Slashdot Mirror

Rather than redefining "is", it seems that our old friend has found a new home at Cydoor Technologies, makers of another KaZaA-transmitted disease, who are now pushing the ClickTilUWin trojan to spyware-friendly companies.

To quote the article:

• Greg Bildson, chief technology officer of Lime Wire LLC, said the company was led to believe the program did no more than link to a game, making the permission request unnecessary.

• Robert Regular of Cydoor Technologies Inc., which distributed the ClickTillUWin software to the file-sharing companies, said the program wasn't supposed to collect information until users activated it -- and had an opportunity to be notified and decline if they so choosed.

  Regular said he did not believe deception was intended by any of the parties.

Rather than redefining "is", it seems that our old friend has found a new home at Cydoor Technologies, makers of another KaZaA-transmitted disease, who are now pushing the ClickTilUWin trojan to spyware-friendly companies.

To quote the article:

• Greg Bildson, chief technology officer of Lime Wire LLC, said the company was led to believe the program did no more than link to a game, making the permission request unnecessary.

• Robert Regular of Cydoor Technologies Inc., which distributed the ClickTillUWin software to the file-sharing companies, said the program wasn't supposed to collect information until users activated it -- and had an opportunity to be notified and decline if they so choosed.

  Regular said he did not believe deception was intended by any of the parties.

Poor Bill. I bet his hosting expenses are gonna go through the roof after all those links.

From your post, YOU obviously don't get it. When a teenager releases a trojan on the public, It causes millions and sometimes billions of dollars worth of damage.

This is commonly (although not always) true, but is irrelevant to the point he was making, which sailed over your head. He was saying that prosecutorial resources are applied preferentially to individuals as opposed to corporations. If a backdoor/Trojan is released by a corporation, it arouses little attention. If a teenager writes a similar program they're all over him in a heartbeat! Just take a look at all the Trojans that are being released by shady software companies. Go down the list. Some of them are so obnoxious that they are reported by antivirus utilities. If a teenager wrote some of these, he'd be in serious trouble! He'd be in jail waiting for his military tribunal. The corporations that produce these programs operate in plain sight with no fear of prosecution. The law hasn't caught up with technology. It's still tiptoeing around the issue of spammers. But it's certainly caught up to the teenaged miscreants, hasn't it?

Think about this: awhile back, I updated my linux server to the latest version of the kernal at the time. It corrupted my FS, and thus I lost months of valuable work. SHOULD LINUS BE RESPONSIBLE? If the answer to this is yes, then software companies should also be responsible for releasing spyware.

This is an exceptionally silly point. First of all, Linux is free and comes with no stated legal guarantees. There is nobody to sue. Second, Linus didn't design the patch with the intention that it would corrupt your filesystem. If a company releases software that corrupts my computer on purpose, I would hope that they would be nailed to the wall. I don't know what legislation would pertain to that situation but there certainly doesn't seem to be any prohibiting spyware.

From your post, YOU obviously don't get it. When a teenager releases a trojan on the public, It causes millions and sometimes billions of dollars worth of damage.

This is commonly (although not always) true, but is irrelevant to the point he was making, which sailed over your head. He was saying that prosecutorial resources are applied preferentially to individuals as opposed to corporations. If a backdoor/Trojan is released by a corporation, it arouses little attention. If a teenager writes a similar program they're all over him in a heartbeat! Just take a look at all the Trojans that are being released by shady software companies. Go down the list. Some of them are so obnoxious that they are reported by antivirus utilities. If a teenager wrote some of these, he'd be in serious trouble! He'd be in jail waiting for his military tribunal. The corporations that produce these programs operate in plain sight with no fear of prosecution. The law hasn't caught up with technology. It's still tiptoeing around the issue of spammers. But it's certainly caught up to the teenaged miscreants, hasn't it?

Think about this: awhile back, I updated my linux server to the latest version of the kernal at the time. It corrupted my FS, and thus I lost months of valuable work. SHOULD LINUS BE RESPONSIBLE? If the answer to this is yes, then software companies should also be responsible for releasing spyware.

This is an exceptionally silly point. First of all, Linux is free and comes with no stated legal guarantees. There is nobody to sue. Second, Linus didn't design the patch with the intention that it would corrupt your filesystem. If a company releases software that corrupts my computer on purpose, I would hope that they would be nailed to the wall. I don't know what legislation would pertain to that situation but there certainly doesn't seem to be any prohibiting spyware.

The big throw was that the ads that were being served up always seemed to come from different places. One day, I decided to look into it, and discovered that all the ads were being downloaded from VX2.

VX2 is a very devious piece of sofwtare, logging every one of the sites you visit, and then popping an ad every once in a while. If you surf quickly, throttles itself; surf slowly, and it pops for every site. Quite devious, really.

• VX2's site - fairly informative
• Cexx's site - VERY informative -- tells you everything you need to know about vx2

I recommend downloading some of the software that's already been mentioned (e.g. adaware) -- they do a very good job of getting rid of all sorts of garbage.

This really burns me up. This isn't some sleazy shareware application downloaded from God-knows-where, but legitimately purchased hardware from a legitimate-looking company, that is installing advertising spyware along with its hardware drivers!! This is a clear betrayal of user trust. (Ed. note: I discovered this particular piece of spyware when installing a Creative Labs SB16 on my OWN system, so I am quite obviously angered. The heads-up came when Zone Alarm alerted me that an unknown application newsupd.exe was trying to access the Internet. Creative has yet to make good on my request for a refund on my advertising-subsidized hardware purchase.)

I see a lot of people don't care about SpyWare. I think everyone should. Maybe it's not that bad, but it's the principle - What they are doing is spying on you. Monitoring you.
If you don't do anything about it, it's only gonna get worse. Feed them a crumb, and they'll take the entire arm! Or whatever the saying is.

Cexx.org has a nice article on how to neutralize spyware.

For those interested, KaZaA utilizes spyware by the name of CyDoor - That article on cexx.org explains what it does.

For those of you who care about privacy, and can't live without KaZaA, this may interest you: Dummy Files for use with KaZaA - or ANY other app that uses the CyDoor spyware rendering it harmless.
They Uncymesh file on the same page kills the spyware when i.e. KaZaA is not in use (when it is it's active!).

All in all I can recommend going through cexx.org, lots of interesting stuff. And yeah, support Ad Aware!

Intentionally Anonymous Counter Exploiter

I see a lot of people don't care about SpyWare. I think everyone should. Maybe it's not that bad, but it's the principle - What they are doing is spying on you. Monitoring you.
If you don't do anything about it, it's only gonna get worse. Feed them a crumb, and they'll take the entire arm! Or whatever the saying is.

Cexx.org has a nice article on how to neutralize spyware.

For those interested, KaZaA utilizes spyware by the name of CyDoor - That article on cexx.org explains what it does.

For those of you who care about privacy, and can't live without KaZaA, this may interest you: Dummy Files for use with KaZaA - or ANY other app that uses the CyDoor spyware rendering it harmless.
They Uncymesh file on the same page kills the spyware when i.e. KaZaA is not in use (when it is it's active!).

All in all I can recommend going through cexx.org, lots of interesting stuff. And yeah, support Ad Aware!

Intentionally Anonymous Counter Exploiter

I see a lot of people don't care about SpyWare. I think everyone should. Maybe it's not that bad, but it's the principle - What they are doing is spying on you. Monitoring you.
If you don't do anything about it, it's only gonna get worse. Feed them a crumb, and they'll take the entire arm! Or whatever the saying is.

Cexx.org has a nice article on how to neutralize spyware.

For those interested, KaZaA utilizes spyware by the name of CyDoor - That article on cexx.org explains what it does.

For those of you who care about privacy, and can't live without KaZaA, this may interest you: Dummy Files for use with KaZaA - or ANY other app that uses the CyDoor spyware rendering it harmless.
They Uncymesh file on the same page kills the spyware when i.e. KaZaA is not in use (when it is it's active!).

All in all I can recommend going through cexx.org, lots of interesting stuff. And yeah, support Ad Aware!

Intentionally Anonymous Counter Exploiter

I see a lot of people don't care about SpyWare. I think everyone should. Maybe it's not that bad, but it's the principle - What they are doing is spying on you. Monitoring you.
If you don't do anything about it, it's only gonna get worse. Feed them a crumb, and they'll take the entire arm! Or whatever the saying is.

Cexx.org has a nice article on how to neutralize spyware.

For those interested, KaZaA utilizes spyware by the name of CyDoor - That article on cexx.org explains what it does.

For those of you who care about privacy, and can't live without KaZaA, this may interest you: Dummy Files for use with KaZaA - or ANY other app that uses the CyDoor spyware rendering it harmless.
They Uncymesh file on the same page kills the spyware when i.e. KaZaA is not in use (when it is it's active!).

All in all I can recommend going through cexx.org, lots of interesting stuff. And yeah, support Ad Aware!

Intentionally Anonymous Counter Exploiter

The lost of privacy was bad enough, but SaveNow seems to work by hooking into Windows Explorer and intercepting a great many application events. For a long time I blammed the resulting performance hit on a combination of my own excessive system tweaking, buggy Explorer plugins, and MS software bloat. It wasn't until Explorer froze up totally that I realized some background process was interfering with it, and found the culprit by process of elimination.

It strikes me that this is not very different from activities that have gotten people sued or even arrested. It's all there -- unauthorized access, theft of services, malicious action. Perhaps it's time we gave Mister Ashcroft a call!

I'll give you one reason: I'm a software developer, and one of those nasty hidden programs fucked up my system at work so bad that certain tools I have to use would not even start anymore.

It cost me 2 days to find that it was caused by something called newnet2_*.dll (IIRC), which appeared to do something with alternative TLD's. I was damned lucky to find it at that point because by chance I noticed this funny dll-name in the \winnt directory. It came with either Getright or Gozilla, programs that allowed me to resume a rather large download. More info on newnet at counterexploitation.

I did not know about ad-aware at that time. I now run it often, and I use Proxomitron as well. I found proxomitron here, 'official' site is here. Oh, and don't forget to get new definition files for Ad-Aware regularly!

I'll give you one reason: I'm a software developer, and one of those nasty hidden programs fucked up my system at work so bad that certain tools I have to use would not even start anymore.

It cost me 2 days to find that it was caused by something called newnet2_*.dll (IIRC), which appeared to do something with alternative TLD's. I was damned lucky to find it at that point because by chance I noticed this funny dll-name in the \winnt directory. It came with either Getright or Gozilla, programs that allowed me to resume a rather large download. More info on newnet at counterexploitation.

I did not know about ad-aware at that time. I now run it often, and I use Proxomitron as well. I found proxomitron here, 'official' site is here. Oh, and don't forget to get new definition files for Ad-Aware regularly!

God they are stupid. Why are they passing laws on things they don't understand? They apparently just know enough to be dangerous.

How about banning the spyware major corporations are putting out now instead? Oh, I know because the major corporations are above reproach right? Spyware Info

Some of the companies putting out major spyware include:
Copernic
Real Player (but they claim they have stopped)
Norton
Macromedia
Netscape
Gator (one of the worst)
Comet Cursor (the worst, they also put a stupid cursor on your computer, sometimes against your will)

Cookies are not the problem. The real problem is Microsoft browser security holes and real spyware.

The software installed is called WebHancer and the info about it's spyware nature is available here.

One of the major reasons that I will be using Linux after I get a new computer is to avoid this crap. Can't these people realize that they are only ticking off potential customers? I guess that the lure of more money is enough for these sleezeballs to do anything, no matter how ridiculous, stupid and/or irritating their ads get.

http://cexx.org

--

(Granted, not everyone will want to have a copy of Wine eating up memory while they surf...)

--

It sums up everything, and also contains key (annotated) paragraphs from the PhoenixNet site (so if you're too afraid of evil scripts to visit the PhoenixNet site, you can see it safely from this site). The main page of cexx.org (no relation to anything disgusting; it stands for Counterexploitation) has other helpful and interesting pages about spyware, foistware, backdoors, scams, and such. Most of it pertains to Windows, but there's some other cross-platform/no-platform topics there (including a way to make the CueCat output raw barcodes without requiring any software intervention.)

It sums up everything, and also contains key (annotated) paragraphs from the PhoenixNet site (so if you're too afraid of evil scripts to visit the PhoenixNet site, you can see it safely from this site). The main page of cexx.org (no relation to anything disgusting; it stands for Counterexploitation) has other helpful and interesting pages about spyware, foistware, backdoors, scams, and such. Most of it pertains to Windows, but there's some other cross-platform/no-platform topics there (including a way to make the CueCat output raw barcodes without requiring any software intervention.)

It sums up everything, and also contains key (annotated) paragraphs from the PhoenixNet site (so if you're too afraid of evil scripts to visit the PhoenixNet site, you can see it safely from this site). The main page of cexx.org (no relation to anything disgusting; it stands for Counterexploitation) has other helpful and interesting pages about spyware, foistware, backdoors, scams, and such. Most of it pertains to Windows, but there's some other cross-platform/no-platform topics there (including a way to make the CueCat output raw barcodes without requiring any software intervention.)

Pissedoff.com has some very...interesting disclaimers. If you can connect, that is.

--

--

The site is ... interesting. Would be much better without so many ads for OfficeXP, which are probably limiting the effectiveness of "email to friend" viral marketing ploy. Maybe you ought to have a link to the definitive "Clippy" animation?: http://cexx.org/snicker/clippy.htm

Rgds,
Bill

--

This kinda reminds me of Broderbund's spyware - dssagent.

If you haven't read the above link, you should. I discovered it shortly after setting up a firewall on a linux gateway - kept getting all these "packet denied" messages that just did not make sense.

Jury is still out on what it did - but here's more proof that it never hurts to be AWARE of what that $1,000 piece of cheap plastic and tin under your desk is really doing!

The idea that my kids are being spied on just makes my blood boil...

-Ben

Now there are a jillion useless portals, centered not around useful information or services, but Eyeballs (that magic number that brings in money) and Content (that junk you put between the ads to get the Eyeballs). To maximize the income per Eyeball, too many portals consist of nothing but useless paid-placement links...and find out that people tend not to stick around for that crap. Leading, of course, to mousetrapping (a.k.a. "circle-jerking"), home page hijacking, and the ever-popular "Browser Enhancement" that will change your homepage, Search, email signature, etc., and prevent you from changing it back.

It's a shame that the more 'upstanding' portals had to be hit by the portal-potty-itis aftershocks...
--

Now there are a jillion useless portals, centered not around useful information or services, but Eyeballs (that magic number that brings in money) and Content (that junk you put between the ads to get the Eyeballs). To maximize the income per Eyeball, too many portals consist of nothing but useless paid-placement links...and find out that people tend not to stick around for that crap. Leading, of course, to mousetrapping (a.k.a. "circle-jerking"), home page hijacking, and the ever-popular "Browser Enhancement" that will change your homepage, Search, email signature, etc., and prevent you from changing it back.

It's a shame that the more 'upstanding' portals had to be hit by the portal-potty-itis aftershocks...
--

Ya, you tell those damn Americans :)
--

Besides that, I'd still prefer curling up with a book made of dead trees instead of some electical doo-dad after working with computers all day. :)