uTorrent Bloatware, Spyware, and Malware

My version of uTorrent just advised me to upgrade, from 3.1.3.27443 to 3.3.0.29625.  I noticed a wide variety of unfavorable aspects of the upgrade/installation.  I wanted to post it here and see if anyone else has noticed the same.

IMHO, uTorrent has totally jumped the shark.  This used to be my go-to BitTorrent client.  Now it’s just a piece of bloatware garbage.

As of May 2013, the most current version of µTorrent (3.3.0.29625) includes advertisements displayed in the lower left of the client which can be disabled by unchecking Options>Show Plus Information.

An additional horizontal advertisement bar has been added below the Toolbar that was not present in earlier versions (e.g. 3.1.3.27443), which can NOT be disabled.  This bar contains advertisements for products such as “SpeedUpMyComputer”.  The format of the horizontal advertisement bar is such that it strongly resembles the transfer status of active torrents, including Status, Health, and Rating Stars all located directly above the corresponding torrent columns.

Here’s a picture of the offending ad bar.

Image

In case you can’t tell, the advertisements are the bit in tan/yellow.  Yeah, that’s right.  It looks EXACTLY like the actual torrent software.

Related to the Installation and License Agreement,
In the most current version of uTorrent (3.3.0.29625), the License Agreement contains language related to the installation of several additional pieces of software which contain features very similar to spyware and/or bloatware.

The “Full Installation (Recommended)”, which is selected by the installation software as the default option, will
* “Install the Toolbar including Value Apps”
* “Set my default search and home page to Conduit search.”
* “Install and enable Search Protect to notify of changes.”

The additional optional components have a corresponding additional EULA, including
* “Value Apps may include Conduit apps and third-party apps.”
* “Conduit is not responsible for the practices of third parties.”
* “In addition to Value Apps, other apps may access, collect and use your personal data, including your IP address and the address and content of web pages you visit.”

A “Custom Installation” option may be selected, after which the optional components may unchecked.

Has anyone else noticed this annoying downgrade during the upgrade process?

This post is hereby licensed CC BY-SA (Creative Commons Attribution-ShareAlike).  A link back to this post is sufficient attribution.

Advertisements

6 thoughts on “uTorrent Bloatware, Spyware, and Malware

    • It’s good to stay up to date. Security updates and such.

      Also, this post is mostly about the sketchy tactics of making software noticeably worse with newer versions. That kind of crap is never acceptable.

  1. Just use 2.2.1, everything above that is utter crap. You dun goofed by going to v3 in the first place. Also, security updates are practically non-existent for uTorrent nowadays. They are just more ads or ways to improve the ads.

  2. I also noticed that the Conduit.com bloatware (search engine hijacker) was installed WITHOUT asking any permission during the automated update of µTorrent.
    In Google Chrome this bloatware runs in stealth mode without any visible toolbar and without any option to disable it. The component is NOT listed as a regular addon. It hijacks the address bar directly, it redirects all suggestions while typing in the universal address bar, it also hijacks the default page when adding a new tab, which normally shows your *local* history or *local* favorite sites and allows you to access to applications running from within the browser.
    When you perform search with it or open a new tab, it shows a page that looks VERY similar to the basic Google page, except that it is in English only, and that all other Google applications listed there are missing. You’ll notice however that this page displays the Bing logo, because it will perform searches indirectly via Bing, but results are tweaked by Conduit (you won’t find the usual things, you won’t distinguish contents promoted by paying advertizerts in the search engine, and all displayed links will be tracked by Conduit.com if you click to follow them (neither Bing or Google will be informed of these clicks). Some of these links DO NOT go directly to the found sites, you pass by a prior page which may display additional ads, trying to divert you to reach the intended site. In some cases, the site you wanted to visit will be proxied silently by Conduit.com (if it’s not secured with HTTPS), including site logon pages (if they are not FULL secured), so Conduit.com is also a stealth password monitor, trying to stole your online accounts.
    Be careful in Chrome if you ever see the “New Page” tab changing of with missing functionalities !

    Now I will no loger trust µTorrent anymore (uninstalled compeltely). Note that the Conduit.com is still NOT reported as a malware by lots of security tools (only because Conduit.com has presented them an EULA explaining what they do to the users, but µTorrent does NOT respect this EULA as it gives NO chance to its users for seeing it in its automated updates. Note that µTorrent is FREE of this bloarware in its regular download. This is not the case once it will perform automatic updates each week : you won’t see the bloatware during the first few weeks, but will suddely see your browser hijacked after this period. These automated updates are in packages **digitally signed** by µTorrent and originating from **their** servers, but they are **different** from their standard download page at the same time.

    It’s not an accident ! the µTorrent sites are known to have been compromized in the past (in 2007 their regular download page was in fact downloading a dangerous virus pretending to be a “security tool). In early 2013, µTorrent “featured” an “Apple22” toolbar that was also supported by them for a llmited time. But in May 2013 and September 2013, this is now “Conduit.com” which is installing, silently with µTorrent singed updates. These repeated actions mean that you can no longer trust µTorrent. And because µTorrent is built by the same company as BitTorrent, I will also no longer trust the original.

    TO BE BANNED now imediately : µTorrent and BitTorrent (and a few other versions made by them as proprietary software under various brands or presentations).

    I have switched to **qTorrent **(which is fully opensourced, and completely free of the µTorrent bloatwares) because it has everything useful from µTorrent, without the risks. Its user interface is almost the same (even if technical panes are less detailed), with excellent performance and full support of all advanced protocols like the DHT, UPNP support for NAT traversal, local trackers, trackers exchange.

  3. Correction this is not “qTorrent” but “qBitTorrent” that now fully replaces my older µTorrent now banned definitely.

    See it on htt://www.qbittorrent.org/ which is its official website, access to the source repository (to browse it and review the code publicly), support pages, and downloads of binary installable packages or source archives).

    Note that there’s still no connector for browsing medias on your smartphone connected by USB or on your SD flash card reader, but anyway this feature in µTorrent had numerous problems, including the duplication of entries each time you plugged your smartphone to your PC, just for recharging it via an USB cable. You absolutely don’t need thos feature becuse you can browse the contents of your plugged smartphone or media players or flash cards directly from the Windows explorer, using the regular drivers installed for these devices.

    And in fact it’s still best to select what to share by copying the appropriate content to a folder on your PC, that you’ll share locally (it will also performing much better because flash drives on external devices are damn slow and resource intensive on your PC, or may even drain the battery of these devices faster than the energy they are charging through the tiny USB connector! Copy the files locally to your PC just once in a serial access, instead of constantly in random accesses by your Torrent sharing client)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s