Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Why is your Mac all for sudden using Bing as a search engine? - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Why is your Mac all for sudden using Bing as a search engine?

Even as a Mac user, you may have heard about Bing, at least you may have seen it demonstrated in commercials [1]. But if your default search engine on your Mac is all for sudden switched to Bing, this may be due to another piece of legacy software that some Mac users may have a hard time living without : Microsoft's Internet Explorer. So why not just search ("google") if there is a version for OSX:

Google Search for "mac internet explorer"

Sure enough, there is a FREE! Internet Explorer for Mac available. Lets download it, and see what happens. 

As it turns out, the page that you are going to download (the usual .dmg file) is signed by a valid Apple developer signature. It will install fine with Maverick's default "gate keeper" setting. Upon installation, it offers a couple additional free product. A "Shopping and Search Helper" as well as some software that will clean your Mac and make it run faster and safer.

In some ways, I have to say I admire how honest the search optimizer is in its EULA. The software will (the original uses all upper case for this section, like shown below):

.. RESET YOUR HOME PAGE AND/OR DEFAULT SEARCH FOR INTERNET EXPLORER, FIREFOX AND CHROME TO TROVI SEARCH...

... BLOCK AND NOTIFY YOU OF ATTEMPTS BY OTHER SOFTWARE TO CHANGE YOUR SELECTED HOME PAGE AND/OR DEFAULT SEARCH...

The Trovi privacy policy is similarly explicit, and not hiding must. The software will collect among other items [2]:

  • IP Address and device identifiers like UDID 
  • web pages you visit and the content you see, access and utilize... 
  • interactions on social networks
  • registration information you provide like name, address, e-mail, phone number, gender birthday

In the end, you end up with a bunch of adware, and , an actual legit version of Internet Explorer 5, which used to run on Mac OS, but doesn't really run on OS X Mavericks. 

For a full walk through see this YouTube video: https://www.youtube.com/watch?v=bVwyxaYJgKY

??

In short: I don't think this software does anything illegal. It clearly advertises what it does. If you feel otherwise, you can file a complaint with courts in Cyprus where the company is located.

[1] https://www.youtube.com/user/bing
??[2] http://info.trovi.com/Privacy

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

I will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco Winter 2019

Johannes

3649 Posts
ISC Handler
Well it's not illegal only because they specifically described the data collection information in the EULA. But this brings about another problem:

Most EULAs are so long that the software developers/companies know that 99.99% of people do not read the EULA in its entirety. I'll bet that they make the EULAs tediously long on purpose... to dissuade people from reading it.

There really should be a EULA standard/law so that the EULAs are shorter and more IOS like. For example, on my iPhone, when I download an app that wants access to my photos, it will warn "This app wants access to your photos" and then it will ask "Do you want to allow this?". EULAs for all software PCs/Macs/etc should be more like this. Much shorter and with specific questions. So you are not just answering "Do you agree" to a complex 10-page EULA but instead, you are asked a series of questions and you only fully agree with the EULA after answering "Yes" to all of the specific questions.

Currently, the EULAs are working in the favor of bad actors and shady developers/apps. They really need to be standardized (and possibly regulated) to be more specific and more user friendly.
da1212

69 Posts
Quoting da1212:Currently, the EULAs are working in the favor of bad actors and shady developers/apps. They really need to be standardized (and possibly regulated) to be more specific and more user friendly.


True statement, as many TOS but we must understand the lawyers need their little fees too. What I find interesting is why anyone would fall for this?

Some years back some sites (Honeywell sections) were only optimized for IE, however I have not run across any in the past two years, well, obviously the greasy haired mongrel MS site for updates.

I mentioned this to my wife today, they just moved 200 users off WinGOES PC's to Apple PC's... I am sure her sub-crack-pot IT department will have ???? dancing over their orb going.. huh? For fun, I will post the timestamps of what happens.

See will not fall for the SCAM.. Thanks Johannes! :tiphat:
ICI2Eye

52 Posts
Quoting da1212:Currently, the EULAs are working in the favor of bad actors and shady developers/apps. They really need to be standardized (and possibly regulated) to be more specific and more user friendly.


True statement, as many TOS but we must understand the lawyers need their little fees too. What I find interesting is why anyone would fall for this?

Some years back some sites (Honeywell sections) were only optimized for IE, however I have not run across any in the past two years, well, obviously the greasy haired mongrel MS site for updates.

I mentioned this to my wife today, they just moved 200 users off WinGOES PC's to Apple PC's... I am sure her sub-crack-pot IT department will have ???? dancing over their orb going.. huh? For fun, I will post the timestamps of what happens.

See will not fall for the SCAM.. Thanks Johannes! :tiphat:
ICI2Eye

52 Posts
>> There really should be a EULA standard/law so that the EULAs are shorter and more IOS like.

Today, I helped a friend install the Yahoo! application onto her iPad (running IOS, of course). The EULA was *FORTY* pages.

If that is "short", then what is "long" ???
Anonymous

Sign Up for Free or Log In to start participating in the conversation!