On Monday, we announced we had shut down a hacker responsible for forcibly installing our software. Those forcible installs were done without our authorization and were contrary to our policies. At the time, we believed this was the same individual Ben Edelman had (cryptically) described, but purposefully not fully identified, in a post to his website earlier that same day.

As it turns out, we didn’t get Mr. Edelman’s guy on Monday. The guy we got on Monday, Sniper84, was also installing our software in the same unauthorized manner. The hacker Mr. Edelman discovered, csk2000, was shut down early Tuesday afternoon after we were finally able to identify him in the course of our ongoing investigative efforts. (Security researchers at Sunbelt Software have since confirmed that we found the “correct” culprit on Tuesday.)

As we did with the installs from Sniper84 the day before, we re‑messaged each of csk2000’s installs and provided them a one-click uninstall of our software. We took one additional step as well -- we shut off all advertisements to all installs associated with these two former publishers.

Let me be perfectly clear about the following: We do not want or condone unauthorized installs. It’s not how we do business. And it’s not how we want our business to be perceived.

We remain troubled by the irresponsible way that Mr. Edelman “disclosed” this unfortunate situation. Mr. Edelman’s self-described “lack of patience” with 180solutions resulted in thousands of unsuspecting consumers receiving our software without the opportunity to properly consent to its installation, simply because Mr. Edelman (who, ironically, portrays himself as a consumer advocate) wanted to prove some point or another by specifically withholding from us key information that we would have used to immediately shut down these unauthorized installs. The consequences of withholding that information are obvious. 

However, we remain as committed as ever to policing against and preventing “rogue” installations of our software. We have in place a monitoring and detection system that detects many types of unauthorized installs immediately, allowing us to quickly put an end to them. This week’s events demonstrate that our system works, but also could be improved. We will continue to make those improvements.

The primary breakdown here was not with our software, although our software was certainly hacked. No amount of software development will ever make any software completely bulletproof. The primary breakdown here was in our reporting and detection mechanisms. In the end, the mechanisms we have in place were able to help us find the bad guys. But, in our opinion, that process took too long, and for that we apologize.

An internal task force has been put together to fully evaluate where our reporting and detection system can be improved and to put into place the necessary reporting and alerting mechanisms to make our response a) much, much more immediate; and b) not dependent on any help from outside third parties. That assistance will always be welcome, but we are plainly on notice that “responsible disclosure” does not mean to all what it means to most.

As CTO of 180solutions, my top priority is fixing these issues to better protect consumers from the very small number of bad actors who attempt to “pull a fast one” on the Internet community. We want 180solutions and our products to be as useful to all our end users as they presently are to the great majority of those consumers.

Ken Smith

Co-Founder and Chief Technology Officer

180solutions, Inc.