Gator Files for IPO to Raise $150 Million

michalas writes "Wired reports on the IPO filing of adware/spyware kings Claria who have recently changed their name from Gator. Claria on Thursday filed for an initial public offering to raise $150 million to continue developing its 'behavioral marketing platform.' Claria had a net income of $35 million on revenues of $90 million in 2003. In addition, Claria said it has 43 million active users and 425 advertisers."

i interviewed with Gator a few months ago

[motiv8x]

Despite what the company does, after interviewing with them, I felt like it would be a good solid company to work for. They had a great dot-com atmosphere, used open source technology, and paid well - my position was for Perl programmer. And they even allowed you to work from home. I didn't have the XML::Parser experience they were looking for, so I didn't get the job. One thing they revealed to me was that they did actually track what you were searching in Google. This part I didn't like. If they can watch you on Google, they can capture data from any form you fill out - although they claimed Google was the only form they captured data from.

Re:Claria's "users"

[LostCluster]

I caught WinPup32... a pop up deployer on my system. I knew something was up when my popup blockers suddenly all got turned off.

I couldn't run AdAware because it hung on my IE cookies. I couldn't clean my IE cookies because a running process was using half of them. I had to drop to Safe Mode to clean out the cookies before AdAware could do its thing to clean up the mess.

I know I must have accidently clicked a "Yes" when I should have clicked a "No" somewhere in the last few days. The number of sites trying to push these things is way through the roof.

Re:Well...

[nodwick]

The good thing about Gator going public is that their Financial Statements will tell us what advertisers are funding them. Makes for a nice boycott list.

Actually the financials will only tell you how much they're making off the advertisers; they're not required to disclose customer identities. If the numbers turn out to be big, all it's going to do is encourage others to follow in their footteps by starting up more spyware companies.

Kill this IPO

[Maskirovka]

Claria...Clar-Ia...sounds like a disease doesn't it?

For someone with more time on their hands than me:
1)Start some media fear mongering about a "Claria Virus".
2)Include instructions for removing said virus.
3)Feel good about what you have done to help society.

Re:Claria's "users"

[Cruciform]

Kazaa isn't the only app that installs Gator.
The adware supported DivX does as well, though they offer an adware free version on that site with not as many bells and whistles. There's a lot of other apps that do as well.

Reading the EULA used to be something people bypassed. Now it's a necessity.

Although I think hiding install info in the EULA is crap. The installer should show all applications being installed right from the beginning. Anything not implicitly listed at the install screen should be treated like the UK's theft of service laws for electricity when someone uses your machine without permission.

Re:I don't think so

[MrNonchalant]

No, I used something slightly stronger [safer-networking.org].

Re:43 million active users

[LostCluster]

Gator's programs are not pure spyware because they at least provide some level of functionality. The first Gator offering was a personal-info remembering "wallet" that'd nicely fill in web forms similar to what the Google Toolbar's AutoFill feature offers.

Another one of their schemes offers to download a program that will automatically sync your system time, which is useful to most people who notice that consumer PCs are usually pathetic at keeping a system time. However, I personally use the adware-free Automachron [oneguycoding.com] which provides the same useful function.

So, they're really a bait-and-switch operation. They actively market utilities that people want, and are rather trivial to make.... and then tag-on their adware code for the ride. Better options for all of their offerings exist, but the public often doesn't know where to go.

Re:Claria's "users"

[11223]

You should check out SpyBot [safer-networking.org]. It will clean up some things that AdAware can't.

Re:Claria's "users"

[harlows_monkeys]

I think 'infected computers' would be more likely.

You'd think that (and so would I), but we'd be wrong. There are a huge number of users who like that thing, and complain if anti-spyware sofware removes it (I know because I work at an anti-spyware company, and Gator is one of the ones we have to tread lightly with, because so many users actually want the damned thing).

List of afvertisers at Harvard

[Animaether]

Partial list of advertisers, courtesy of Harvard [harvard.edu]
News story on Harvard wrestling with the then Gator corp [com.com]

Re:Gator for the masses IS helpful

[eclectro]

They are annoying, but I think they HAVE stopped being sneaky with their 3rd party stuff

Yes, and I have a bridge that I want to sell you.

Gator still does deceptive "drive-by-downloads", and people still unkowingly get infected with their crapware [pcpitstop.com]

Sorry/Claria/they will always be gator to me.

Re:Well...

[dmehus]

Check out the filing:

www.sec.gov/Archives/edgar/data/1126167/0001193125 04059332/ds1.htm [sec.gov]

It names quite a few of the advertisers, and some of them are large companies such as travel and hotel conglomerate Cendant and LowerMyBills.com.

As well, Brightmail, Advertising.com, and Shopping.com also filed IPO paperwork.

Cheers,
Doug

Pre-emptive crapware blocking??

[hklingon]

What sort of setups do the admins out there have for blocking this stuff? Anything at the gateway or proxy level??

For a long time, I have been using a lot of off-the-shelf scripts and utilities hacked together as an anti-spyware, anti-virus proxy. Anyone out there doing the same care to comment?

For web stuff, I use squid to block a lot of stuff that is usually spyware. It pretty much kills any software that auto-installs (except for java webstart). Usually not to big of a deal-- the business calls the help desk and we walk them through a manual install of flash or whatever it is they need. For very common spyware, we let it infect one test machine then redirect traffic through the proxy to those sites. Ideally, we block the file name or active x control with squid. It isn't a perfect solution though...

For email, I am using p3scan, a pop3 proxy, and a couple simple scripts to rename all untrusted attachments to something else. We also have a nice script that strips out all non-image, non-formatting related html in email. The email soltion seems much more elegant and nice than the web solution-- anyone know of any setups better/similar that cut gator & other companies off at the knees like this??

In practice, this is has reduced our crapware-related helpdesk calls at least 10 fold.

Re:Claria's "users"

[SuperMo0]

Remember, unlike most spyware, Gator presents a front of allowing you to store passwords. Some people find this useful. Useful spyware may seem like an oxymoron, but Gator actually sucks some people in because of this.

Re:Claria's "users"

[Cody Hatch]

How the hell did the parent get moderated as a troll? That isn't in ANY way a troll. Even if it was wrong, it wouldn't be a troll, but sad as it is - it's correct. Gator offers at least nominally useful servies, and many people go "Oh look, a bonus utility! Nice of them to include it!".

Warning - moderators on crack loose in this discussion! (Which makes it different than every other slashdot thread, of course...)

Re:Pre-emptive crapware blocking??

[Anonymous Coward]

One I used for awhile before squid and proxy scripts [schooner.com]. Was in the host files. Most of that stuff is loaded right off the same servers everytime. vx2.cc/gator.com and its sub hosts is where most of the gator stuff came from at one time. Been using the proxy script thing for so long its not been a real problem. My hosts file is probably WAY out of date...

Using those 3 things I would say it snags 99.99% of it. You can even get the proxy thing to take it out on the client end so your sever isn't doing all the work... Works fairly well in IE and Mozilla.

Also there is no 'magic bullet'. Wish there was. You will always be chasing whatever they dream up next. Your scripts will always be mutating just as much as that industry mutates.

Like the email thing. Might have to give that a try.

Your users may not like it but you may want to scan the machines for newly instaled things too. That should help you keep up with your scripts. See something new go see where they were surfing...

Found a couple of nasty ones the other day in java. It was even using an expliot in the ms java to do its evil deeds. You may want to goto suns instead. Least its being maintainted...

Read the S1

[DeepRedux]

The Claria S1 [sec.gov] has been filed with the SEC.

It list some of their customers: Cendant, Orbitz, priceline.com, Travelocity.com, Buy.com, FTD.com, Netflix, Shopping.com, AmericanSingles.com, Date.com, eHarmony.com, Matchmaker (Lycos, Inc.), Amerix Mortgage Corporation, ING Direct Securities, LowerMyBills.com, RateMyMortgage,goZing.com inPhonic, Motorola, Sprint.

It also refers to their strategic relationships with DivXNetworks, iMesh and Sharman Networks (KaZaA).

For the year ended December 31, 2003, they generated revenue of approximately $90.5 million, substantially all of which came from online advertising. For comparision, Ret Hat's revenue is $126 million for the last year.

The lead underwriter for the IPO is Deutsche Bank Securities.

Re:43 million active users

[Anonymous Coward]

Not quite sure why anyone would need any extra software to sync time on win2k and above. Win2k has a built in sntp client which you can point at any ntp source(http://support.microsoft.com/default.aspx?s cid=kb;EN-US;216734 [microsoft.com]). True that SNTP may not be as dead-on accurate as NTP(it doesn't include the error checking and delay adjustments) but very few people have a real need for that kind of accuracy.

Re:When Pigs Fly...

[_Sprocket_]

I was going to post asking if Gator and other adware were really still extremely common.

Very common.

At my work there is a childcare center. Their systems are always inundated with spyware. I happened to be facilitating a network migration for them so one day I found myself sitting in front of some of their workstations. I could hardly use the thing. Since I was stuck there anyway (and I needed a clean machine to make sure the migration was successfull), I blew a couple hours installing ad-aware and cleaning the things out. It was a real fight. The sad thing is that their funding doesn't allow for the same level of support enjoyed by the rest of the center.

They're not alone.

Whenever I'm digging through firewall or network traffic logs, I have to grep out all the spyware crap. It's all over our enterprise. And any time we mention this to user, they're shocked. They're more than glad to admit they installed some little app. They're clueless that it dialed home. And more than glad to whack the offending app in question once they understand what's going on.

Gator relies on the oblivious user. And the world is full of them. In spades.

Re:Claria's "users"

[Jerf]

I used to not care about cookies, but I've found the latest incarnation of Mozilla has a nice system; set it to ask and click the "apply this to all cookies in the domain". If you mostly look at the same sites over and over, and that's true of most of us, you fairly quickly weed out the ad cookies and the "I don't know what that's for" cookies, and let through only the login cookies (just about the only legit use, but remember that cookies are about the only safe way to do web-site logins, so you can't just shut them off and they are not all evil). In a fairly short period of time, you just surf like normal but with better cookie control, except when you visit a new site.

Now that it's so easy, I'm actually controlling my cookies. (IE has a 'zone' implementation but since you have to go to the control panel to use it AFAIK, it's nearly useless.)

Re:43 million active users

[ewhac]

Another one of their schemes offers to download a program that will automatically sync your system time, which is useful to most people who notice that consumer PCs are usually pathetic at keeping a system time. However, I personally use the adware-free Automachron which provides the same useful function.

If you're running Win2K or WinXP, you don't need to download a damn thing to sync your clock. Windoze has an SNTP client built-in:

• Open a Command Prompt.
• Enter the command:
  net time /setsntp:servername
  where servername is the name of your preferred NTP server (your ISP should be able to provide this; typically something like ntp.my-isp.com).
• Close the Command Prompt.
• Right-click on My Computer (or whatever you renamed it to); select Manage.
• In the left-hand pane, select Services & Applications.
• In the right-hand pane, double-click on Services.
• Double-click on Windows Time (near the bottom of the list).
• In the configuration window, click the Start button. Your clock will be synchronized to the NTP time server.
• In the drop-down menu Startup Type, select Automatic. This will start the NTP client each time you boot Windows.
• Click OK. Close the Management interface.

There. No cheesy spyware necessary. Bandwidth consumption is negligible, so gamers need not worry about additional lag.

Schwab

Re:Claria's "users"

[MushMouth]

If you turn on the pagerank feature, it follows you around feeding the entire URL of every page you browse to google servers. They save that data forever with a cookie which identifies your trail. What they do with that data may be fine, but they are a for profit company that only states they wont do anything evil, but they don't give you any way to remove your data, and they are around to maximize profits. Their privacy policy says they will not give that data to anyone else unless forced to by law, which is exactly what happens when companies are acquired or when they go bankrupt (I forgot the specifics, but a bankrupt company was forced to sell all userdata to pay creditors even though the privacy policy said they would not. That is when Amazon updated thier policy to clarify that that could happen and EPIC went crazy)

Re:Claria's "users"

[TheOnlyCoolTim]

Basically, Google toolbar can offer features based on what website you are currently viewing. It can display the approximate PageRank, for example.

To do this, it has to send the URL to the Google servers which send back the information. This makes a lot of sense if you think about it. If you want to look for something on eBay you have to tell the eBay servers what you want. If you want to look up something on Wikipedia the Wikipedia servers must know what you are looking for.

On top of that, Google puts up a big message plainly stating that if you want to use these features the toolbar will have to phone home, and giving you the option to not use them. It's not a shady EULA thing like Gator or whatever, it's quite plain.

But OMG GOOGLE IS TEH TRACKING US TINFOILS HATS!

Tim

IPO Filing info..

[-tji]

I'm surprised that they have gotten reputable financial institutions to underwrite their IPO. According to the Wired article, it's being underwritten by Deutsche Bank Securities, Piper Jaffray, SG Cowen Securities and Thomas Weisel Partners. Wasn't Deutsche Bank involved in some of SCO's funding??

Their IPO filing says they derived 31% of their 2003 revenue ( ~ $30M ) from "Overture Services". Interesting.. Overture seems to be straddling the line between legitimate business & spyware.

Also, the risks section of their IPO filing is pretty amusing. Anyone with half a clue will see what a detestable company they are after reading the risks. Some of the risks they list are:

- Popup blockers. impeding their ability to attract customers.
- People buying new computers. Since their software won't be on the new system.
- spyware detectors which uninstall their software (as offered by AOL, McAfee, Symantec, Earthlink, and others).
- Changes in MS operating systems (i.e. SP2 with the popup blocker and other security enhancements could screw them)
- New technologies that would "hamper the operation or our GAIN AdServer".
- Changes in legislation could impair our ability to provide services

Basically, they are saying that they operate by tricking people into installing their software, and a lot of people are trying to stop shady operators like them.

Anyone who invests in them deserves to lose their money.

Re:When Pigs Fly...

[cgenman]

I was going to post asking if Gator and other adware were really still extremely common.

I'd say it's getting worse.

I just did a little free consulting for the owner of the building I used to work on, his nephew, and one of their former clients forced out of the country by the Bush administration (don't ask). Cookies aside, they were averaging roughly 20 spyware infestations and a worm each. Gator / Claria was on all five machines, along with a host of other assorted malware.

Perhaps it just seems like it's getting worse because we have better definition files these days, or because these programs are smearing themselves out into more parts of the system, but three years ago a computer with over 1,000 files related to spyware would be out of the question. Now, it's far more common than you would think.