Junkware ads on noscript.net

[SpliFF]

Seriously, what are you thinking? Advertising an obvious spyware/junkware product (speed up your computer / free scan) all over noscript.net!

What kind of message are you trying to send? That blocking untrusted javascript is essential to security but INSTALLING known spyware junk is "recommended"?

You can't seriously expect us to believe that with all the hits you get you can't find a more appropriate advertiser? Are you just greedy or what? You have no idea how much trust and respect you've lost!

Stupidity! Utter stupidity!

edit: Probably not spyware or malicious. Probably not useful either.

[Giorgio Maone]

Could you please explain by which standards, exactly, do those Uniblue products qualify as "spyware"?

[SpliFF]

The spyware remark was an assumption based on the historical truth that "free scans" always turn out to be either:

a.) bait and switch. The 'free' scan is really free, but it always tells you there's a "serious problem" that requires "product X" to fix.
b.) spyware / malware / junkware. "product X" or the "free scanner download" turns out to be be completely useless or downright hostile.

As computer tech and ISP tech guy I've reformatted or cleaned computers from several users taken in by these tricks and heard of many more. If Uniblue really are legit then fine but at the very least I'd guess they fall into both categories. Scaremongering followed by an expensive software purchase that makes your computer no faster or safer than it was when you started.

I'm not stupid enough to install it but Google returns 20,300 results for "uniblue scam" and this site, among others, seems to agree:

http://www.techjaws.com/uniblue-offerin ... -software/

I see comments like:

"I Bought Uniblue Speed Up My PC on 6-4-2009. It did nothing useful at all. I Requested a refund the day I bought it. There is allegedly a 30 money-back guarantee. I RECEIVED NO RESPONSE TO MANY REQUESTS FOR A REFUND over the next few months. This company is obviously not actually certified by Microsoft, as they claim to be. My order number for the purchase is: 6101760. "

... and ...

"Uniblue is a total waste of money and time. I have installed on both of my computers and noticed no appreciable difference in processing. They start with a $30 offer then upsell from there. Their freeware always identifies "very serious" problems with your system then offer a fix for $xx, that software identifies more problems they can fix for $xx, upgrade again for $xx, etc. I am done with them. Like the free samples you get for just giving your credit card to cover $x shipping and handling without you knowing just signed up for a fixed monthly shipment you can cancel providing xx days notice. In my humble opinion, this is a total scam. "

So spyware? perhaps not... but trustworthy? not very likely in my opinion. You want to endorse them to cover costs that's your business; I'm just saying it looks like you're putting your reputation on the line by doing so - which is a real shame because your extension is supposed to be about managing trust.

[Giorgio Maone]

The spyware remark was an assumption
[...]
I'm not stupid enough to install it

I did (on a virtual machine) before linking those products, in order to verify there was no malicious behavior and they worked as advertised.
I would have appreciated you to do at least this as well, before coming here and opening an insulting thread.

So spyware? perhaps not... but trustworthy? not very likely in my opinion. You want to endorse them to cover costs that's your business; I'm just saying it looks like you're putting your reputation on the line by doing so - which is a real shame because your extension is supposed to be about managing trust.

In fact, I personally verified that the very kind of allegations you reported (not first hand, even) are either overstated, wrong or even malicious (did you ever heard of slander as a mean of unfair competition?)

I see comments like:

"I Bought Uniblue Speed Up My PC on 6-4-2009. It did nothing useful at all. I Requested a refund the day I bought it. There is allegedly a 30 money-back guarantee. I RECEIVED NO RESPONSE TO MANY REQUESTS FOR A REFUND over the next few months. This company is obviously not actually certified by Microsoft, as they claim to be. My order number for the purchase is: 6101760. "

I had chances to see their refund policy at work twice (by following up users of mine who contacted me about Driver Scanner not suiting their needs), and both customers had their money back with no sweat.
Now, I can give this comment the benefit of doubt (and after all, is my and Uniblue's word against his), but the "This company is obviously not certified by Microsoft, as they claim to be" statement is really easy to disprove:
https://solutionfinder.microsoft.com/Pa ... 905162ca2e

The other "example" is so much generic and off base that it doesn't deserve any commentary

[SpliFF]

All fair points (except that one about "personally verifying all the complaints" which I find pretty dubious).

You can knock the quality of the complaints, but what struck me was the sheer quantity across so may many sites. If it's a smear campaign, it's a good one. You're right that nobody is calling it spyware, I should have said junkware. There is no evidence it phones home or deliberately destroys your computer but on the other hand there's little evidence it performs a necessary function or that the "very serious" threats it identifies are anything of the sort.

My personal experience with registry cleaners from ashampoo, lavasoft and mcafee was that once you get past the obvious stuff like orphaned files your risk level of deleting keys grows disproportionate to your benefits. The irony is probably that the customers who spend the most money upgrading to pro versions are ripping out more and more keys and increasing their risk further. This applies to any registry cleaner, free or not, simply because what's junk on one PC may be essential on another and the same users who buy these products are the least qualified to know the difference. No product is going to get it right 100% of the time so users are risking far more than the price of the product (the cost of rebuilding a PC).

The "registry cleaner" industry as a whole sells a particularly insidious brand of snake oil. On one hand they can point to actual speed-ups (typically measured as a couple of seconds less boot time) but on the other hand applications that actually need the speed (like games or image processing) aren't reading the registry constantly and therefore cannot benefit except on startup. In return for this questionable benefit you run a significant risk of borking your whole computer. When that happens the vendors point to the user saying "they didn't know what they were doing" - which is ironic because that's probably why they bought it in the first place.

Here's another thing. Even if the program were perfect and all the thousands of complaints are wrong - the fact remains its reputation is crap and it's part of an industry with a long history of outright fraud - and you're tying it to your own reputation. I'm not saying ads are bad, I'm just saying you could have chosen your ads more wisely. Reputation is all about association and endorsing useless and deceptive junk is a poor reflection on your own product (which I happen to really like).

[GµårÐïåñ]

I am neither supporting nor vilifying the products in question, I have personally used some parts of their older tools and don't go for their newer ones, but that is a personal choice. But, as a professional and a Microsoft Platinum Partner, I can tell you a few things that you might have considered if you were truly professional and did not have a presumptive bias which is clear.

1) There are an infinite number of products (not just software) that are all over the world. Does it mean they are legit? What constitutes legit, tv ad, news endorsement? personal testimony? I would argue, none of that. What is truly of any value is individual and personal experience and belief. This brings me to my next point.

2) In majority of cases of complaints online, including such sites as ripoffreport and so on, there is a bandwagon effect. You have a slight bit of buyers remorse and you jump on the experience of some who might very well be legitimate, but most often if you dig hard enough just exaggerated, to try and "get back at them" or "get your pound of flesh" we have seen it so much in history its now just a joke.

Finally, just because A LOT of people say something is bad, doesn't mean its so, they could just be more organized on the troll/negative side than the satisfied users. Plus, you and I both know, if you truly support ISP services, that only those who have a problem usually bitch, the ones who are happy almost never say a word about it. So its easy to think, that just because all the chatter is negative, it must be a fact. That is inductive reasoning and completely laughs at the face of common sense.

If you had a legitimate concern as a user who experienced what you preached, then I could take what you say more seriously and give it more credence. But when you start the whole thread as a glorified hate speak and insult and derogatory allegations towards a well respected and well established man of integrity, then you better have more than internet search results, assumptions and half ass understanding of things. Any troll, idiot and ignorant moron can say things on the web, your original post being a good example, doesn't make it true or frankly credible. You bring me, an intrusion and security expert, proof that says, look, it did this on my system, or in my test case, I will go to the ends of the earth to expose it if true, but when you come to me with insults and hearsay and FUD, then its just noise. IF, a big IF, there was any credible concern you could have brought, goes down in flames with the crap you topped it with.

Also consider, that open source projects get attacked by organized propriety organizations on the grounds of their contributors, lack of consistency and too many cooks in the kitchen scare tactic so they can leverage that fear of the unknown towards their own product. Unfortunately, as much as I like to think of my fellow open source developers as having integrity and not sinking down to their level, I have seen them do the same thing to attack the credibility of an organized software in the same manner using fear of non-disclosure of the source or conspiracy theories to swing the vote their way. I don't condone either, I believe that progress comes through TRUE competition and sincere, ethical behavior, may the better solution win, may the people choose what they find works for them, quite a bit of room and choice out there, there is no shortage for anyone. If not, then everyone would be using windows, or everyone would be using linux, or heaven forbid everyone would use a mac. Not the case is it? Why? Free will and individual choice. End of my two cents.

[Tom T.]

Since my good friend GµårÐïåñ has re-opened this thread, I'll add my own zero cents' worth. (Double your money back if you don't like my opinion. )

Per Firefox Add-ons, NoScript currently has about 2 million+ unique users, and FlashGot, almost 2.5 million unique users. (Undoubtedly with substantial overlap between the two subsets.) If each user donated ONE dollar, pound, or euro, then clearly Giorgio Maone could continue to support and enhance these wonderful products without any advertising at all -- which renders this entire discussion moot.

A product like NoScript could surely sell for at least USD $50 -- about £32 or €39. Yes, the economy is bad in much of the world, but ONE unit donation? Who cannot do that? Those who are more affluent could donate what they think the product is worth. To me, it's priceless.

Free trials are fine, even if for many months. But once you know you're staying with it....
And then there would be no need for advertising, and no concerns about any particular advertiser.

Thank you for reading my opinion. [/soapbox]

[UnixRonin]

I haven't analyzed Uniblue to see whether it is spyware, malware, or whatever. But the user license says they may include unspecified "third party" software, and by agreeing to install Uniblue you're agreeing to installation of the bundled third party software as well, and they take no responsibility for the third party software. So they could include junkware or malware at any time, and by the terms of their license, tough noogies, you agreed to it and agreed they're not responsible.

So I for one won't install it.

I'll repeat what other people have said: You want support? Ask a donation. NoScript is totally worth it. But don't sell third parties access to your userbase. That's just not cool.

[Tom T.]

....I'll repeat what other people have said: You want support? Ask a donation. NoScript is totally worth it. But don't sell third parties access to your userbase. That's just not cool.

Actually, a donation *has* been suggested/requested when you d/l NoScript from Firefox Add-ons for a good while now. And there is a "Donate" button on the bottom left of the NS GUI.

And some people screamed that either or both of those were horrible greed, etc., etc.
As compared to *true* nagware, which pops up a splash screen every time you start it, and won't go away until you click it away -- often with some built-in time delay. NS has never done that.

Some even complained about being taken to the "Latest Changes" page when NS updates, something that many users are interested in. "What's new in this update? Why was it released?" Yet others complained about it, even to the point of accusing Giorgio of releasing "too many", or "needless" updates (yeah, he has nothing better to do with his time), merely to increase the ad display count. So a config was added to disable showing the release notes on updates.

This is for utter freeware.

I also set up a U.S. bank account for those with a US checking account who might wish to donate, but may not wish to use PayPal for various reasons. The results have been ... disappointing, to say the least. (It would all go to Giorgio. I donated my time and effort to set up and monitor the account, as the Support Team donates their time to do support here.)

I don't know how the Mozilla-site donations, or the PayPal donations, are doing. But considering that supporting and enhancing NS, including NSA and NoScript 3.x for the desktop, is undoubtedly a full-time (or more) job for Giorgio....

It might indeed be better to have non-controversial ads, such as for those who sell printer ink or something. At one time, Giorgio said he d/l and ran the software in question in a VM, and found nothing malicious. Do you know how recent that license change was? I'm sure that any documentation of malicious content would get the ad kicked quickly.

As for the ad itself, only Giorgio can speak to that choice, as it's his site. I understand your concerns. Perhaps if he can find the time, he will re-address them.

Thank you for your support of NoScript.