Sunbelt Software and Facetime say that Ask Jeeves doesn't adequately inform users that the browser plug-ins are being installed.
Ask Jeeves Inc.'s web browser plug-in programs have been flagged by at least two anti-spyware vendors that claim third-party companies distributing the search engine's applications fail to adequately notify computer owners before installing the software.
The issue isn't whether Ask Jeeves's software damages a person's computer or is trying to capture personal information. Sunbelt Software Inc. and Facetime Inc. say there is nothing malacious about the programs.
Rather, the vendors object to Ask Jeeves partners installing the software without telling the computer user upfront, as opposed to burying the fact in a disclosure document.
"It's more the fact that grandma has a machine cluttered up with a lot of stuff, and she doesn't know how it got there. Or, an enterprise has (software) in its machines that are not part of the software package they want in the computer," Alex Eckelberry, president of Sunbelt, said. "It's a very simple thing (to notify computer users). Ask Jeeves needs to do some work on their distribution channel, so people are provided with adequate notice and disclosure."
Ask Jeeves, based in Oakland, Calif., said in a statement that the company has established guidelines that all its distribution partners must follow.
"Any company that is determined to have violated Ask Jeeves’ guidelines, including spyware practices, unauthorized distribution of our products, or inadequate disclosures to end users of downloadable software applications, will be brought into compliance or terminated as an Ask Jeeves distribution partner," said Kirk Lawrence, director of Internet security and privacy for Ask Jeeves, which is owned by e-commerce company IAC/InterActiveCorp.
The security industry has not agreed on a definition of spyware, so vendors have created their own, which can vary widely, Natalie Lambert, analyst for Forrester Research, said. Some vendors treat any application installed without clearly notifying computer users as a threat, while others look at the software itself, listing only those malicious applications as spyware.
Nevertheless, Lambert supports the broader definition.
"I'm of the opinion that users should know what's going into their computers," Lambert said. "There should be no hidden software installed."
As to why Ask Jeeves woud find itself in the current pickle, given the innocuousness of its software, Lambert said, "The fact that (the programs) would be hidden in the first place perplexes me."
The Ask Jeeves applications flagged by Sunbelt's anti-spyware program are the Ask Jeeves Bar, the Excite Speedbar, iWon Co-Pilot, My Global Search, My Search Bar, My Speedbar, My Web Search Toolbar and the Need2Find Toolbar. The toolbars are distributed through a variety of web sites, including Ask Jeeves's own properties, and are called potentially unwanted software, not spyware. The programs are listed as low risks.
"We're not in the business of going after Ask Jeeves," Eckelberry said. "Ask Jeeves is not in the category of dangerous spyware programs -- absolutely not."
Instead, Sunbelt objects to distributors such as Bit Wise Publishing LLC, which has been seen installing My Global Search through its Bald Eagle Screensaver, even when the computer user cancels the installation, Eckelberry said.
"Ask Jeeves can chose its partnerships, and the economic model they have in place (for distributing software)," Eckelberry said.
Other anti-spyware vendors that flag at least one of the Ask Jeeves programs include McAfee, Computer Associates, Spybot, Tenebril and Trend Micro, Eckelberry said.
Anti-spyware vendors, academics and consumer advocates have been working on a spyware definition in a group called the Anti-Spyware Coalition, but the work has been difficult, because vendors are reluctant to change their own definitions, Lambert said.
"It's going to take awhile to get all the vendors on the same page," she said.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.