OpenDNS Says Google-Dell Browser Tool is Spyware

PetManimal writes "David Ulevitch, the founder of OpenDNS, claims that Google and Dell have placed 'spyware' on Dell computers. Ulevitch made the claim based on his observation of the behavior of the Google Toolbar and homepage that comes preinstalled on IE in new Dell machines. He says that a browser redirector sends users who enter nonexistent URLs to a Dell-branded page loaded with Google ads. Another observer, Danny Sullivan, says that this is a different result than what happens on PCs without the redirector. However, the original article notes that Ulevitch has a vested interest in the results of mistyped URLs."

Re:Can you really blame google

[ronadams]

Parent wasn't trolling; he made a very valid point. Google made the tool, Dell configured the machine. Dell turned the software to spyware. Google has, AFAIK, no under-the-radar delivery system for any of their software, including the URL redirection tools they've made (there's a few). However, system configurators like Dell have been doing this crap for years. Our sniper's scope should be aimed towards Round Rock, not Mountain View.

Re:Claim is complete FUD

[Odiumjunkie]

If average Joe user speaks the English language, then I imagine he'd be able determine what the service did. There's really no jargon. What does the service do? It redirects addresses that contain errors when entered into the browser. It would be irresponsible to call it something like "Google Search Helper" because then even techies won't have a clue what it does.

So did Google actually write this?

[deadsquid]

I'm wondering who actually developed the software. Was it Google who developed it for Dell, or was it Dell who developed it internally and called it the "Google URL Assistant" because it redirects traffic to serve up Google ads which I presume it gets a cut off of. It's not clear if the name of the app means it was written by Google or if it just refers to what service Dell is redirecting to.

Re:OpenDNS is bummed

[Anonymous Coward]

If you use a WRT54g home router (or one of the many similar routers which can use the same enhanced firmwares), you can use that as a DNS resolver. Or you could run a resolver on your computer. With broadband, the latency on the last hop isn't so bad, so a remote recursive resolver isn't an advantage anymore. A local resolver gives you full control over DNS: you can add local domains if you want, you can avoid DNS censorship and you can ignore caching directives as YOU wish (absolutely no caching for your dynamic DNS names, for example).

Re:Instructions to Remove

[thePowerOfGrayskull]

That goes double, or triple, for Dell laptops. I've never seen so much sh*t installed on them. It started appearing about 2 months ago, and despite contacting various account reps, they have no idea what I'm bitching about. Very few of the programs uninstall cleanly, either.

If it started 'appearing' two months ago on a laptop you purchased before then, it very likely has nothing to do with Dell, and quite possibly more to do with the things you're picking up/installing yourself (albeit inadvertently).

Re:So did Google actually write this?

[deadsquid]

Ahh... the links to the OEM pages below probably mean it is an app developed by the folks in MV. Never mind, then.

Re:Obligatory Google Reality Check

[Anonymous Coward]

Google is a publicly traded company and as such here's what's important to them.....

Making money for their stockholders.

That means doing things like creating spyware if it helps their bottom line. The mantra of "Do no evil" becomes null and void once you become a publicly traded company.

Something like this is trotted out so often, we should make it a FAQ.

Actually, Google's obligations on becoming a publicly traded company are to behave according to the prospectus. Many (most) companies' prospectus say things like "we will maximise our profits", because they're basically boilerplate and that's what most shareholders want. However, if you actually read Google's prospectus, you'll find that it has quite a different slant. So Google is not obliged to maximise profits at all costs; it's obliged to adhere to the principles of the prospectus - which enshrine the "do no evil" philosophy.

Re:Claim is complete FUD

[stubear]

I recently purchased a Dell M2010 and noticed this "problem". It bugged me but I found no obvious way to shut it off, including the add/remove programs suggestion mentioned in the article. After reading this article I did a little more poking around and discovered that Dell is now utilizing a browser add-on called CBrowser Helper Object (or something close to that) to perform this functionality, which I promptly disabled. The point is this is not an obvious fix and Dell shouldn't be doing it anyway. PC manufacturers need to really stop loading the system up with crapware and silly little "branded experiences". I have utility programs on my Dell that basically mimic the basic functionality for some things already available in Windows. The biggest difference is Dell has their programmers "design" hideous interfaces that make absolutely no sense whatsoever and redirect the user to these utilities at every chance, just to get in yet another "branded experience". My experience thus far has been great computer, now how can I go about obtaining another clean copy of Windows Vista Ultimate to replace the shit Dell installed.

Deceptive article!

[argent]

Setting aside the fact that using IE at all is the best way to get infected with spyware in general[1], the alternative to Dell's site is NOT Google's normal page.

The only way to get to Google's page from Internet Explorer in its default configuration is to explicitly go to google.com, and with the redirector in place you still get to the regular google home page if you do that.

If you open up Internet Explorer without the redirector and type a "keyword" into it, you normally end up on Microsoft's search engine.

Given the alternative of going to MSN.com or a Dell-branded google.com, I know which one I prefer.

[1] If you care you should be using Firefox which (for all its flaws) has a design that's many times more secure than IE...

Re:Hi, I wrote that post... Pot-Kettle

[davidu]

It appears to me by using your dns service instead of the one provided by an isp, I forfeit the ability to have my dns lookups remain anonymous. That seems to fall closer to the definition of spyware in my book.

Your DNS requests are not anonymous right now. Don't mislead yourself into believing they are. Even if you run your own resolver that talks to the roots. DNS is one of the most tapped, mined and inspected pieces of the infrastructure I can think of. People do it for profit (domainers) and for research (security folks).

We're clear on how we use it (which is to say, we don't use it for anything personally identifiable or to target ads to you).

-david

Re:Instructions to Remove

[HeroreV]

Dell Windows computers come with a program that updates some of the Dell crapware. I've heard this updater has recently starting installing new crapware without user confirmation.

Re:Hi, I wrote that post...

[pecosdave]

I second that! OpenDNS has worked great for me.

I'm firmly in the "If it aint broke don't fix it" school on DNS. Verizon's DNS is broke, bad, OpenDNS lets me browse the web without every 3rd query being a man in the middle.

This crapware matters because...

[gjuk]

... not all users know how or what to uninstall - and some of it is virtually uninstallable.
By way of example; my Grandmother got a Dell. She's 80 odd, but can use a browser, email, etc. Her Dell was great - but she couldn't wo rk out why she wasn't able to receive emails. Time and again, she, or her friends would, with or without telephone support - would configure Outlook Express correctly - only to find that that it kept changing the POP3 server URL. I gave her remote assistance - and could swear it was working; but every time she told me it wasn't owrking, sure enough - the POP3 details had changed. Eventually, I tracked it down to McAfee which had a year's subscription to anti-virus; but 30 days' subscription to an entirely unnecessary spam blocker. A bug in their spam blocker meant that it correctly diverted all attempted POP3 connections to itself; but then screwed up the address of the actual POP3 box and couldn't actually connect. Of course, it only inserted itself at boot time - so every time I'd fixed it by remote desktop it looked great; till Gran rebooted...
I disabled this - but only after Gran had basically been emailless for 3 weeks. Lo and behold! On day 30 - it suddenly prevented here using email again - this time because its license had expired - so it refused to allow her to use her email app - even without it! Cue - Add/Remove Programs. Only it wouldn't allow itself to be removed because its AntiVirus companion was running... it took me hours to clear out this crap. And yet - without me doing it; Gran couldn't get her email, first because of their sloppy coding - and then because of their "license expiry" hijack.
That's why crapware preinstall should be banned. By all means - include a CD or a link to a website where I can choose to download trials - but preinstalling them is outrageous. Imagine if a car came with a pre-installed alarm system which wouldn't let you drive the car without getting out your credit card or a screwdriver?