More Direct Revenue Documents Emerge With Names

It seems more documents are surfacing on the Direct Revenue case, which they rebut, and these are particularly interesting.

Ben Edelman, anti-spyware researcher, has been busy putting together a nice buffet of reading.

Find below a growing list of documents so far…and Ben tells me he is still working on putting together summaries. For the sake of convenience i have bolded the mentioned distributors below, see bottom of this post for a link to the site that contains full documents.

Complaint exhibits

Exhibit 1 – Direct Revenue privacy policy.

Exhibit 2 -146-page compilation of December 1, 2005 interrogatory responses and attachments. Includes the following:

Discusses Direct Revenue’s installation counts. (2)

Discloses revenues ($6.9 million in 2003, $39 million in 2004, $33 milion in January-October 2005). (4) Discloses revenues from installing other vendors’ software ($4 million for January-October 2005). (4)

Discusses the role and effects of Insight Venture Partners’ 2004 purchase of 25% of Direct Revenue for $12 million, and Direct Revenue’s borrowing from Insight and Technology Investment Capital Corp (TICC), $21.7 million total in 2004. (4-5) Shows specific 2004-2005 distributions to Direct Revenue’s senior staff, totaling more than $27 million. (6)

Discusses the ad networks used to track advertising display, including Aquantive’s Atlas and DoubleClick. (8) Discusses other sources from which Direct Revenue receives ads, including LinkShare and eBay Shopping.com .(8)

Discusses uninstall methods available prior to the creation of Direct Revenue’s MyPCTuneUp website. (9-10)

Lists specific Direct Revenue distributors that have been terminated, and the reason for such termination (11-15)

Lists specific programs Direct Revenue has removed from users’ computers, including IBIS Toolbar, HuntBar, IST, CDT, Avenue Media, iDownload, and eXact Advertising. (16-18)

Reports Direct Revenue’s acquisition of 750,000 users from Lycos Inc. (18)

Lists Direct Revenue’s affiliate entities and subsidiaries. (19-20)

Direct Revenue user counts by day, February 1, 2003 through December 11, 2005. (21-35)

Direct Revenue distributors, including installation counts by month and year. Includes substantial installations (more than 5,000 per distributor) from 24/7 Real Media, Advertising.com, Adperform, Adscpm, Adtegrity, Advelocity, Advolt, Argonaut, Bane Media, Blubster, Briony Hurn, Bundleware, Carl, CDT, Club Jenna, Coloumb, Cydoor, Dio, Dmagroup, Elite Media Group, Eprocessing, EU Software, Evolution World Wide, ExitExchange, Flying Crocodile, Fortunecity, Grokster, Holistyc, Icmd, Idownload, IE Plugin, Imgiant, Integrated Search, ISuply, JonesMedia, Kazaa, LEC Dialer, Lycos SideSearch (upgrade), Madnight, Magic Window, Mamma Media, Marketing Metrix Group, Max Online, Media Motor, Media Whiz, MindSet, Music Civy Morpheus, MyGeek, Net Thinkmedia, Newmedia, Online Traffic Broker, Opt-In Big, Protected Media, Qoolaid, Razor Media, Ride Marketing Group, Seed Corn, Simpel, Simple Internet, SKyhorn, Standard Internet, Sunny View, Target Comm, Terrapin Media, Traffix, Vendare, Vera Pass, Verticlick, West Frontier, Wild Media, and WSW Telecom. (36-73)

Lists specific files included in Direct Revenue products, including date, user count, and description. Specifically mentions installation of TopMoxie. (74-129)

Lists distributor names and methods (ActiveX, bundle, “onclick”, banner). (130-133)

Lists distribution methods by monthly count. (134-142)

Presentst materials from the Tps108 site (145-146)

Exhibit 3 – Direct Revenue management team listing, printout from web site.

Exhibit 4 – Direct Revenue LLC agreement. Reports Joshua Abran as 36% owner, Daniel Kaufman as 32% owner, Alan Murray as 27% owner, and Rodney Hook as 5% owner.

Exhibit 5 – User complaints and threats, and Direct Revenue’s responses (including jokes). Tabulation of user complaints, including uninstall requests and claims of unsuccessful uninstall attempts.

Exhibit 6 – 122-page compilation of January 17, 2006 interrogatory responses and attachments. Includes the following:

Discusses the limited circumstnaces in which Direct Revenue elected to automatically remove its software from users’ computers after concluding that installations were nonconsensual. Argues that such automated removal constitutes “throw[ing] the baby out with the bathwater” because it would (purportedly) not be “in the best interests of the many users who had accepted [Direct Revenue's] value proposition.” (2-6)

Discusses disclosures shown to Lycos users as to “the search panel feature of your Interent Explorer program” being “under new ownership.” (11-13)

Presents the Thinstaller and Bootstrap methods byw hich Direct Revenue installs its software. (13-17)

Presents Direct Revenue’s installation methods from April 1, 2005 and onwards. Reports Direct Revenue’s methods of monitoring distribution practices. Notes Direct Revenue’s retention of Alan Chappell, “a noted internet privacy expert, to consult … on … distribution and disclosure practices,” specifically noting that Chappell “later became the main drafter of the TRUSTe [adware] guidelines.”

Discusses a “KZ Torpedo” to remove unknown other software. (23-34)

Tracks installation counts attributable to CDT. (35)

Presents Direct Revenue’s records of specific users, including users’ IP addresses. (36)

Lists Direct Revenue entity names, addresses, and domain names. (38-41)

Presents the code to provide Direct Revenue software to Lycos SideSearch. (42-44) Correspondence with Lycos as to installation counts, terms of sale, and the fact that “any users of the software … shall be deemed Buyer’s ‘property’” (106).

Exhibits 7-9 – Direct Revenue subsidiaries and affiliated entities, including creation date and state ID number. Discussion of difficulties setting up additional companies. Discussion of the benefit of using multiple company names in order to “customize the name on the ActiveX.” (See my separate analysis of ActiveX installation methods and misleading company names.)

Exhibit 10 – Direct Revenue staff unhappy with a PC Pitstop web page.

Exhibits 11-12 – Direct Revenue’s “Skyhorn” product.

Exhibit 13 – Discusses “torpedos” to remove competing spyware and adware.

Exhibits 14-15 – Discusses registration practices and contact information for Direct Revenue domains. Shows Whois data.

For the full scoop and direct links to these documents check out Ben’s dossier here. I hope Scott Jangro isn’t having flashbacks or nightmares.

ADDENDUM:

More coverage from my colleague Chris Boyd at VitalSecurity.org- a long time pal (not) of Direct Revenue. They love him!

Patrick Jordan, of Sunbelt Fame and one hard core researcher, gets marked a “stalker”. Sunbelt also points out an interesting “death threats” archive. (PDF). It certainly puts new meaning into nail.exe

Remember that song “Dirty Laundry”? I think it was an 80′s fad hit by Don Henley?

I make my living off the evening news
Just give me something-something I can use
People love it when you lose,
They love dirty laundry

Well, I coulda been an actor, but I wound up here
I just have to look good, I don’t have to be clear
Come and whisper in my ear
Give us dirty laundry

Kick ‘em when they’re up
Kick ‘em when they’re down
Kick ‘em when they’re up
Kick ‘em when they’re down

Well everyone does loves it according to the song and Suzi Turner of ZDNET Spyware Confidential sort of takes it all out of the closet and puts an iron to it.

I did warn you to put down those Tom Clancy novels…instead get this book…

About Wayne Porter

Wayne Porter is one of the original founders of ReveNews.com, and served as the CEO and founder of XBlock Systems a specialized research firm on greynets and malware research before being acquired by unified communications security leader, Factime Security Labs. His work includes serving as a panlist at the Federal Trade Commission to shape legislation on software and the creation of two patent-pending technologies for corporate networks. Wayne is a frequent speaker at e-commerce & business events including CJU, ASW and RSA and frequently cited in the press. He has been designated a Microsoft Security MVP three times and is recognized on Google’s Responsible Security Disclosure page- in addition to receiving the first Summit Legend Award. Wayne currently works as a Security Consultant on Social Media and operates a consultancy on digital worlds. His hobbies include reading science fiction, playing chess, fishing, writing, collecting shiny digital gadgets, playing racquetball and studying memetic engineering. He maintains a personal weblog at WaynePorter.com detailing his explorations in security, web 2.0, and virtual worlds.
You can follow Wayne on Twitter: @wporter.

Website: http://www.wayneporter.com