of them all with Chrome downloads that people receive without really knowing what just happened.

    Posts like these are LOOOOONG over due, and need to be repeated once a month until we get an answer from the mouths of these companies.

    Your in a much better position to get an answer out of these guys than us Tim, why not ask both companies and report back to us? That would be very informative.

    Sad that the net is so full of tech blogging and so little tech reporting, and investigative journalism.

  2. They are thinking of removing the address bar? Really? That is like the primary way to spot if you have accidentally ended up on a dodgy site like this.

    I suspect even us technically minded users will end up being caught out if we get into the habit of NOT checking the URL, which is likely to happen if the address bar is hidden.

    Although obviously not this particular scam, its pretty obvious from the start because they were careful to keep things legal and not spoof the real site appearance.

  3. Good investigative work Tim.

    “The blame is with Google (and Bing) for taking money from these advertisers”

    It’s going to be hard to persuade Google and Bing to change, since this may be a significant money spinner for them.

    There are parallels with the Microsoft OEMs putting crapware on their Windows machines. Yes, it causes problems for customers, but it makes money for them, so they keep doing it.

    Maybe Google could offer a paid search service that had better filtering, similar to the “Microsoft signature” PCs that leave out the crapware. Those Google server farms and network bandwidth have to be paid for by someone.

    As you know, we users getting a “free” web-search-service are not Google’s customers. Their customers, who pay the bills, are the advertisers, including some dodgy ones.

    Vic

  4. Yep as long as people are paying to put those ads there you can bet M$ and Google will do little to stop it. Google rewards relevance in its ads and the ad in question is highly relevant to the search term. Then the advertiser simply makes the landing page relevant to the ad and boom, away you go!

Comments are closed.