Slashdot Mirror
Spy v. Spy
An anonymous reader writes "MSNBC is reporting on a brewing battle between makers of spy software and anti-spy software. According to this article the makers of Spector and WinWhatWhere have added a feature to their new software that disables the popular anti-spy software Who's Watching Me."
What we really need is the Grey Spy as she always wins. Now, who is that Grey Spy?
-- Azaroth
Lazy bastard. http://cryptome.org/dirty-hope.htm
http://cryptome.org/dirt-feedback.htm
http://cryptome.org/dirt-author.htm
http://cryptome.org/dirt-safrica.htm
...there's little wonder why lots of people are trying linux these days.
"It would have been best if they had just taken engineering challenge and designed something that couldn't be detected. but instead they just decided to break our program. That's kind of lame."
Whatever works for them, you can't blame a company for pulling this kind of tactic if it's the easiest way to do it.
Personally, I hate spyware almost as much as I hate popups. Almost. Of course it's all a vicious circle, just like Trillian vs. AOL. One side will do one thing, the other counter it. Rarely does anyone win in the long run, short of taking it to court.
With all of the money to be made in spy software, and the severely limited resources (and interest) of those who want to stop it, it's unlikely that this will be much of a fair fight.
...somebody tries to sue while claiming a violation of the DMCA? This seems like something a corporation would pull out from it's sleave if it sees it's efforts to stop the anti-spy software is going nowhere...
I lost my concept of community when my community lost all concept of me.
It's just one more reason to remind everybody: Make sure your software is Patched, and up-to-date
That goes for all sides of the fence.
SM MBL-VIR looking 4 SIG 4 LTR. must be DDF, no 420, SD ok.
Certainly a court case can be made for one company modifying the files of the other's software. Leaving alone the obviously bad programming practice of having critical files able to be overwritten or appended to, it sucks that the courts would be the only recourse for something like this.
When I was a kid, we only had one Darth.
In other news, CTRL+ALT+DEL is said to circumvent WinWhatWhere security measures...
This isn't about AdAware and the advertising spyware that tracks your websurfing. This is keyboard and screen monitoring spyware used by law enforcement, corporate IS depts, and, as the article points out, suspicious spouses. Internet connectivity does give some remote monitoring features but the software probably logs locally too.
Okay, this is my computer. I purchase a piece of software that is supposed to detect snooping software hiding out on my machine. Said snooping software destroys my anti-snooper, interfering with it's proper operation and generally depriving me of it's service that I have paid for.
Shouldn't I be able to sue the snooper software, as I did not ask for it and did not give any kind of authorization for it's installation into my system? To say nothing of the trespassing charges I'm going to bring against the snooper developer..
"Avast! Prepare for the rodgering!" THWACK! "Arrr.. me nards.."
sPh
Dang, I didn't even know that stuff existed :o( That's taking software development to a new low. What is love/loyalty/etc if you don't trust it and must periodically monitor the person's lifestyle to make *yourself* feel better? That's just sleezy.
At some point a company will probably (if it hasn't happened already) offer the fact that they do not run such software as an benefit. Some day, that may be a decision you make ranking right up their with stock options/benefits/work location/pay rate.
And heck, maybe we'll pick our spouses the same way. As in, "Do you promise to love and obey your husband and never use spyware on him?"
Better yet, just unplug the power. Not only will that prevent any spyware on the market, it also makes your computer really secure. ;-)
I'm not married, but if I were, and I found my partner using WinWhatWhere or equivalent, I would walk out the same day. Such things are just not cool.
sulli
RTFJ.
It's a slippery slope you're walking into. Depending on how they argue it, updating system files (that other programs haven't been compiled against) and _inadvertently_ breaking them (as opposed to intentionally doing so as in this case) would be cause for a lawsuit.
Plenty of Windows programmers (and those of us bit in the ass by Gnome/KDE version fuckups) have mused at one point or another that DLL Hell should be a crime, but I doubt anyone ever took it seriously.
Easy does it!
This comment has been submitted already, 276865 hours , 59 minutes ago. No need to try again.
I can see it now - pop up appears telling you to get the hourly new release of this software that counters the other companies latest release (sigh). After awhile people are going to start to feel like hockey pucks getting passed back and forth. I'd agree that simply stealthing the "spy" program better would be the way to go but so long as you can get your hands on your competitors products...
I know - write an iron clad EULA to prevent reverse engineering, encrypt everything, and then just sue one another under the DMCA or somesuch until both companies are broke. Yeah, that's the ticket! There's not going to be any winners here...
Heh, and I've now met a few people that have caught spouses "cheating" using software like this. People are spying on their kids like crazy too. Maybe this new bill Hollingsworth has proposed will make our computers "pure? Maybe it'll cure world hunger too (ahem). What a mess!
Build it, Drive it, Improve it! Hybridz.org
OS and JEDGAR
/jed'gr/), in honor of the former head of the FBI.
This story says a lot about the ITS ethos.
On the ITS system there was a program that allowed you to see what was being printed on someone else's terminal. It spied on the other guy's output by examining the insides of the monitor system. The output spy program was called OS. Throughout the rest of the computer science world (and at IBM too) OS means `operating system', but among old-time ITS hackers it almost always meant `output spy'.
OS could work because ITS purposely had very little in the way of `protection' that prevented one user from trespassing on another's areas. Fair is fair, however. There was another program that would automatically notify you if anyone started to spy on your output. It worked in exactly the same way, by looking at the insides of the operating system to see if anyone else was looking at the insides that had to do with your output. This `counterspy' program was called JEDGAR (a six-letterism pronounced as two syllables:
But there's more. JEDGAR would ask the user for `license to kill'. If the user said yes, then JEDGAR would actually gun the job of the luser who was spying. Unfortunately, people found that this made life too violent, especially when tourists learned about it. One of the systems hackers solved the problem by replacing JEDGAR with another program that only pretended to do its job. It took a long time to do this, because every copy of JEDGAR had to be patched. To this day no one knows how many people never figured out that JEDGAR had been defanged.
Interestingly, there is still a security module named JEDGAR alive as of late 1994 -- in the Unisys MCP for large systems. It is unknown to us whether the name is tribute or independent invention.
Just a thought, but this spy software intergrated in computers is installed sometimes unknowingly by the user. This definately falls under privacy and stalking laws in most places. Heck, even police in most states aren't allowed to use surveilance equipment on a person without a warrant, and these companies are doing it with this software. So can action be taken legally against Cydoor and so forth?
Or am I just confused as always.
-Recovery1
The point is that what we're seeing now, with the spyware vs anti-spyware, is the same as Code Wars, but now moving to real systems instead of that virtual block of memory. And these are no longer games, but programs that may or may not affect both those that write them and those whose system the battle takes place on. So I certainly think there's a geek side to this, no only in the YRO aspect, but also in light of what used to be considered a harmless game years ago.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
Sure you can. Watch. I'll do it right now. =)
Without warning the user, WinWhatWhere disables another piece of software for which that person has paid good money. That's like IE deleting Netscape if it detects it on your system. That's like your trusty Chevy switching to Battlebots mode every time it detects a Honda in the highway.
It's destruction of property. (Or, since we're talking about software here, illegally depriving someone of their licensed usage of a product.)
"I know - write an iron clad EULA to prevent reverse engineering, encrypt everything, and then just sue one another under the DMCA or somesuch until both companies are broke. Yeah, that's the ticket! There's not going to be any winners here..."
And, as usual, the lawyers are laughing all the way to the bank.
Price, Quality, Time. Pick none. What, you thought you had a choice?
I'm not trying to pat Linux or *BSD on the back here -- the Unix security model is far from ideal, actually -- but it's a good argument for open systems in general, even if they're not "free" as such.
proof, n. A demonstration that a conclusion is implied by certain premises and axioms.
That's basically right - Linux/unix market share is too small, and marketing men know that Linux users typically will be able to detect such software and destroy it. We also tend to be a hard sell ;)
My other question is, if no unix spyware programs exist, how long will it be? With more and more people heading to mandrake, RH, and suse, is it only a matter of time before these people start checking client info, and trying to install RPM spyware packages?
Probably not until Linux gets MUCH bigger. Also, it's much much harder to get spyware onto a unix system because of it's inbuilt security. 9 times out of 10 I find unix security a total pain in the ass, but it does have the big advantage that (unless you're logged in as root) nothing can install or tamper with your system.
Of course, the anti-spy people could treat these countermeasures as an engineering problem.
A couple possible (partial) solutions:
1) Check for beligerant spyware during the install process (the install program would presumably be running from a CD, so it couldn't be corrupted). Later, if it detects that spyware is being installed, fire off warnings, send e-mails, make logs, etc. to make sure that the spyware can't cover it's tracks.
2) In the documentation, note that failure for the program to run or a crash could indicate the presence of spyware (and that you should run an "emergeny check" from the install disk).
3) Put a check on the integrity of the software in the MBR (using CRCs and such). If a spyware messes with that, it should trip off the BIOS virus checking. That would also have to be documented of course so the user understands what the heck is going on.
4) Have the anti-spyware run entirely from a separate disk (maybe a boot disk to be sure the spyware isn't running waiting to thwart the anti-spyware). When you come in to work, or sit down at your computer, throw in the disk to be sure nobody installed spyware when you weren't there.
5) Make the anti-spyware as stealthy as the spyware. If the spyware or the person installing isn't aware of the presence of anti-spyware, the anti-spyware is much more likely to be successful. Using polymorphic code, constantly changing file names, etc. could probably be pretty effective.
None of these solutions are perfect of course, but a bit of a battle is probably inevitable, as the two types of software both have legitimate and illegitimate uses, and the only way one of the two can succeed is by defeating the other.
... "Give me a woman who loves beer and I will conquer the w
I don't see how these companies expect not to get sued. By technical definition, spyware is a virus. Not only is "unauthorized alteration of a computer system" illegal, but if I had copyrighted material on my machine, the spyware could be considered an unlawful circumvention device under the DMCA.
The folks who write spyware are no better than hackers and virus writers - for that is what they are, and they should be treated accordingly. How long will it be until these tools are used for corporate espionage, and the companies that make them be raided by the FBI?
Kind of makes you want to install spyware on the computers at the MPAA... or Adobe, for that matter.
The society for a thought-free internet welcomes you.
1. have the anti-spyware regularly check its files for integrity. If the files have changed, download a replacement.
2. Incorporate some of the latest virus technology (e.g., piggyback on spyware, change names, locations, and dll file names and locations, etc).
This might not necessarily solve the entire problem, but it could certainly up the ante.
What is your Slash Rating?
Yeah, but the main difference that made Core Wars cool was that it was sandboxed.
Maybe sandboxing by default will become the way of the future...
May we never see th
I've read about the use of spyware in the past... some very large companies make use of it. I seem to remember that Deloitte & Touche uses some spyware that's rather... comprehensive. I want to say some of the features included (among other things)...
- Logging every keystroke you make
- Logging the title of every window you open
- Recording screenshots of windows
- E-Mailing all of this to a designated person...
Not only is it something they use internally, it's also something they use in their consulting activities, on their clients' computers! You hire them, and you're under a microscope... very Big Brother. It goes way beyond the spying that's possible with the last version of Microsoft SMS that I used. (I admit, it's been a while!) Also, I've noticed that some people really don't pay attention to the fact that SMS has 'remote viewing' capabilities -- your sysadmin can watch you browse just like he/she watches the evening news. Then again, SMS's installation is rather obvious -- at least to the technically inclined.I have to consider the other hand as well... If you're hiring a consulting company, they have an obligation to do their job to the best of their ability. That means using all the resources legally available to them -- no matter how distasteful. If you've got someone who's supposed to be doing data entry, and they're actually running their own little eBay store out of the supply room... well, you're going to need all the ammo you can get to convince the boss to fire his brother!
With the sentiment of "It's OUR computer, OUR time, and OUR money!", I don't think you're going to be seeing spyware-free companies advertising the fact anytime soon.
In fact, with the precedent that computers have been and continue to be monitored; a company could incur severe liability for deliberately not monitoring! Consider the potential liability burden when you don't catch sexual harrasment or some particularly nasty criminal activity... What happens to the company when it's shown that 'standard industry practices' would have given advance warning of, or even prevented [some illegal event]?
What happens? A check with LOTS of zeros to the left of the decimal... at the best, your lawyer gets it. At worst, THEIR lawyer gets one, THEY get one, etc...
"...America's great minds of today, teaching America's great minds of tomorrow. Poor bastards." -- A Beautiful Min
I mean, come on, people! Checking all contingencies is something you're supposed to learn in your first programming course. Especially in a hostile computing environment (spy vs. counterspy) you have to write airtight code or you'll get got.
SpectorSoft makes a product called Spector and SpectorPro, from what I can tell, it takes a bunch of screenshots.
WinWhatWhere Investigator is a different program and should have had the URL as http://www.winwhatwhere.com. Although it seems to do generally the same thing.
My Slashdot account is old enough to drink...
I've never used anti-spy software, but what exactly does it do? Is it like an eye candy version of tcpdump or ethereal (http://www.ethereal.com/)?
btw- an easy solution would be to run an eavesdropper on your router/masquerade machine (if you're using one). It would be extremely difficult for spyware to find that you're running tcpdump or ethereal on a remote machine.
Viruses, Spy Software, Trojans, etc.
Every operating system should have a sandbox that looks like the rest of your computer where you run programs you don't trust. When the program tries to install itself perminately or hook itself into a DLL, it will only do it to that particular sandbox.
This sort of protection has been supported by Intel since the 286, why is it we still don't use virtual machines for security purposes?
"Communism is like having one [local] phone company " - Lenny Bruce
Compare these quotes: Haight said. "It's just the way the security of our software works. It won't allow (anti-spy) software to run." And a few words later: . SpectorSoft says its software is for monitoring, not spying, and tells purchasers to always advise computer users they are being monitored. Well, if that is the case, why is he bothering to disable WhosWatchingMe? Grrrr. People who lie so blithely piss me off.
...does anyone remember, "It ain't done till Lotus won't run."?
You are in a maze of twisty little passages, all alike.
I think the producer of WinWhatWhere has a better case than the end user: copyright violation, unfair business practices, possibly DMCA.
If you are using FreeBSD, netstat, sockstat, tcpdump, and ipfilter are your friends. I'm sure there must be some similar Windows utilities out there that can do the job.
I was one of the original authors and an original founder back in '98. We sold our shares in '99 and got out because of the way it was being marketed. The product was never intended to be a "Catch your cheating husband" type of product. It was intended to monitor your child's Internet experiences and protect them from pedophiles. Doug Fowler (dfowler@spectorsoft.com) was the guy that pushed this tactic of spying on your partner and your employees. We felt that monitoring another adult, without their knowledge, clearly violated their civil rights! They avoid lawsuits now by placing a disclaimer that you agree to inform the individual that you monitor. In reality, no one ever does.
It's a classic case of the marketing weenies convoluting a product to fit a malformed business model. There's MORE MONEY selling a product to catch your "cheating husband" than to protect your kids. It feed on paranoia.
The good news is most developers could spot this product on their machine. Keystrokes slow down, mystery files appear, etc. It leaves a small footprint, but it's still a footprint. Don't look for it (Spector) in Task Manager. It's hiding in another application.
don't forget to place it in a locked room, and you have the only key.
Hey, if you have the key, you're vulnerable to social engineering attacks. Better to destroy the only key.
--G
This is from http://www.trapware.com/companyLinking.html (terms and condition violation here).
Yeah right...So here's another TrapWare terms and conditions violation! YAY!
If he really wanted to prevent linking, he'd set it up in apache so it only accepts incoming connections for legally authorised URLs, but judging by their website, they're quite oblivious to the nature of the Internet.
I encourage everyone to post links to their website in the blogs, just like what happened to KPMG a few months ago.
My Slashdot account is old enough to drink...
Yeah! And hang anyone who links to DeCSS! And lock up Skylarov! And crowbar manufacturers! And... and... hey, wait a minute... I'VE BEEN FUDED! Help!
No relation to Happy Monkey
In any case, it's actually rather easy to fix. Put a memory-resident util that monitors the files on disk, checking the checksum every x number of minutes, and display a popup on the screen if it's modified. Have the memory-resident program put an icon in the systray. Copyright the icon in the systray. Put in the manual "If you don't see the icon in the systray, then you have spyware installed.". If the spyware companies disable the resident program and put the icon back on anyway, you can definitely nail them for copyright violation. :)
Just my $0.02, IANAL, void where prohibited.
-steve
psxndc
The emacs religion: to be saved, control excess.
The scenario sounds familiar, but the names do not. On the old Sun terminals, you could do a screenshot of another user's terminal. It was always interesting to do that to someone, just for the fun of it. That was before the net really existed though, so not much of a chance of catching someone looking at pr0n. What was really cruel was to dump the passwd file (or a binary) to all of their terminal windows. he he. You could hear the cursing across the cubicles. I always found it more fun to just send a CRLF to them, because it wouldn't be so obvious that they got nailed. Oh, and you could display background images on their terminals too. THAT was always a sure-fire way to cross the line, especially if you did it just before their boss walked up. We even had a script called "pissoff" and when you ran it, it would prompt you "Which user would you like to piss off?". Pick from the list, give it a message, or a file to dump, and watch the ensuing hilarity.
My beliefs do not require that you agree with them.
Once again, this is not referring to the marketing spyware that is bundled with free downloads. It is referring to application/web monitoring type spyware that you purchase.
And in related news, SeeWhatWhere, makers of binoculars favored by people who like to watch their neighbors through 'Windows', is attacking the venetian blind company for manufacturing a product specifically designed to block their product. "If someone's trying to make money trying to ruin my spytools, I have to take appropriate action," said Richard Eater, president of SeeWhatWhere.
There is nothing so silly as other peoples traditions, and nothing so sacred as our own.
I take it from your post that you have chosen not to follow this plan?
I stole this Sig
The Computer Misuse Act makes it a criminal offence to alter the behaviour of a computer system without the permission of the owner.
The difficulty here is in getting it to court...
Haven't you all received the opportunity to be FREED in your mailboxes?
"You need EVIDENCE ELIMINATOR (tm)!!"
WTF are you talking about? It reproduces and spreads itself? Where on earth did you get that from?
It looks like a pretty reprehensible piece of spy-ware, but I saw nothing about it reproducing and spreading autonomously.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
In this country, based on the lawyer-fication (and simultaneous puss-ification) of the United States, intent often has a lot to do with whether you win or lose in court.
To win a lawsuit against somebody who built a product that was used to commit a crime, you have to prove the manufacturer intended the product to be used to commit a crime. While it would be hard to argue that the binocular manufacturer intended the product to be used illegally, it might not be so tough with the Spyware. Consider that Spyware has only one function, to collect data without the knowledge of the person under surveillance.
Further, if you check out the web-site, you'll see that the Spyware referred to in the article has a "remote stealth install" method, rather similar to an Outlook/VB Script virus.
You send the victim (er, your husband) an email with the "stealth installer" executable attached. If your target is an average Outlook user who double-clicks on every attachment he gets, all he'll see is...Well, nothing. According to their web-site when the target clicks on the stealth installer the software is up and running in a few seconds without alerting the target to its presence.
No, it's not "technically" a virus, it's a trojan horse. As far as I know, there's no special legal protection given to authors of Trojan Horses who sell them for profit.
Who did what now?
Everyone seems to be ignoring one very important point here - this isn't a balanced situation. People are acting as if Software A makes Software B fail and Software B makes Software A fail so it's a two-way street. It ISN'T! Software A does NOT make B fail, it merely exposes the existence of B. For this, B retaliates by making A fail altogether.
Don't label something "offtopic" unless you know the topic well enough to tell what's on topic.
I think you are confusing the term "spyware" as used here. The article discusses spyware you install on a machine to spy on other users of that machine (eg, keystroke loggers etc), not ad-ware etc...
:)
With that in mind, there are root kits out there that install kernel modules and trojan'd binaries to hide their presense. I'm sure there exist root kits that are able to detect/disable/thwart such tools as 'chkrootkit' et al. And of course most root kits sniff passwords and keep back doors open.
Though one needs to gain root access to install, a good root kit is pretty much on par with/better (worse) than this WinWhatWhere BS, but made just for *nix
NGWave - Fast Sound Editor for Windows
The problem is that the software LIES about what it does. This software package is arrogant enough to assume it has the right to destroy part of another program just because that other program has the audacity to tell me about the existence of it.
Napster and DeCSS do exactly what they claim to do. This snoopware contains hidden functionality that is not advertised. The person who installed it might not even know about the hidden functionality.
Don't label something "offtopic" unless you know the topic well enough to tell what's on topic.
Does anyone know how personal firewalls affect this spyware? Can they be set to prevent the spyware reporting back to Big Brother, or do the programs have some way of tunneling through them?
Everything you've said could be said about most virus programs. Spyware is a virus, and should be treated as such.
When in danger or in doubt, run in circles, scream and shout!
Spyware performs two basic tasks:
1. Gather information
2. Notify snooper
Spyware would have to tell the snooper what it found sooner or later, and this is its weak point. Suppose it e-mailed its logs off to someone periodically. If you could write software that searched for spyware config files and changed them so it emailed you instead, then the spyware would be defanged.
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
Amen to that. I run RedHat, and keep my pr0n in a .pr0n directory right there in my home directory. I couldn't possibly imagine her finding it. All she knows how to do is connect to the internet and browse the web.
Cheers, Joshua
When in danger or in doubt, run in circles, scream and shout!
That's it. I'm no longer part of Team Sanity.
See, in a corp, spyware does NOT have to be invisible. Rather employees not do illegal stuff than catch them later.
The only place where it should be invisible is in private homes and the like where the installer prolly doesn't have 100% right to spy on the other users.
A virus is a chunk of machine code that reproduces. Period. Whether it does any damage or not, whether it interferes with normal usage or not, if it reproduces, it's a virus.
For instance, here is a dissassembly of the "Tiny Virus" aka 163 Com.
Well, I meant to post the dissassembly but unfortunately slashdots bloody stupid lameness filter won't let me. I'll put it on my homepage if some nanny code doesn't stop me there. Anyway, the point was...
Does it do anything destructive? Well, no, not really. It's 163 bytes of executable code which prepends itself to .com files and reproduces indefinately, without any payload, without interfering in any way other than taking a miniscule amount of disk space and a few processor cycles each time it executes. This is one of the smallest viruses ever found, it satisfies the minimal requirements to be a virus and does nothing else.
A program which does NOT reproduce, but does as you say prohibit "the normal functions of applications the computer" would not be a virus. It would, assuming it's inserted under false pretenses (and who would place it on their system otherwise?), be a trojan horse program, but not a virus.
A worm, on the other hand, is a much larger viral program or collection of programs which work together, specifically to reproduce across a network.
Now, of these three types of programs, the only one this spyware could possibly be is a trojan horse. Viruses *by definition* reproduce themselves, and I've not seen any evidence that this thing does that.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
If you decided to go with steganographic methods, just remember not to encrypt your pr0n images into other pr0n images. Next time I'm going to use cute pictures of puppies or those damned Anne Geddes pictures or something...
They that would sacrifice their
You are right, a corporation that uses blatant spyware will probably deter unwanted activity. If that happens, then (one way or another) the software has done its' job. On the other hand, simple deterrance means the root of the problem is still in place.
However, corporate IS doesn't have any requirement to install visible spyware, either! Take the situation of a consultant, for example:
- The employees (at the client company) aren't expecting spyware -- their company hasn't used it, so they feel free to do [whatever].
- If [$consultant] installs SMS, some people would notice, and realize there's monitoring potential.
- So, they install invisible spyware instead -- and watch the bad apples to reveal themselves.
- Client received a rather large bill -- "Consider how much more you would have lost if we hadn't caught [$wasteful_or_illegal_activity]..."
Invisibility has benefits -- "good" and bad. "Good" if the (police | FBI) use it with an appropriate warrrant, bad if the rest of us start spying on each other as a matter of course.This feels very much like the RADAR vs. RADAR-detector wars -- an endless cycle of 'mine is better than yours'.
"...America's great minds of today, teaching America's great minds of tomorrow. Poor bastards." -- A Beautiful Min
And as soon as she reads your slashdot posts, your method is somewhat, er, compromised. :-)
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
See, in a corp, spyware does NOT have to be invisible. Rather employees not do illegal stuff than catch them later.
If the only surveilence systems are visible ones then malicious people may attempt to work around them. If some of the systems are covert they may not be able to.
The detector software (Ad-Aware, WHo's watcthing me.., etc.) will have to provide a "boot disk" option, like many virus scanners do, if they want to keep up... all you have to do then is create the disk on another computer, write protect it, and start up to scan for spyware.
If BackOrifice and Sub7 are considered malicious, I think we can make a pretty good case to the AV companies that spyware/adware should be detected and cleaned by their anti-virus engines.
I'm proud of my Northern Tibetian Heritage
I work at a university where we have open-access computer labs. We were having problems with our student workers sitting at the help desk doing things like playing games, downloading goat-porn, etc. In moderation this was not a significant problem although we didn't like it. The thing was, it wasn't being done in moderation. It was interfering with them doing their job.
The solution was to modify VNCserver so that they could not tell where it was installed or when it was running. I modified it every which way I could think of to obscure its presence and operation. It worked. We have plenty of CS and CSE majors here working for us and I challenged them to try and find it, no one ever could.
After this software was installed we told everyone up front that it was there, and reminded them in case they forgot. I wasn't interested in spying on people and neither was anyone else. We were only interested in creating a deterrent whereby the student workers would KNOW that we COULD be watching, and therefore curb their inappropriate use of the systems on university time.
The fun thing about VNC is that you can remotely control the computer as the person is using it. So if the student was doing something they shouldn't, we could start moving the mouse around on the screen so they would know we were "watching" them. None of the students liked it of course, but neither were we being dishonest with them by spying on them in secret.
These products that are clearly designed to be installed in secret and used without the person being aware that they are there are, to me at least, just plain evil.
Lee
Muslim community leaders warn of backlash from tomorrow morning's terrorist attack.
/me winces in sympathy as the clue-by-four goes up the side of your head, again.
In the most polite way I can say this, you are a fuckwit. I wish I could remove your ability to use the expression clue-by-four, as you should have read the ruling definition of virus and found you were wrong. It does not need to "reproduce". Instead you got patronizing and insulting. Let me guess? You have a hard time making friends because people think you are condesending? Let me give you some advice, don't insult people who can back a claim. Don't insult people when it isn't warranted, period, for that matter. It makes you look like, well, a fuckwit.
Now to attempt to enlighten you with disregard of your stubborn ability to ignore that while Tiny-F does satisfy Jargon's definition, your manipulation of the english language does not:
Your difficulty, perhaps, has to do with realizing that what the jargon file here refers to as "infection" is in fact the same process that I referred to as "reproduction"?
No, the infection is referred to as 'embedding' - a process very different than reproduction. Repeat after me, reproduction != embed. In the sense of reproduction you were talking about originally, is one of self-duplication. A virus does not need to do this. It can simply infect X bytes of it's Y byte size, where X = Y and it's not reproducing, just infecting an object file. If you want to continue to say that they must reproduce, feel free. You are still wrong. Reproduction would be something different. While a virus can reproduce, it does not have to to satisfy the definition.
A good question here, do you even know assembly (x86, as is relevent) or are you just pasting other peoples work in your journal to try to prove a point without understanding what you are pasting? If so, what's the function for this on x86:
push ax, 3
int 11h
Here's how that's a virus though, to save yourself some time. It embeds a portion of itself (100% is still a portion) into an object file. That's it, nothing more. No more to argue, no more to see.
Dacels Jewelers can't be trusted.