Spy v. Spy

An anonymous reader writes "MSNBC is reporting on a brewing battle between makers of spy software and anti-spy software. According to this article the makers of Spector and WinWhatWhere have added a feature to their new software that disables the popular anti-spy software Who's Watching Me."

with things like this happening

[Afrosheen]

...there's little wonder why lots of people are trying linux these days.

Re:with things like this happening

[SquadBoy]

As long as you only install official debs you will *never* see this. That is one of the many reasons Debian rules plain and simple.

Re:with things like this happening

[ichimunki]

Agreed, it's one of the reasons I use Debian and avoid 3rd party software for which I don't get the source code. What I'm talking about is when people download the CodeWeaver CrossOver plugin, and the Flash plugin, and the RealPlayer, and stuff from the Kompany, and whatever other proprietary stuff gets written on or ported to Linux. And it all gets installed by root, even if it never gets run as root. Which means that at a user-level, the software has the potential for the problems we're seeing with Windows software.

Re:with things like this happening

[greenrd]

What I'm talking about is when people download the CodeWeaver CrossOver plugin,

Yes but CodeWeavers employs some of the Wine developers. At the moment they are basically just selling free software with a wrapper on top to fund Wine development. I really don't see them bundling hidden spyware with Crossover or anything like that - it would be all over Slashdot the next day.

(Disclaimer: I am a satisfied CodeWeavers customer.)

Vicious circle.

[b0r0din]

"It would have been best if they had just taken engineering challenge and designed something that couldn't be detected. but instead they just decided to break our program. That's kind of lame."

Whatever works for them, you can't blame a company for pulling this kind of tactic if it's the easiest way to do it.

Personally, I hate spyware almost as much as I hate popups. Almost. Of course it's all a vicious circle, just like Trillian vs. AOL. One side will do one thing, the other counter it. Rarely does anyone win in the long run, short of taking it to court.

Fair fight

[dachshund]

With all of the money to be made in spy software, and the severely limited resources (and interest) of those who want to stop it, it's unlikely that this will be much of a fair fight.

Trespassing?

[rhizome]

Certainly a court case can be made for one company modifying the files of the other's software. Leaving alone the obviously bad programming practice of having critical files able to be overwritten or appended to, it sucks that the courts would be the only recourse for something like this.

Grounds for divorce.

[sulli]

I'm not married, but if I were, and I found my partner using WinWhatWhere or equivalent, I would walk out the same day. Such things are just not cool.

Re:Grounds for divorce.

[gregfortune]

ARGH!!! It's not about what you have or don't have to hide. It's about trust. If you can't trust the one who you claim to love, what kind of love do you really have? And if your spouse does not trust you, do they love you? And if they don't love you, why are you married to them? Sex? Money? Great, that probably makes a wonderful marriage.

Re:Grounds for divorce.

[Marcus+Brody]

The law enforcement issue sounds to me to be bogus, if law enforcement really needs such tools they would be best advised to develop them internally and use them sparingly. Genuine vendors of law enforcement tools will typically only sell to law enforcement and verify who they are selling to.

For people who live in democratic western countries - such as ourselves - you would think this to be true.

However, there are many countries with long records of human rights abuses. Many police agencies in such countries would not think twice about using said software.

Even worse - it would appear even our own law-abiding law-enforces are a little dubious. The recent furore over DIRT for instance. Check out this little article on the reg

If you want to know more about DIRT - a snooping/trojan tool produced in the US and used in the 3rd world to plant evidence on suspects computers - you should search theregister.co.uk or the archives at cryptome.org (they even have a link to download a cracked copy, if it hasnt been pulled yet).

It makes scary reading, look into it.

How would you like to be a customer of these guys?

[BLKMGK]

I can see it now - pop up appears telling you to get the hourly new release of this software that counters the other companies latest release (sigh). After awhile people are going to start to feel like hockey pucks getting passed back and forth. I'd agree that simply stealthing the "spy" program better would be the way to go but so long as you can get your hands on your competitors products...

I know - write an iron clad EULA to prevent reverse engineering, encrypt everything, and then just sue one another under the DMCA or somesuch until both companies are broke. Yeah, that's the ticket! There's not going to be any winners here...

Heh, and I've now met a few people that have caught spouses "cheating" using software like this. People are spying on their kids like crazy too. Maybe this new bill Hollingsworth has proposed will make our computers "pure? Maybe it'll cure world hunger too (ahem). What a mess!

This is a trojan horse, plain and simple.

[realgone]

you can't blame a company for pulling this kind of tactic if it's the easiest way to do it.

Sure you can. Watch. I'll do it right now. =)

Without warning the user, WinWhatWhere disables another piece of software for which that person has paid good money. That's like IE deleting Netscape if it detects it on your system. That's like your trusty Chevy switching to Battlebots mode every time it detects a Honda in the highway.

It's destruction of property. (Or, since we're talking about software here, illegally depriving someone of their licensed usage of a product.)

Re:This is a trojan horse, plain and simple.

[sllort]

The interesting battle would be carried out not in the code but in the EULA. Sure, the SpyWare is allowing the Spy to commit a crime by installing it on someone else's hardware. The Spy is guilty of the crime, but is the SpyWare guilty of the crime? That would depend on how much warning text they have placed in their EULA about the intended use of the product. I'm not qualified to evaluate legal agreements, so I'll leave it at that.

Re:Mmmm.. FUN! And a legal nightmare..

[HMC+CS+Major]

Okay, this is my computer. I purchase a piece of software that is supposed to detect snooping software hiding out on my machine. Said snooping software destroys my anti-snooper, interfering with it's proper operation and generally depriving me of it's service that I have paid for.

Shouldn't I be able to sue the snooper software, as I did not ask for it and did not give any kind of authorization for it's installation into my system? To say nothing of the trespassing charges I'm going to bring against the snooper developer..


Consider this situation: You are at work, and you'd like to know if someone's snooping on you (a valid concern). You install your anti-snooper, and the snooping software disables it. Since the computers are owned by the company, you really have no legal recourse (take your software elsewhere?).

Alternative situation: You are married (this may be a stretch...), and your wife thinks that your time spent reading slashdot is really time being spent talking to hideous women in yahoo chat rooms. She gets suspicious enough to buy, and install, activate the snooping software on your home computer. It disables anti-snooping software you installed long before. Now, assuming you believe in the concept of marriage, the computer is as much hers as it is yours: why should your software be any more important than hers?

The Best Anti-Spy Software

[The+Famous+Brett+Wat]

Theoretically speaking, the best anti-spy software would be an operating system with a good security model (to make life hard for spyware that runs on it) and publicly available source code (to assure that it is actually secure and not spyware itself).

I'm not trying to pat Linux or *BSD on the back here -- the Unix security model is far from ideal, actually -- but it's a good argument for open systems in general, even if they're not "free" as such.

Memo to people who install spyware at home.

If you don't trust your spouse/partner, divorce/leave them.

Re:Mmmm.. FUN! And a legal nightmare..

[donutello]

if the spyware was installed by someone who doesnt own the computer

In that case, shouldn't you sue the person who installed it rather than the company who makes the software? Didn't we all agree that there was nothing wrong with writing DeCSS or Napster or other software - it was only the person using it for illegal purposes who was at fault?

Re:ot?

[0x0d0a]

Yeah, but the main difference that made Core Wars cool was that it was sandboxed.

Maybe sandboxing by default will become the way of the future...

Re: Corporate use of spyware

[Raetsel]

I've read about the use of spyware in the past... some very large companies make use of it. I seem to remember that Deloitte & Touche uses some spyware that's rather... comprehensive. I want to say some of the features included (among other things)...

• Logging every keystroke you make
• Logging the title of every window you open
• Recording screenshots of windows
• E-Mailing all of this to a designated person...

Not only is it something they use internally, it's also something they use in their consulting activities, on their clients' computers! You hire them, and you're under a microscope... very Big Brother. It goes way beyond the spying that's possible with the last version of Microsoft SMS that I used. (I admit, it's been a while!) Also, I've noticed that some people really don't pay attention to the fact that SMS has 'remote viewing' capabilities -- your sysadmin can watch you browse just like he/she watches the evening news. Then again, SMS's installation is rather obvious -- at least to the technically inclined.

I have to consider the other hand as well... If you're hiring a consulting company, they have an obligation to do their job to the best of their ability. That means using all the resources legally available to them -- no matter how distasteful. If you've got someone who's supposed to be doing data entry, and they're actually running their own little eBay store out of the supply room... well, you're going to need all the ammo you can get to convince the boss to fire his brother!

With the sentiment of "It's OUR computer, OUR time, and OUR money!", I don't think you're going to be seeing spyware-free companies advertising the fact anytime soon.

In fact, with the precedent that computers have been and continue to be monitored; a company could incur severe liability for deliberately not monitoring! Consider the potential liability burden when you don't catch sexual harrasment or some particularly nasty criminal activity... What happens to the company when it's shown that 'standard industry practices' would have given advance warning of, or even prevented [some illegal event]?

What happens? A check with LOTS of zeros to the left of the decimal... at the best, your lawyer gets it. At worst, THEIR lawyer gets one, THEY get one, etc...

Virtual Machines are the Answer

[JohnDenver]

Viruses, Spy Software, Trojans, etc.

Every operating system should have a sandbox that looks like the rest of your computer where you run programs you don't trust. When the program tries to install itself perminately or hook itself into a DLL, it will only do it to that particular sandbox.

This sort of protection has been supported by Intel since the 286, why is it we still don't use virtual machines for security purposes?

Now waitadoggoneminuteheah!

[Apuleius]

Compare these quotes: Haight said. "It's just the way the security of our software works. It won't allow (anti-spy) software to run." And a few words later: . SpectorSoft says its software is for monitoring, not spying, and tells purchasers to always advise computer users they are being monitored. Well, if that is the case, why is he bothering to disable WhosWatchingMe? Grrrr. People who lie so blithely piss me off.

Re:Additional measures...

[Forkenhoppen]

Yes, but then they could decide to do something else, totally different. The spyware could change the pointer to the source of the files to download, and *bam*! Suddenly you've installed whatever piece of software they want you to. (Maybe just a neutered version of the anti-spyware.. but it could also be a trojan of some sort..)

The problem, as I see it, is one of who has control of the local computer. If everyone and anyone who can get in front of the keyboard has the ability to install an executable.. bam. It's Windows' insecure nature that allows spyware like this to exist.

Solution? If you're running Win2k, make sure that your default user login doesn't have the ability to install files. (A friend of mine set his computer up like this because he considers his firewall insecure.) This way, not just anyone'll be able to install spyware on your machine unless you've given them the password.

Still.. probably pretty easy for someone with experience to get around.. but.. *shrug* Set your boot drive to C first and only, put a BIOS password on it, and that's probably as close as you'll get to secure. : /

More virus-like that the company might admit

[Karl+Cocknozzle]

If I found that someone had installed unauthorized spyware on my machine and broke my anti-spyware, I would be suing not just the individual who installed it on my machine in the first place, but also the company that makes the spyware.

And would you also sue a binocular manufacturer if someone spys on your wife in your backyard?

In this country, based on the lawyer-fication (and simultaneous puss-ification) of the United States, intent often has a lot to do with whether you win or lose in court.

To win a lawsuit against somebody who built a product that was used to commit a crime, you have to prove the manufacturer intended the product to be used to commit a crime. While it would be hard to argue that the binocular manufacturer intended the product to be used illegally, it might not be so tough with the Spyware. Consider that Spyware has only one function, to collect data without the knowledge of the person under surveillance.

Further, if you check out the web-site, you'll see that the Spyware referred to in the article has a "remote stealth install" method, rather similar to an Outlook/VB Script virus.

You send the victim (er, your husband) an email with the "stealth installer" executable attached. If your target is an average Outlook user who double-clicks on every attachment he gets, all he'll see is...Well, nothing. According to their web-site when the target clicks on the stealth installer the software is up and running in a few seconds without alerting the target to its presence.

No, it's not "technically" a virus, it's a trojan horse. As far as I know, there's no special legal protection given to authors of Trojan Horses who sell them for profit.

IT ISN

[DunbarTheInept]

Everyone seems to be ignoring one very important point here - this isn't a balanced situation. People are acting as if Software A makes Software B fail and Software B makes Software A fail so it's a two-way street. It ISN'T! Software A does NOT make B fail, it merely exposes the existence of B. For this, B retaliates by making A fail altogether.