180solutions, the controversial adware marketer admitted last week that it was initially unable to identify the rogue affiliate that was installing its Zango software illegally, and in fact found a pair of sites adding Zango to PCs without users' consent.
"As it turns out, we didn't get Mr. Edelman's guy on Monday. The guy we got on Monday, 'Sniper84,' was also installing our software in the same unauthorized manner," wrote Ken Smith, co-founder and chief technology officer of Bellevue, Wash.-based 180.
A week-and-a-half ago, Harvard anti-spyware Ben Edelman posted information on his Web site that showed unauthorized downloads of Zango, something 180solutions had promised would be much more difficult after it required affiliates to use its S3 (Safe and Secure Search) technology. Edelman, who said he had found more than 40 instances of illegal downloads by 180solutions partners over the past two years, did not identify the rogue affiliate.
"I have concluded that 180's business model is fundamentally broken -- that 180 cannot implement technology or enforcement to assure the proper installation of its software," Edelman said then. "Accordingly, just as CDT [Center for Democracy & Technology] terminated its discussions with 180, I have resolved not to tell 180solutions which specific distributor was responsible for this installation."
"At the time, we believed this [Sniper84] was the same individual Ben Edelman had (cryptically) described," said Smith. In fact, the rogue Edelman found, dubbed "csk2000" by 180, was not shut down until the next day, Tuesday Feb. 21.
Both were identified during the course of its investigation into Edelman's charges; ads will not be posted on machines hacked by either Sniper84 or csk2000.
Like a company spokesman last week, Smith also blamed the breakdown on his company's detection and reporting mechanisms, not the S3 technology. "Our software was certainly hacked, [buy] no amount of software development will ever make any software completely bulletproof," said Smith.
"In the end, the mechanisms we have in place were able to help us find the bad guys. But, in our opinion, that process took too long, and for that we apologize."
Edelman took exception to Smith's description of 180's software. "I agree [that no software is hack-proof," said Edelman. But 180 has previously made public statements indicating that its software is not susceptible to those who want to install without consent. Recall 180's S3 whitepaper, explicitly stating '[I]nstallation cannot continue until the user gives consent' and 'Publishers are unable to turn [the consent screen] off.
"180 promised that installation 'cannot' proceed without consent. But now 180 tries to back peddle and to weaken its unambiguous statement. The better approach would be to admit that 180's prior promises went too far, and that 180's software cannot actually deliver the benefits 180 previously described."
Smith, in turn took a shot at Edelman, claiming that "thousands of unsuspecting consumers received our software without the opportunity to properly consent to its installation."
That's just what Edelman, and other anti-spyware critics, have long accused 180 of doing. Late last month, for instance, the CDT petitioned the Federal Trade Commission to shut down 180solutions.
"180solutisons said they've cleaned up," said Ari Schwartz, the deputy director of the CDT, then. "But CDT finds this to be deceptive. We want to give fair notice to companies thinking about advertising with 180solutions that they keep this in mind."
That's exactly what seems to have happened. Monday, Azoogle, one of the largest third-party online ad networks, said that it would terminate its relationship with 180solutions as of Friday, March 3, and would no longer place ads through 180's downloaded software.