give me the crack or cheat to pass this stupid message…

…. upgrading this Sh%%# is useless even troubling..

waiting…

I have downloaded some clips from the internet by using Torrents but when I try to play them in Window Media player, there is a messages regarding “Acquire License”, but the other clip has different message there is written that some sort of like that “you have to download somefiles/Softwares to Play this clip”.

If you want to share with me your profound knowledge please do it not for God sake but me.
I will very thanksfull to you, if you will just email me reagarding this.

When I did my testing and write-up ( http://www.benedelman.org/news/010205-1.html ), I received a single ActiveX installation prompt pop-up, linking to http://www.spidersearch.com/barterms.php for a license agreement. Unlike the disclosure you quote, that page never mentions installation of third party programs.

You’re certainly right that these installations require users to be tricked, and to click (more than once, if running the latest software) in order to be harmed. But the misleading on-screen text and with misleading circumstances (inference that a special add-on player truly is required to play what users might think is a new file format) make me worry that these deceptive methods could succeed in tricking a fair number of users. Maybe users should know better, but the bad guys here are taking advantage of users in a way that still seems, to me, quite troubling.

Also troubling are the programs that subsequently get installed. 180solutions, for example, has received tens of millions of dollars of funding from venture capitalists — so you might think they’d be cleaning up their act. Instead, they’re paying installation commissions to whoever is doing these installation tricks.

Users can also get a valid popup from MS for WMV codecs at exactly this point. In fact the first time I tested this (XP SP1, WMP9) I did get one ActiveX download box from MS for the DRM stuff immediately prior to the two bogus downloaders, which looked almost identical. I don’t think most people would notice the con.

It’s great that WMP10 does apply the SP2 restrictions properly, but I’m wondering how many people are actually running WMP10+SP2… probably not many. (WMP10 isn’t being downloaded by Automatic Updates is it?) Plus of course non-XP users are a bit stuck. I too would like to see a proper fix for users not lucky enough to be [able to] run this combination.

[Personally, I am looking forward to the European antitrust edition of WinXP with WMP removed, as I dislike WMP version 7+ intensely, and am sick of having to wrestle with Windows File Protection to get rid of it!]

As for:

> The programs in question are digitally signed and are from known companies.

We all know how much that’s worth!

Unfortunately slack roots like Verisign and Thawte, who…

– issue code-signing certs to companies caught abusing IE security holes and installing malicious software;

– refuse to either revoke issued certs or disclose the legal addresses of the entities that they ‘verified’;

– issue certs to companies using misleading names like ‘MSN Technologies’ or ‘Click to open page’;

– memorably once let Microsoft’s own certs escape!

…have made the Authenticode system almost completely worthless in practice.

It remains unclear whether the PC World story is actually talking about the same group (protectedmedia etc.) as we’re dealing with here. The screenshot looks like it might be, with the porn video and all, but I have not been able to link Overpeer to them, nor find the mentioned Overpeer WMA files (yet). Still a bit murky on this one.

Which does not excuse the fact that this is sleazy, underhanded and wrong, and that the purveyors of this crap should be horsewhipped. IMHO.

Please see my follow-up posts on this topic here:

http://www.edbott.com/weblog/archives/000341.html

and here:

http://www.edbott.com/weblog/archives/000342.html

The ActiveX installer I received had a single hyperlink, which I followed. It took me to http://www.spidersearch.com/barterms.php . That page does not contain the text you quote, nor any text that’s similar.

Perhaps some other ActiveX — like the one provided to you — gives a good and clear Terms of Service. But not so for the ActiveX I received.

As I noted in a follow-up post, GIANT AntiSpyware intercepted the second installation and allowed me to block it. The SpiderSearch module never installed at all even when I clicked the Install button. Very strange. This was on a system with no AV software and only the standard Windows XP Firewall.

I’ve tested the same WMP file on an older system with Windows 2000 SP4, IE 6 w/ SP1, and Windows Media Player. You can find my write-up at DSLReports.com:

http://www.dslreports.com/forum/remark,12298989~mode=flat

In short, the adware installation practices that users encounter through Microsoft’s license acquisition process are incredibly confusing, deceptive, and coercive. Indeed, this is one of the most underhanded installations I have ever encountered.

Regards,

Eric L. Howes

EWeek published a new article today on the WMP adware installation problem:

http://www.eweek.com/article2/0,1759,1751248,00.asp

In short, Microsoft plans to do precisely nothing.

My response can be found at DSLR:

http://www.dslreports.com/forum/remark,12378695~mode=flat

Best,

Eric L. Howes