For obvious reason, free security applications are often the most popular. However, the definition of free has taken on new meaning lately.

Many free security applications are being bundled with toolbars, and/or gather information about your system and surfing habits. Often these add-ons are installed by default, and not clearly explained. Here are some examples:

  • Recently it seems Ask! has been courting security publishers. Webroot’s Spy Sweeper, and ZoneAlarm both have the option to install the Ask search toolbar pre-checked, or installed by default. ZoneAlarm goes so far to call it “ZoneAlarm Spy Blocker”, which may make you think it’s a security add-on. Judging by the reaction in support forums, most people are surprised to find the Ask! toolbar installed after installing one of these applications.
  • Spyware Doctor is available as a free download from Google, as part of their Google Pack [affiliate]. However, the default Google Pack installation will also include (pre-checked) Google Earth, Norton Security Scan, Google Desktop, Picasa, Google Photos Screensaver, the Google Toolbar for IE, Firefox with Google Toolbar, Adobe Reader, and will change your homepage and default search engine to Google.
  • Trend Micro’s HijackThis “Analyze This” button. Per their license agreement, clicking this button submits the data from your HijackThis log to Trend Micro’s servers for them to collect, store, analyze, and disclose to third parties. Prior to Trend Micro’s acquisition, HijackThis never performed any data collection, or transmitted any information.

Why do they do it? In the case of Trend Micro, they are hoping to use the data to improve their own products, and could likely sell it to others. Google drives more customers to it’s products and search engines. The Ask toolbar pays publishers to install it.

What do you think, is it okay for these free applications to come with strings (or toolbars) attached? Does it affect your decision whether to install them? Did we miss any?

Unless there’s a user revolt, it’s likely we’ll see this trend continue, and even become more invasive. If you don’t like it, contact the publishers and let them know.

Webroot: contact form, or call (866)-612-4227

ZoneAlarm contact form, or call (415)633-4500

Trend Micro: HijackThis Feedback form

Spyware Doctor:

Google: Google Pack Group