Sunday, February 12, 2012

What is Gator? - Security Term

Gator was a computer program by Claria Corporation. Notorious as one of the first widespread spyware applications, Gator had inadvertently created a revolution in consumer backlash against irresponsible computer program design and malware proliferation. While various computer security vulnerabilities, such as viruses, had been familiar to security experts for years, Gator was the first program to cause widespread concern among nontechnical home computer users. Although most installations of Gator were performed with full disclosure regarding the nature of the program, many users who did not read it's EULA were unaware of the program's activity. While this fact had saved Claria Corporation from several lawsuits, unfortunately it had not stimulated an increase in consumer awareness regarding the need to read EULAs and to understand them. Additionally, Gator could not be removed via standard software removal procedures.

Although Gator is considered spyware, the computer security industry often cites the non-spyware components of Gator in it's classification. This is typical of the computer security industry, who often miseducate consumers with the intention of broadening the need for their products. Usually, Gator is charged with being spyware because it implants pop-up advertisements on webpages viewed in Internet Explorer. This behaviour is not spyware related, rather, it is adware related. Gator is considered spyware because it stores users' personal information, such as name, email address, geographic location, age, and even credit card numbers, and sends this information to it's central servers. Claria ascertains that the information is used for delivering relevant advertisements only, and is stored only in aggregate form. However, Gator communications with it's central servers are not encrypted, and the information is easily intercepted by malicious third parties. Additionally, email addresses associated with Gator installations are often the targets of spam email, implying that Claria sells collected email addresses to spammers. The Gator EULA is not clear on the matter of user privacy in regard to the confidentiality of collected email addresses.

Originally, Gator had been installed as a bundled application in other programs, with Claria paying software developers for each Gator installation. During software installation, the user had been presented with an option of reading the complete Gator End User License Agreement, which describes in detail the nature of the program. However, the OK-OK-OK-Finish culture common to Microsoft Windows users had often hidden the license, thus many users had not known about the installation. After installation, Gator would prompt users to save their personal information in it's database, with the goal of filling in web-based forms on their behalf. Based on the information in these forms, and the URLs of pages visited, Gator would download and display relevant advertisements to users. Often, these advertisements would appear on competitor's websites, inserted into the page locally via the Gator software. Later forms of Gator had been adapted to 'drive-by installation' via ActiveX in Internet Explorer. Whether Claria or a third-party software developer had performed the modification is unknown, however, the modified Gator was functionally identical to the original version, with the exception that the EULA was presented as a link (that did not always work) in the ActiveX control instead of as a text file in the standard Windows installer.

source: what-is-what.com

No comments:

Post a Comment

Once you submit the comment, please wait for its approval. Sooner or later your comment will show up so do not comment twice.