Epic Scale and uTorrent: Bitcoin mining ‘riskware’ investigated
What is Epic Scale, is it being installed silently and should you be concerned?
Earlier today we broke a news story that discussed accusations against BitTorrent client uTorrent.
uTorrent users claimed the software’s latest update was being bundled with a Bitcoin mining program called Epic Scale. It was alleged that the installation was taking place silently – i.e. users weren’t aware the software was being installed.
Update: We’ve also had further tips from users both on Reddit and in our comments sections suggesting that multiple attempts at installing uTorrent result in an omission of the Epic Scale verification page.
BitTorrent Inc., the company that created uTorrent, flatly denied a silent installation was taking place.
What is Epic Scale?
Epic Scale, for context, is a piece of software that purports to use your ‘unused processing power to change the world.’ In short, it mines Bitcoin in the background for charitable purposes – although it also claims to help process scientific data.
We have no reason to suspect it does anything other than what it says, but equally there’s no tangible evidence – other than its word – that Epic Scale does donate to the charities it claims and how much of its revenue it donates if it does.
Comments on the internet from what appears to be an Epic Scale team member suggest it is working on ways to show their charitable contributions more clearly on its website and within the software. Its current terms and conditions only refer to a “portion” of revenue going to charities.
With that cleared up, we decided to test the installation process to see wherein the problem lies.
Installing uTorrent: Silent install or deceptive design?
At the time of writing, uTorrent was listing version 3.4.2 build 38913 as available to download. That’s the build we installed.
The installation went as follows:
1. Download the software. The file size for the Windows version was 1.66MB.
2. We were then greeted with a browser pop-up that asked us to enter our e-mail for news updates from uTorrent. The checkbox was ticked by default. Nothing unusual here.
3. The actual installation wizard begins with an intro that briefly explains the software.
4. The next page warned ‘Beware of online scams!’ and detailed how third-party websites were emulating uTorrent software for nefarious purposes.
5. The next page was an End User License Agreement. This outlined all of the terms a user agrees to when installing a piece of software. This page had two options: ‘Back’ and ‘I Agree’.
6. The next page has three checkboxes, all of which are ticked. These options mean you accept that the software will create a Start menu entry, create a Quick Launch icon, and create a Desktop icon.
7. The next page has two more checkboxes, all of which are ticked by default. These enable two settings; the first is an exception for uTorrent in Windows Firewall, while the second ensures uTorrent launches every time you start Windows.
8. The next page details a ‘special offer’ for BitTorrent users, namely in the form of an album download – 700 Fill by Ratking. The checkbox to download this is ticked by default. The next icon glows blue, while the back icon is grey.
9. The next page refers to Epic Scale, the software in question. There are no checkboxes on this page. There are two options: ‘Accept Offer’ and ‘Decline Offer’. The former glows blue, the latter is grey.
10. The next page pushes an adware called Wajam onto users. The checkboxes are smaller on this page, and ask whether the user wants to accept the software or not. There is also a ‘Finish’ icon.
11. Once completed, the software is installed and loads up.
The good thing about all of this is that there were indeed options to decline every single item of bundled software, which gels with BitTorrent’s claims that it wasn’t silently forcing software onto users.
Where uTorrent falls down in our view, and the views of some of its users, is the clarity of its process. What you have here is an installation wizard that actively makes it difficult for users to avoid installing bundled software.
The obvious trick is that most users looking to install a piece of software just click through the ‘next’ icons. This especially true for anyone who is in a rush, or is otherwise unaware about the practice of bundling other software as part of installs. Anyone who has ‘debugged’ a relative’s PC will understand how easily this happens.
The problem is that many of the checkboxes in uTorrent’s installation wizard are selected by default, which means spamming the ‘Next’ button will result in potentially unwanted software installations.
Moreover, Epic Scale didn’t actually have a checkbox. This means that if a user were to be spamming next, it would definitely install Epic Scale, irrespective of any boxes ticked.
We also feel the option of “Accept” or “Decline” is designed to make users think the installation may be cancelled on selecting “Decline”, thereby making “Accept” a much more favourable option. And even if it’s not designed as such, it is needlessly confusing.
It must be said, however, that many companies employ these methods, and not just for software. Many of you will recount times you accidentally signed up for an automated e-mail newsletter, a browser toolbar, or an added surcharge for an online purchase. However, the mix of check boxes and Accept/Decline buttons on our build of uTorrent just adds to the confusion.
The ugly aspect of this is that installing Epic Scale is very different to signing up to a newsletter, and here’s why.
Unlike toolbars and newsletters, Epic Scale isn’t a tangible addition to your cyber-life. If you accidentally installed it, you likely would never notice.
This is because Epic Scale runs in the background, only interacting with your processor. The software basically outsources processing heft to a wide net of users running the program, which is far more demanding on a system than e-mail spam.
There is clearly something wrong with a company propagating a situation whereby users are inadvertently running software – either through ignorance or deception – that affects the performance of a computer.
Moreover, Epic Scale is the kind of software often referred to as ‘riskware’. This is software that doesn’t pose a threat in and of itself, and we should stress that there’s no evidence that Epic Scale does any harm to your PC, but which could if abused by malware.
The relatively discreet nature of Epic Scale and its method of installation makes it open to such abuse, which is no doubt why several anti-virus programs, including ESET, Kaspersky, Panda, Sophos, GData, classify Epic Scale as ‘potentially unwanted’ a ‘risk tool’ or similar variations of.
We can’t help think it would be better if uTorrent designed its installer in such a way as to make it harder for users to accidentally install software like this. Let us know what you think in the comments.