Tech Notes

--Dave Methvin, Chief Techology Officer, PC Pitstop

April 14

Direct Revenue: Greed Triumphs Over Decency

The recent lawsuit filed by the New York Attorney General against Direct Revenue provides an incredible amount of information about the sleazy activities of spyware and adware companies. In the past, we've pointed out that these companies were making lots of money from their invasive installations. We saw a glimpse of how much money was at stake when Claria filed to go public in 2004. In that filing, they revealed that they made about $100 million in 2003. However, that high-profile bid to go public was at the height of Claria's power and profit; they quietly aborted the attempt in the fall of 2004 and just recently announced that they are getting out of the adware business.

Evidence from this most recent suit against Direct Revenue shows that spyware was very, very good to them. In 2004, Direct Revenue made $39 million; in the first 10 months of 2005 they reaped $33 million. Their fascinating internal emails lay bare the priorities of decision makers inside the company. (Many thanks to Ben Edelman for hosting and summarizing these documents.) The documents show the complete devotion to profit at the expense of any other concerns: (Note: most of the links below refer to PDF files submitted as evidence in the lawsuit.)

• Users are losers: Company execs knew their software abused users by flooding them with ads as often as every minute. Dialing back the abuse to every two minutes resulted in a 15% revenue drop so they ordered it back to one minute. CTO Dan Doman calls one victim an "idiot" for thinking that they are being charged for removal. (The user may have thought Direct Revenue popup ads for antispyware products would eliminate Direct Revenue from his PC.)
• Do what's right--if it makes money: When Direct Revenue put an entry in Add/Remove Programs, their uninstall rates skyrocketed: "We are losing an INSANE number of users to Add/Remove programs ... I think we would see 40,000-50,000 uninstalls per day if we were tracking all users." (The company was averaging over 250,000 installs per day in March 2004, when the email was sent.) Executives decided that the entry would be removed.
• If they don't like your looks, wear a disguise: The company developed an extensive list of shell companies and business names designed to keep Direct Revenue's name out of the limelight. This allowed them to get new ActiveX security certificates and circumvent any security blocks on the old names.
• Be a trailblazer in sleazy practices: Integrated Search demanded that Direct Revenue have an Add/Remove entry, which they knew would result in a lot of uninstalls. The solution? "We promised them an uninstall and then when we thought they weren't watching any more, removed it on purpose." When distributors offered to wallow in the mud, Direct Revenue would gladly wallow along: "[W]e are very interested in learning from your experience in dodging [Windows XP] SP2 and anti-virus programs."
• When users say no, they mean yes: The company's Chris Dowhan proposes allowing affiliates to aggressively reinstall: "The user's confusion about why it's coming down to the machine later should not stop us from installing. It's arguable that they don't know what they're getting no matter when we get installed." Dowhan goes on to outline the "EULA trumps user" basis of the policy: "If a distributor ... wants to become part of our persistence strategy and reinstall us daily, as long as the MyPCTuneup flag is not there, we should support that--even if an antivirus or competitor or some other incompatibility removes or disables us every day and we go back down every night. Our EULA allows for it so I will do it unless you guys tell me otherwise."
• Learn from Mafia tactics: One Direct Revenue lawyer seemed to suggest intimidation to silence a spyware researcher who traced their shell companies and distribution methods. After hiring a private investigator to determine the researcher's real identity, their lawyer Gary Kibel wrote, "...perhaps a letter to his true home address showing that we know more about him will have some results."
• Ignore your critics, even if they're friends: Even companies that invested or did business with Direct Revenue found its tactics to be too much to bear, including several investors in the company and the FastClick ad network. Users infested with Direct Revenue's software had an even harsher opinion of the company.

If there is any justice in this world, the executives of Direct Revenue will be held criminally and financially responsible for the damage they have caused. The top four company officers were paid a combined $27 million during 2004 and 2005 alone. Whatever else happens, this process should not leave that ill-gotten money in their pockets.

Our Direct Revenue Experience

During mid-2005, Direct Revenue's tactics seriously affected PC Pitstop's reputation. The first problem was due to a program named FasterXP that was advertised on our site through Google Adwords. Several users installed the software and got multiple pieces of spyware including Direct Revenue. (If you're interested in seeing the mess this program causes, the lawsuit contains an exhibit with FasterXP screen shots [23MB PDF]). Many users assumed we had chosen to run the FasterXP ad, but we actually had not; in fact, we had no way to even know it was appearing unless someone notified us. Once users reported the problem, we blocked the ad from Google Adwords and notified Google that they should stop running it.

During the same time period, PC Pitstop started receiving angry complaints from users saying that we had installed spyware on their PC and were flooding them with popup ads. Although this puzzled us initially, we finally found the connection. PC Pitstop owns the pctuneup.com domain, which forwarded to PC Pitstop's home page. Direct Revenue created a site named mypctuneup.com that was the only way for users to remove their spyware. To make the removal process harder, DR did not provide a clickable link. Instead, the user had to type in the mypctuneup.com address. When users typed it incorrectly, they ended up on our site and blamed us for their spyware infection. To make sure users knew what was going on, we redirected the pctuneup.com domain to this page explaining the situation. (The lawsuit reveals an internal email discussing the page.)

In an effort to stop this abuse of PC Pitstop's reputation, I contacted Direct Revenue several times to ask about the problems we were seeing. Their designated PR person provided all the standard canned responses designed to deflect and deny responsibility, such as "there are no bright-line standards" but their distributors are required to perform "in accordance with all applicable laws."

Looking into the Direct Revenue scourge a bit further, I found evidence of their software being distributed with what appeared to be child pornography. Although the company clearly knew about my concerns--my email to their PR person is part of the evidence in the case--they did not accept several offers to provide information that would help to determine the distributor. I sent the files in question to the FBI--and then on to Canada's RCMP--for further investigation.

Did the Eliot Spitzer just get lucky and find the only sleazy spyware company with these kind of incriminating emails? I suppose anything is possible, but the odds are that you could find similar messages at all of them. Someone start digging and prove me right!

Comments? Questions? Please make a post in the Site Feedback section of our forums.