We are porting our Firefox toolbar to IE. I've heard horror stories of developers having their toolbars marked as Spyware or Adware by the various anti-Spyware companies, and then having an awful time trying to get them off the blacklists. What are the top things that we need to avoid doing so we don't run the risk of being marked as spyware. In case you are wondering, we are clearly not spyware, yet we do plan to access various API's, such as Twitter and Facebook.
+3
A:
- Have a clear and concise privacy declaration which details all the information that you keep on users and how users can opt-out of this. The W3 P3P system offers very good rules on how to do just that, even if you don't go about implementing P3P itself.
- Use clear-text HTTP based communication for all interactions with the server - if malware researchers have a hard time understanding what you communicate to servers, then they are more likely to mark you as malware.
- Implement P3P in your servers.
- Make sure its easy to disable temporarily as well as to completely remove your toolbar.
- Make sure that the uninstall procedure does not leave any gotchas for the users - remove everything you've put in.
- Never, under any circumstances popup windows. passive notifications are OK if the user has requested them and can easily opt-out from them.
Follow these guidelines and its highly unlikely that your toolbar will be marked as malware.
Guss
2009-08-18 16:03:27
Nice guidline. Short version: "Behave!"
EricSchaefer
2009-08-18 16:05:24
Or "Don't be evil!" ;-)
Cory Charlton
2010-02-17 01:54:11