Ask.com can hijack your computer using Java updates
We learned this week that more than 317 million computer viruses or other malicious programs were unleashed by hackers last year, according to the Internet security firm Symantec. That’s nearly a million new cyberthreats daily.
But not all attempts at messing with your computer are from sneaky, illegitimate sources. Some are from big-name tech companies that don’t seem to care what you think of them.
Anyone whose computer has been hijacked by the Ask.com toolbar knows exactly what I mean.
“It’s like a bad houseguest,” said West Hollywood resident Gary More, who’s been struggling for months to get the software out of his computer. “It will not leave.”
If you’ve avoided this especially pernicious program, count yourself lucky. The Ask.com toolbar typically skulks into people’s systems on the coattails of some more desirable software. Often, it’s included with updates to the Java programming language.
And then it doesn’t go away. Ever.
More, 71, estimates he’s already paid about $450 to tech troubleshooters to help him delete Ask.com’s software from his system. And he’s still not rid of the problem.
“They’ve tried everything,” More said. “It’s been very, very difficult.”
This speaks to a broader issue in the tech world — the idea that it’s acceptable to opt people into products, services and policies by pre-checking online boxes, rather than allowing folks to check the box themselves.
I know, I know: You can just uncheck the box. But most of us move fairly quickly when it comes to software updates and other downloads. When was the last time, for example, that you actually read the full terms of service of anything before clicking “Accept”?
The way it works with Ask.com is that whenever you get a prompt to update your Java software, there’s a pre-checked box in the fine print saying the Ask.com toolbar also will be installed. If you spot it and have the inclination to uncheck the box, fine.
If not, the Ask.com program will be installed and three things will happen. First, you’ll see the Ask.com toolbar on your browser. Second, Ask.com will become your default search engine. Finally, the Ask.com website will become your home page.
Uninstalling the toolbar won’t fix things. The search engine will keep reverting to Ask.com, no matter how many times you try to switch it back to, say, Google or Bing.
“There’s no real way to purge it from your system without going through a lot of steps, and most people don’t know how to do it,” said Eric Schlissel, chief executive of GeekTek, a Los Angeles tech consulting firm.
The problem, he said, is that Ask.com will bury code in your system so that your toolbar and search engine will be hijacked every time Java instructs you to update, which happens frequently.
“If Java is out of date, it will remind you again and again to click it,” Schlissel said. “Then, when Ask gets reinstalled, it’ll bog down your system and take control of your user experience.”
Is there a tech term for that?
“Yeah,” Schlissel replied. “I’d describe it as evil.”
Ask.com began as Ask Jeeves in 1995. The original idea was that you could ask a question in plain English and get an answer. Jeeves disappeared in 2006, and the site became Ask.com.
The site is owned by New York’s IAC/InterActiveCorp, which also owns a variety of other sites, including Match.com, Tinder and ShoeBuy.
Java was created by Sun Microsystems and then was acquired by the business-software giant Oracle. It was intended to allow developers to write programs that would run on all systems.
“It’s never worked as advertised,” Schlissel said. “It’s unlikely most people need it.”
Even so, Java comes bundled with many programs and is required by many websites for watching videos or playing games. That’s why you’ve probably encountered the prompts to keep the software fresh with routine updates.
I contacted an Oracle spokeswoman to ask why the company was party to Ask.com’s stealth tactics. She said she’d put me in touch with the appropriate person.
A minute later, she emailed back to say that Oracle would have no comment.
An Ask.com spokeswoman, requesting anonymity, said that the Ask toolbar is “distributed through partnerships with software companies like Oracle who provide free software to consumers.”
She declined to answer further questions.
Schlissel said it’s all about the money.
“No one goes to Ask.com anymore,” he said. “So the only way they can sell advertising is by tricking people to go there. Oracle either gets cash from Ask for each toolbar downloaded or a piece of Ask’s search traffic.”
OK, so how do you get rid of the Ask.com toolbar and related programs? As Schlissel noted, there are a number of steps involved.
Your first step is to uninstall the toolbar, which is fairly easy to do with most browsers. If you’re an Internet Explorer user, go to the control panel and click “uninstall” for the toolbar as well as the toolbar updater and any other Ask.com software that turns up.
Then you’ll need to manually restore your home page and designated search engine.
However, you could still have Ask.com code lurking in the background waiting to strike again, Schlissel said. So you may have to restore your browser settings to the original defaults.
And if you don’t go to websites that require Java, you may even want to uninstall that program so you aren’t caught in an endless cycle of software updates that will keep trying to reinstall the Ask.com toolbar.
If you stay with Java, make sure you look closely for the pre-checked Ask.com box whenever you’re prompted to update Java. Uncheck it if that’s your preference.
A good step-by-step guide to erasing the Ask.com toolbar from multiple systems and browsers can be found at MalWareTips.com. There also are a number of video tutorials on YouTube.
In 2013, savvy computer users circulated an online petition requesting that Oracle stop including the Ask.com toolbar with Java updates. Thousands of people signed.
But the petition has gone unheeded. Rather, Oracle seems to have thumbed its nose at critics:
Until recently, the Ask.com toolbar was primarily a problem only for Windows users. As of last month, it’s also being bundled with Java updates for Macs.
David Lazarus’ column runs on Tuesdays and Fridays. He also can be seen daily on KTLA-TV Channel 5 and followed on Twitter @Davidlaz. Send your tips or feedback to firstname.lastname@example.org.