Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spy v. Spy

Posted by michael on from the shaken-not-stirred dept.

An anonymous reader writes "MSNBC is reporting on a brewing battle between makers of spy software and anti-spy software. According to this article the makers of Spector and WinWhatWhere have added a feature to their new software that disables the popular anti-spy software Who's Watching Me."

4 of 356 comments (clear)

  1. Mmmm.. FUN! And a legal nightmare.. by Fixer · · Score: 5, Interesting
    IANAL, BIAAIL (But I Am An Interested Layman)..

    Okay, this is my computer. I purchase a piece of software that is supposed to detect snooping software hiding out on my machine. Said snooping software destroys my anti-snooper, interfering with it's proper operation and generally depriving me of it's service that I have paid for.

    Shouldn't I be able to sue the snooper software, as I did not ask for it and did not give any kind of authorization for it's installation into my system? To say nothing of the trespassing charges I'm going to bring against the snooper developer..

    --
    "Avast! Prepare for the rodgering!" THWACK! "Arrr.. me nards.."
  2. Re:with things like this happening by ichimunki · · Score: 4, Interesting

    And as soon as more and more average users start using Linux, we'll see all sorts of fun stuff getting thrown into RPMs and .deb files and this problem will just follow. The only thing that will prevent it is the fairly high sense of ethics that most free software developers bring to their work (which is part of why I like free software so much myself).

    --
    I do not have a signature
  3. Counter-countermeasure engineering problem... by CaptainPhong · · Score: 4, Interesting
    It would have been best if they had just taken engineering challenge and designed something that couldn't be detected. but instead they just decided to break our program. That's kind of lame.

    Of course, the anti-spy people could treat these countermeasures as an engineering problem.

    A couple possible (partial) solutions:

    1) Check for beligerant spyware during the install process (the install program would presumably be running from a CD, so it couldn't be corrupted). Later, if it detects that spyware is being installed, fire off warnings, send e-mails, make logs, etc. to make sure that the spyware can't cover it's tracks.

    2) In the documentation, note that failure for the program to run or a crash could indicate the presence of spyware (and that you should run an "emergeny check" from the install disk).

    3) Put a check on the integrity of the software in the MBR (using CRCs and such). If a spyware messes with that, it should trip off the BIOS virus checking. That would also have to be documented of course so the user understands what the heck is going on.

    4) Have the anti-spyware run entirely from a separate disk (maybe a boot disk to be sure the spyware isn't running waiting to thwart the anti-spyware). When you come in to work, or sit down at your computer, throw in the disk to be sure nobody installed spyware when you weren't there.

    5) Make the anti-spyware as stealthy as the spyware. If the spyware or the person installing isn't aware of the presence of anti-spyware, the anti-spyware is much more likely to be successful. Using polymorphic code, constantly changing file names, etc. could probably be pretty effective.

    None of these solutions are perfect of course, but a bit of a battle is probably inevitable, as the two types of software both have legitimate and illegitimate uses, and the only way one of the two can succeed is by defeating the other.

    --
    ... "Give me a woman who loves beer and I will conquer the w
  4. Re:Grounds for divorce. by Zeinfeld · · Score: 4, Interesting
    oh PUHLEEAASSSEEE. If you are married, you shouldn't have anything to hide from your spouse.

    I have confidential information concerning many of my clients and former clients on my machines. I do not share that info with my spouse. Nor do I want my doctor, lawyer or accountant sharing my confidential information with their spouses.

    The spyware folk appear to me to have got off very likely in the article. It appears likely to me that the overwhelming use of their wares in the long term is likely to be outright criminal, capturing passwords, credit card numbers etc. This was the modus operandi in the crimes Mitnick was sent to jail for the first time.

    The law enforcement issue sounds to me to be bogus, if law enforcement really needs such tools they would be best advised to develop them internally and use them sparingly. Genuine vendors of law enforcement tools will typically only sell to law enforcement and verify who they are selling to.

    Using the tools without a court order is very likely to be illegal in many jurisdictions. It would appear to be unauthorised modification of a computer system. If it isn't illegal already it is an oversight and it is likely to be made so.

    This story strikes me as being very similar in tone to the early stories we would hears from the hacker community. 'We never do damage' they would say, 'we only go after child pornographers and terorists', having (legally) reviewed intercepts of the activities of certain widely reported hacker's activities I can assure people that they misrepresent their actions and motives.

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/