Trojans and Popups and Slimeball Business

I wonder if this is true... by Marx_Mrvelous · 2002-05-07 02:10 · Score: 2, Insightful

There are a few things about the article that don't seem to make sense, aside from the basic premise and the guy's name. Is this another internet rumour that slipped into the press? Anyone have real-live experience with this?

--

Moderation: Put your hand inside the puppet head!

Re:I wonder if this is true... by Parsa · 2002-05-07 02:38 · Score: 2, Interesting

Actually I just got off the phone with my mother about this because I was working on her work computer last week because of these viruses. She wasn't sure where they had come from and when I did a search on the Internet for them there were a lot of differing ideas on their origin.

What's kinda scary is the network admin wouldn't do anything to help. Norton Antivirus would say it had been quarantined but after she reboots all the processses are still listed in her Task Manager. I just forwarded this on to her to give to the admin so maybe he can take care of this now.

--
Abiit, excessit, evasit, erupit.
Re:I wonder if this is true... by vrmlknight · 2002-05-07 05:19 · Score: 1

yup we had to clean off 20-30 computer from this atleast now i know where they got it from...

--
This must be Thursday, I never could get the hang of Thursdays.

Ah, the irony by Faust7 · 2002-05-07 02:11 · Score: 5, Funny

I love how the article is titled "The Pop-Up Ad Campaign from Hell"--and you get a pop-up when you first visit it. Also a nice Flash ad delay when you hit Back. Yep.

--
The coolest voice ever.

Re:Ah, the irony by buzzbomb · 2002-05-07 03:14 · Score: 1

Mozilla is your friend.

Edit > Preferences > Advanced (Scripts & Windows) > Unclick "Open unrequested windows"...and any other shit that irritates you.
Re:Ah, the irony by peddrenth · 2002-05-07 03:18 · Score: 1

"...and you get a pop-up when you first visit it"
Not if you're using Galeon, you don't!

"Also a nice Flash ad delay when you hit Back"
Again, not in Mozilla or in Galeon, which both "skip over" redirect pages when you click the back button.

Anyway, if you just open all the stories in a new tab, you don't need to use the back button, you can just close it when you're done reading.

Block the OnClose macro, and you can even enable javascript on the site without having to worry!

Am I paranoid?
Re:Ah, the irony by Tackhead · 2002-05-07 04:08 · Score: 2

> I love how the article is titled "The Pop-Up Ad Campaign from Hell"--and you get a pop-up when you first visit it. Also a nice Flash ad delay when you hit Back.
Really? Funny, I never saw that. Of course, I don't do Javashit. Or Flush. Gee, it really sucks to be in the dark ages, maybe I should upgrade... tomorrow. :)
Re:Ah, the irony by ZanshinWedge · 2002-05-07 05:44 · Score: 2

Yes, very odd. Oh wait, I didn't see anything like that.
Maybe my settings are broken for stuff like that.

Maybe they're broken intentionally.
Re:Ah, the irony by mixbsd · 2002-05-07 06:08 · Score: 1

What's wrong with using: link?

Talk about making things more complicated than they have to be!
Re:Ah, the irony by SilkBD · 2002-05-07 07:27 · Score: 1

I use opera, It denies popups. Some sites break, but that's why I hit f12 and accept for a brief period of time while a visit that particuilar site. Too many sites look like crap in Mozilla, so far Opera rules. As for be ashamed of dening sites their ad revenue. I laugh in your general direction. If you're going to get money from annoying us with intrusive ads, crappy flash, or other means of removing control of our browsing experience... then I simply give you the finger, and say no.

--
00101010

Microsoft, security and Java... by MosesJones · 2002-05-07 02:11 · Score: 5, Funny

Isn't it odd that the only Java security exploit to be used in the wild is in the VM produced by Microsoft that didn't obey the Java spec.

Now a cynical person would say that this would enable Microsoft to point at Java and say "Java is insecure" but of course I'm not a cynical person and I'm sure it was purely an accident.

--
An Eye for an Eye will make the whole world blind - Gandhi

Re:Microsoft, security and Java... by Anonymous Coward · 2002-05-07 02:23 · Score: 1, Insightful

Come on. Netscape's engine didn't follow the Java spec. In fact, it had more violations that Microsoft's engine.

Look who Sun chose to sue. Hmm...
Re:Microsoft, security and Java... by knulleke · 2002-05-07 02:33 · Score: 1, Funny

I wonder if it's in the specs that java must be slow. It seems to be implemented that way on all platforms.

--
no sig error.
Re:Microsoft, security and Java... by Schnapple · 2002-05-07 02:49 · Score: 1

and it got you away from your computer for a while!
Yes but if you leave your computer and go into public you might get shot!

--
Schnapple
Re:Microsoft, security and Java... by benjymous · 2002-05-07 03:15 · Score: 1

Not if you don't take your gun

--
Help me! I'm turning into a grapefruit!
Re:Microsoft, security and Java... by Rogerborg · 2002-05-07 04:04 · Score: 5, Informative
- Isn't it odd that the only Java security exploit to be used in the wild is in the VM produced by Microsoft that didn't obey the Java spec.
Yeah, I posted it elsewhere, but it bears repeating that the "Microsoft® virtual machine (Microsoft VM)" is not a Java Virtual Machine (JVM, the old name), and Microsoft are no longer allowed to call it that after being bitchslapped around a few courts by Sun. Let's keep the Microsoft VM and the Sun JRE clear and distinct in our minds.
--
If you were blocking sigs, you wouldn't have to read this.
Re:Microsoft, security and Java... by Steveftoth · 2002-05-07 04:08 · Score: 2, Informative

Sun sued Microsoft for extending the spec, not for a bad implementation!

If you look at that MS was doing to the Java APIs (not the language or VM), you will see that they tried to get people to write code to their APIs that tied people to their MS x86 Java Platform which was against the agreement they had with Sun.

Netscape just had a bad implementation of Java.
Re:Microsoft, security and Java... by Mr.+Shiny+And+New · 2002-05-07 05:22 · Score: 1

I detect a troll here. Sorry, but the article you linked to does not support the statement that Java was created to allow pedophiles to find pictures of little girls on the 'net.

Besides, the problems of a creator of a technology do not make the technology good or evil. Sheesh.

The line gets thinner by ringbarer · 2002-05-07 02:11 · Score: 5, Insightful

How is this type of cancerware distinguishable from a virus that spreads by exploiting security vunerabilities?

It seems that all the Klez and Chernobyl kiddies have gone and got themselves some venture capital, and are turning their malware into a business.

--
"Why did they cancel my favorite Sci-Fi show? I downloaded ALL the episodes!"

Re:The line gets thinner by startled · 2002-05-07 05:34 · Score: 2

Thinner? Thinner my ass! "How is this type of cancerware distinguishable from a virus that spreads by exploiting security vunerabilities?" It's not! The state's AG should be prosecuting these guys as we speak. I certainly hope he does; maybe he's just gathering evidence or something.

This is definitely illegal. There is no thin line here-- it is unauthorized, malicious, and destructive modification of someone else's box. I hope these fuckers get nailed.
Re:The line gets thinner by RollingThunder · 2002-05-07 06:10 · Score: 2

Well, technically, there is a line.

Klez, CIH, etc, all spread themselves as 100% self-contained packages, and all it takes is one slip to have it "escape" - which gives you a bit of weasel room.

This grungeware requires servers to connect to, which means concious ongoing support.

IMO, that's worse than virus writing - although it at least provides a single point of killing it off.

What if... by xenotrope · 2002-05-07 02:12 · Score: 1

The interviewer calls him "Mr. Bigott" and then:

Frank Bigott: "Excuse me, but it's pronounced 'Bee-GOH'."

--

---
Remember when "Truth, Justice, & the American Way" wasn't contradictory?

Re:What if... by freeweed · 2002-05-07 04:58 · Score: 2

Well, considering how effective viruses and other exploits have been on the Windows platform, I'd think it'd be pronounced "Beeg-lawg-Oh".

--
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
Re:What if... by glitch! · 2002-05-07 07:24 · Score: 2

The interviewer calls him "Mr. Bigott" and then:

Frank Bigott: "Excuse me, but it's pronounced 'Bee-GOH'."

Well, assuming that the sound of his name has anything to do with anything, the double 't' at the end prevents it from being silent. I assume that you are trying to apply French pronounciation rules here.

My question is why the apparent joke about this name. I rememberback in 7th grade, one of my friends found a picture of a truck or van with "Fucker" painted on the side. It was a German company, I believe, but we sure had a lot of laughs over that one. Ha! Ha! Boy, isn't that funny! I think we all got tired of it by the time we were in 8th grade, though. Maybe it was a part of growing up.

--
A dingo ate my sig...

So... by Anonymous Coward · 2002-05-07 02:15 · Score: 1

This is, what, the 999th article about how bad/sloppy Microsoft's products are? Or is this the 998th article about slimey business practices.

It's so hard to keep track and the champaign has hardly had time to age.

Obligatory: I don't us IE and I disable Java whenever possible.

Finally... by Jonboy+X · 2002-05-07 02:16 · Score: 1

...a good reason to use an Applet.

--

"In a 32-bit world, you're a 2-bit user. You've got your own newsgroup, alt.total.loser." -Weird Al

Re:Finally... by sith · 2002-05-07 03:31 · Score: 1

Or an apple :)

Um.. by xtermz · 2002-05-07 02:16 · Score: 4, Insightful

...Call me naive, but why isnt that states attorney general investigating this company? This is nothing short of corporate sponsored hax0ring.

I didnt see any mention in the article of somebody lodging a criminal or even civil complaint.

I think a big reason these companies get away with this crap is that nobody takes them to task for what they are doing...

--

I lost my concept of community when my community lost all concept of me.

Re:Um.. by ocelotbob · 2002-05-07 03:17 · Score: 2, Insightful

...Call me naive, but why isnt that states attorney general investigating this company? This is nothing short of corporate sponsored hax0ring.
from the article:
Susan Henrichsen, deputy attorney general for the state of California, declined to comment on specifics of the IntelliTech situation. But she noted that downloading software onto someone's computer without permission is tantamount to hacking.
Sounds like the AG is looking into them. They probably are just getting their ducks into a row for a criminal case. With tech crimes like this, they don't want to make any mistakes and let someone go free who would have otherwise gone to jail.

--
Marxism is the opiate of dumbasses
Re:Um.. by gotak · 2002-05-07 04:48 · Score: 1

Cause they are busy fighting terror else where in the world. :P

Just wondering... by chazzf · 2002-05-07 02:17 · Score: 1

I take it this applies only to Microsoft's implementation and not to Sun's Virtual Machine? Not that Sun's is any more stable...(I run Win98 SE, and it dies on me all the time).

--
No statement is true, not even this one.

Re:Just wondering... by Methuseus · 2002-05-07 05:44 · Score: 1

I've never had Sun's JVM crash on me, except for the one time I tried to use pointers . . .

--
Two things are infinite: the universe and human stupidity, though I'm not yet sure about the universe. - A Einstein

r-e-s-p-e-c-t by resonator · 2002-05-07 02:19 · Score: 1, Flamebait

It's a pretty in depth story showing the lack of respect that some companies have.

Are you refering to the lack of respect Microsoft has for those who use their products? :)

Re:r-e-s-p-e-c-t by gfxguy · 2002-05-07 03:06 · Score: 3, Interesting

I have to take issue with this. I really hate MS, believe me, but the fact is they (as well as a lot of bad things) make products that are user friendly and have lot's of features that, if not abused, could make a much nicer computing experience for everyone.

It is their problem that people are abusing it, but it's not their fault people are abusing it. I compare this to the luxery of having a convertable - it'd be really nice if it weren't so damned easy to break into, but it's not the car makers fault it happens - they just need to work on a way to help prevent it. And the fact is that people LIKE convertables - it's a feature.

The sad fact is that while MS is horrible about securing their products, it's the crackers and punks and phreaks that make it difficult for everybody. Sure, I'm approaching this from an existentialist point of view - not particularly realistic - but you have to blame the people that are maliciously taking advantage of a problem as well the company that fails to correct it.

It's crackers fault I have to spend my money and time protecting against break-ins. Even if you are well protected, these people steal my money and waste my time and that latter part is unforgivable. Yes, I feel the same way about the people who make it necessary for my house and car to need locks and an alarm system. I know it's reality, but those are the people I blame for making it reality.

Ok, now I'm venting, pardon the rant. I like dogging MS as much as the next guy, but the people who are violating your privacy are the ones that need your antagonism.

--
Stupid sexy Flanders.
Re:r-e-s-p-e-c-t by gmack · 2002-05-07 03:22 · Score: 3, Insightful

Personally I blame both sides.. on one hand you have some idiot taking advantage but on the other MS should have considered the security implictions before a lot of those features were shown the light of day.

i like this assumption by igottheloot · 2002-05-07 02:20 · Score: 1

"Try this: Thousands of unsuspecting visitors to a family entertainment site are discovering a cornucopia of unwanted, potentially malicious software on their computers--"

yeah, ok... i bet people running an old version of ie, visiting a family entertainment site, really figured this out on their own.

'scuse my language, but by eples · 2002-05-07 02:22 · Score: 4, Flamebait

From the article:

Flowgo
eUniverse
IntelliTech Web Solutions
KoolKatalog
Volton Technologies

WHO THE FUCK ARE THESE PEOPLE?! Never heard of a single one of them - figures they'd be polluting the Internet.
Shouldn't these shitty companies have DIED last year?!

--
I'm a 2000 man.

Re:'scuse my language, but by hagardtroll · 2002-05-07 02:31 · Score: 4, Interesting

Yes. The .com weenies who are still struggling to survive are doing it with questionable ethics.

You notice as available VC goes down, the number of pop-ups, subscriptions and sleazy sites go up.

I like to think that eventually the sleazy and make-abuck-quick companies will finally go under, and the web will be more like it was before. A communications medium for PEOPLE to communcate, rather than a giant catalog that consumers can shop from.

I can dream.
Re:'scuse my language, but by kubrick · 2002-05-07 03:19 · Score: 3, Insightful

I can dream.

A lot of the large media companies would be happier if no other competition existed for people's attention. A lot of the recent legislation is aimed not only at controlling the means of media consumption, but also the means of media production.

In ten years, it could be illegal to put up a web site or run an ISP without arranging content licensing and censoring (like, say, Iran or China).

Don't like it? Get active about it.

You can dream, but the reality gets more and more like a nightmare each day. :(

--
deus does not exist but if he does
Re:'scuse my language, but by jmoriarty · 2002-05-07 04:09 · Score: 1

Volton Technologies
WHO THE FUCK ARE THESE PEOPLE?! Never heard of a single one of them
Back in the '80s I think these guys made some giant robot dogs that could combine into a mega-robot. I guess Spam is a more effective weapon than that giant sword.
Re:'scuse my language, but by Steveftoth · 2002-05-07 04:10 · Score: 1, Insightful

It used to be that you had to have an IQ of greater then 100 to actually even USE the internet.

Maybe that's why the internet was so much better before the Homer Simpsons of the world decided to get on the internet.
Re:'scuse my language, but by Xenographic · 2002-05-07 13:00 · Score: 1

From the article:

* Flowgo
* eUniverse
* IntelliTech Web Solutions
* KoolKatalog
* Volton Technologies
>>>>>>>>>>>>

Drat, Voltron is in on this too???

If you get infected by all the spyware, do they combine into one massive, privacy-invading program and take over your computer to fight giant monsters (uhhh, I dunno, maybe Mozilla?) or something? :]

That would explain... by Nos. · 2002-05-07 02:23 · Score: 3, Insightful

all those lame server on wwws1.com entries in my log files. My girlfriend's computer got hit by this, and I cleared it out (eventually). Funny, guys who can write these programs to monitor everything you do on the 'net, but can't setup DNS properly.

Shouldn't this count as a computer crime? by swinginSwingler · 2002-05-07 02:29 · Score: 1

Maybe I'm just talking out of my ass, but, a web-site that just "installs" a program on my computer unbeknownst to me seems not too unlike me sending company X an email that "installs" a program on their computer unbeknownst to them. Yeah, IANAL and all that bull.

Re:Shouldn't this count as a computer crime? by RatOmeter · 2002-05-07 02:53 · Score: 3, Interesting

I think so. In fact, I'll be surprised if we do not see this going to court. If any of the affected PC's belong to a fortune 500 or larger company, I can nearly guarantee it. What I think should happen is that a class action suit be filed on behalf of all of the common people who were affected.

Heck, I'm sure if I the same exploits to upload even 1 teeny-tiny file to a PC, let's say, at a local bank. Guaran-damn-tee I'd be in lockup the next day.

The company behind this needs to be more than bitchslapped. They're going down.

Re:Not a good day for M$ on Slashdot by spencerogden · 2002-05-07 02:30 · Score: 3, Funny

Please define: A Good day for M$ on Slashdot.

--

Spencer Ogden

Re:How Exactly by ThePilgrim · 2002-05-07 02:33 · Score: 2, Funny

Sir,

With refrence to your order CR12345778092

We are sorry to tell you that your order is in a holding queue.

As you will be aware all transactions require the primaries signiture signed in triplicate in BLOOD.

Unfortunatly you seam to have taken this to mean the blood of any conviniant human near by.

We require the signature to be in your blood.

We are sorry for the delay this missunderstanding has caused and look forward to taking possession of your soul at the earlist.

Yours,

B. L. Z. Bub

Head of Customour Resources

Hell

--
Wouldn't it be nice if schools got all the money they wanted and the army had to hold jumble sales for guns

Block Flowgo at SMTP by toupsie · 2002-05-07 02:34 · Score: 5, Interesting

Flowgo has been a burr in my britches for quite a while. It appears that everyone of my e-mail users gets "newsletters" from Flowgo. About 30% admit to visiting the Flowgo site but swear up and down that they did not request the newsletter. At first, I tried to be nice and contact Flowgo and ask for them to remove my employee from their newsletters (its easier than trying to instruct them to do it). Got back no response. At first I was shocked that Flowgo would not remove them. So after giving them a week, I went into my Postfix configuration and blocked off any e-mail from Flowgo. That was 5 months ago. Still today, I bounce 50 to 100 messages from Flowgo from my mail server. I noticed that several blackhole lists are doing the same now.

There has to be a solution to this sort of problem. About the only way I could get Flowgo to stop SPAMMING my mail server is to call up a buddy of Tony Soprano to break their knees because Flowgo doesn't care and I have never, ever, ever been able to get one of my elected officials or law enforcement agency to pay any interest in Unsolicited Commercial E-Mail. Its not like Flowgo is hiding its behavior either. It should be easy to get them but no one that matters or has the power, gives a damn about this huge waste of bandwidth.

--
Strange women lying in ponds distributing swords is no basis for a system of government.

Re:Block Flowgo at SMTP by buss_error · 2002-05-07 02:55 · Score: 2

I've had FlowGo blocked for almost a year. I still bounce mail from them to the tune of several dozen a day. Perhaps it's time for an RBL nomination? SPEWS, anyone?

--
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
Re:Block Flowgo at SMTP by Skapare · 2002-05-07 03:10 · Score: 2

I've been blocking flowgo and euniverse for over a year. These people are totally slimy, and they haven't figured that mail bounces. These people give the human race a bad name.

--
now we need to go OSS in diesel cars
Re:Block Flowgo at SMTP by Anonymous Coward · 2002-05-07 03:21 · Score: 1, Funny

Heh..
you could always change it to forward all emails from their domain to the administrative address for their domain. Make them read their own spam =)
Re:Block Flowgo at SMTP by toupsie · 2002-05-07 03:24 · Score: 2

I've been blocking flowgo and euniverse for over a year. These people are totally slimy, and they haven't figured that mail bounces. These people give the human race a bad name.
Hey, how dare you even compare a Flowgo employee to a human being! Its an insult to human beings. I agree, these people are slimy. The only way they will be stopped is by the law or an (un)fortunate act of God. If several of us are bouncing their e-mails for 5 months+, they just don't give a damn. It obviously doesn't hurt them financially to send out e-mails that bounce. I assume they are reporting only what they send out to clients, not what is received. That might be an avenue to attack Flowgo. Like Capone being busted for tax evasion, you might to have to hit Flowgo with something outside their normal crime. Since a lot of their e-mails are being bounced and they don't care that they are being bounced, it would be a decepetive trade practice for them to sell to clients the ability to e-mail a certain number of Internet Users knowing full well they can never reach their target audience because of SMTP blocks and RBLs.
Just a thought, I still like the idea of breaking knees to solve a problem like this. Its just more up close and personal. Tony Soprano, where are you when I need ya, baby?

--
Strange women lying in ponds distributing swords is no basis for a system of government.
Re:Block Flowgo at SMTP by BlueUnderwear · 2002-05-07 03:25 · Score: 3, Interesting

you could always change it to forward all emails from their domain to the administrative address for their domain. Make them read their own spam =)
This helps. I had to do this last year when Bellsouth just wouldn't kick a joe-jobbing spammer that forged mails in my name. Eventually, I forwarded all the bounces to them (tech support, management, sales, ... and in the end even customers...).

--
Say no to software patents.
Re:Block Flowgo at SMTP by Fizyx · 2002-05-07 03:31 · Score: 2, Funny

>"Power tends to corrupt, and absolute power corrupts absolutely." -- Lord Acton

"Power tends to corrupt, and absolute power is actually pretty cool." -- Tom Clancy (The Bear and the Dragon)
Re:Block Flowgo at SMTP by toupsie · 2002-05-07 03:34 · Score: 2

Interesting. Very, very interesting.
Even better than tech support, SALES!

--
Strange women lying in ponds distributing swords is no basis for a system of government.
Re:Block Flowgo at SMTP by Jenova · 2002-05-07 03:34 · Score: 1

Been doing that for a while here too. Lots of bounced mail everyday.
Re:Block Flowgo at SMTP by rgmoore · 2002-05-07 03:52 · Score: 2

About the only way I could get Flowgo to stop SPAMMING my mail server is to call up a buddy of Tony Soprano to break their knees because Flowgo doesn't care and I have never, ever, ever been able to get one of my elected officials or law enforcement agency to pay any interest in Unsolicited Commercial E-Mail.

Have you considered threatening a lawsuit? I realize that they're not the most popular thing on Slashdot, but when somebody is doing something illegal and annoying they're about your only recourse. Many states now have at least some kind of anit-spam laws, so if you've kept a record of your email asking them to stop sending mail to your users and the mail they've kept sending, you'd have a pretty good case. A nice, polite cease and desist letter sent by registered mail would likely get their attention, and if it didn't a lawsuit for the applicable statutory damages per message certainly would. If your company already has a legal counsel, it wouldn't even cost you anything.

--
There's no point in questioning authority if you aren't going to listen to the answers.
Re:Block Flowgo at SMTP by toupsie · 2002-05-07 04:22 · Score: 2

Have you considered threatening a lawsuit?
Lawsuit is a good idea. I wish I could but I can't get my corporate council interested in going after a SPAMMER when he has bigger fish to fry for the company. However, I still think breaking kneecaps would be more satifying than legal action.

--
Strange women lying in ponds distributing swords is no basis for a system of government.
Re:Block Flowgo at SMTP by arivanov · 2002-05-07 04:31 · Score: 2

They are located in California which has both suitable antispam laws and antihacking laws.

The lawsuit wil need to be filed by a resident of the state.

--
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
Re:Block Flowgo at SMTP by sharkey · 2002-05-07 05:27 · Score: 2

"Power tends to corrupt, and absolute power is actually pretty cool." -- Tom Clancy (The Bear and the Dragon)

"Power corrupts, and absolute power is even more fun." -- Simon (BOFH)

--

--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.

Big-Boo-TAY by burgburgburg · 2002-05-07 02:35 · Score: 2, Funny

It's John Big-Boo-TAY!!!

Yep - definitely by BenHmm · 2002-05-07 02:38 · Score: 4, Insightful

I have.

Many times: it's why I now use Mozilla (well, that and the tabbed browsing and...and...and...) and Ad Aware.

Mostly it seems to be dialler programs for offshore ISPs. Porn, basically.

Use IE unprotected for a while, then run AdAware - it's quite scary.

Re:Yep - definitely by 5KVGhost · 2002-05-07 03:08 · Score: 2

I have. Many times: it's why I now use Mozilla (well, that and the tabbed browsing and...and...and...) and Ad Aware.

Regardless of which browser anyone chooses to use, I'd hope they're more dilligent about updgrading and/or patching than the people in this article were. All browsers have weaknesses and vulnerabilities, both known and unknown.

I've never had anything infect or self-install on my machines, even when I ran without virus scanner for a while. About the worst I've seen are cookies, and they're easy enough to deal with.
Re:Yep - definitely by gmack · 2002-05-07 03:27 · Score: 3

Or go to top100.org/altlist.com and wonder why your searches are all now going to 2ksearch.com and MSN search is now completly inaccessable. They helfully overwrite c:\windows\hosts and redirect auto.search.msn.com for you.

One really has to wonder what sort of idiot thought that having the abillity to overwrite any file from any random website was a good idea.

It's not even an exploit really.
Re:Yep - definitely by spunkykuma · 2002-05-07 05:22 · Score: 1

Well, since you switched to Mozilla from IE, you might want to read this.
Re:Yep - definitely by BenHmm · 2002-05-07 05:32 · Score: 1

ooh - that's nasty.
But it seems to have been fixed. At least in today's nightly build...(2002050608)
Re:Yep - definitely by inquisitor · 2002-05-07 06:56 · Score: 2, Interesting

Regardless of which browser anyone chooses to use, I'd hope they're more dilligent about updgrading and/or patching than the people in this article were. All browsers have weaknesses and vulnerabilities, both known and unknown.
A good point, especially as NS6/Mozilla had a very similar security hole themselves, which is why it was FORBIDDEN on the FreeBSD ports tree until they put in an unofficial patch (they're very good at that - icecast, for example, is currently in the same situation and pine has a series of warnings when you try to compile). If you read bugtraq, like I do, you'd also have seen a buffer overflow in the IRC component.

It's very hard to be totally secure, and it's not really fair to denigrate Microsoft when a patch has available for months (viz CodeRed/Nimda), or RedHat when people are still using 5.2.
Re:Yep - definitely by wedg · 2002-05-07 10:20 · Score: 1

Gods bless Linux.

--
Jake
Dating: while( 1 ){ call_girl(); get_rejected(); drink_40(); } return 0;

Instability in their systems. by Restil · 2002-05-07 02:39 · Score: 1, Flamebait

People first discovered the virus when they noticed crashing and instability in their systems. So THAT'S what causes it. And all this time I just thought it was crappy software.

Yes.. I know... this is Microsoft Bashing. Mod me down.

-Restil

--
Play with my webcams and lights here

A good day for microsoft would be: by pommiekiwifruit · 2002-05-07 02:39 · Score: 3, Funny

404: This page not available.

Actually by CaptainZapp · 2002-05-07 02:40 · Score: 4, Informative

You can cough up 30$ a year (50$ for 2) and enjoy Salon in its entirety and completely ad-free.

I'm aware, that this doesn't necessarily sit well with a lot of people here, but wtf...

--
ich bin der musikant

mit taschenrechner in der hand

kraftwerk

Re:Actually by benjymous · 2002-05-07 03:12 · Score: 4, Informative

Or just install Mozilla which has pretty decent popup prevention (i.e. it still allows the popups that result from a user click, but not the ones that pages generate on load/exit/etc)

--
Help me! I'm turning into a grapefruit!
Re:Actually by Krelnik · 2002-05-07 03:13 · Score: 2

> You can cough up 30$ a year (50$ for 2)
> and enjoy Salon in its entirety and
> completely ad-free.

Or simply do what I do. Put *.salon.com in your RESTRICTED SITES security zone, and have all scripting and plugins disabled in that zone. Voila, I never get popups on Salon. Still see some normal ads, but they are tolerable.
This doesnt work with all sites, because some also use Javascript for navigation or other essential stuff, but Salon currently doesn't.
Re:Actually by aaarrrgggh · 2002-05-07 03:31 · Score: 1

Well, I did pay $50 for two years, and I still got the damn ad! In that sense... I think the parent was spot on...
Re:Actually by Tsian · 2002-05-07 03:51 · Score: 1

So what, exactly, gives you the right to deny them of funds like that? Now if you simply close the ad and don't click on it, thats one thing, but to never view it....
Re:Actually by GregWebb · 2002-05-07 04:34 · Score: 2

Didn't last time I tried, or did I tick the wrong option?

I _loved_ popup blocking - totally forgot that some sites did it - but it stopped some stuff from working so I had to turn it off. How can I get this wonderful option to work?

--
Greg
(Inside a nuclear plant)
Aaaarrrggh! Run! The canary has mutated!
Re:Actually by ncc74656 · 2002-05-07 04:43 · Score: 2

Or just install Mozilla which has pretty decent popup prevention

My ad-filtering proxy (updated block list available through this page) blocks the Flash ad they try to send. Editing the URL in the address bar brings you back to the Flash ad (which gets replaced with a 1x1 transparent GIF by the proxy). You also need to remove the cookies set by Salon and block them from sending any more cookies (the same page came up fine in Lynx when I told it to not accept Salon's cookies). Select Edit|Preferences, select "Cookies" under "Privacy & Security," and click "Manage Stored Cookies." Check "Don't allow removed cookies to be reaccepted later," scroll through the list of cookies, and remove the ones set by Salon (I found two, sent by salon.com and www.salon.com).

--
20 January 2017: the End of an Error.
Re:Actually by benjymous · 2002-05-07 05:11 · Score: 3, Informative

Preferences -> Advanced -> Scripts and Windows and uncheck "Open unrequested windows" (and any others that take your fancy)

--
Help me! I'm turning into a grapefruit!
Re:Actually by SkyLeach · 2002-05-07 07:37 · Score: 2

I just wish I could get the newspaper add-free for what I *PAY* for it.

You know that those $2.00 sunday papers are payed for 10x over by the companies putting ads in them and then they have the fscking nerve to turn around and charge the customer more money to deliver the extra 10lbs of ads.

Give me add-fee paper publications and I'll start reading hardcopy news again.

--
My $0.02 will always be worth more than your â0.02, so :-p

That would explain why he didn't get it by maggard · 2002-05-07 02:43 · Score: 2

all those lame server on wwws1.com entries in my log files. [...] Funny, guys who can write these programs to monitor everything you do on the 'net, but can't setup DNS properly.

Whoah there quick-at-the-mouth. wwws1.com was the intended address, not www.s1.com. Their strategy worked exactly as intended by providing a reasuring-looking domain.

--
I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.

Re:That would explain why he didn't get it by Nos. · 2002-05-07 02:46 · Score: 3, Informative

wwws1.com was the intended address
Yup, like I said, I have a log full of lame server entries for wwws1.com -> translation, the program was sending her to wwws1.com and my DNS server when doing the resolving was reporting the fact that the DNS for wwws1.com is not setup correctly.
Who said anything about www.s1.com?

Re:Not a good day for M$ on Slashdot by Anonymous Coward · 2002-05-07 02:43 · Score: 1, Funny

A Good day for MS on /. : Any day that there is no MS related news.

LA Based ? CPC 502 applies by UncleFluffy · 2002-05-07 02:46 · Score: 3, Interesting

It's about time someone got put away for this sort of crap.

California Penal Code, look for section 502

--

What would Lemmy do?

Re:LA Based ? CPC 502 applies by dattaway · 2002-05-07 02:57 · Score: 3, Funny

By "put away," what methods are you suggesting?

Prison?
Concrete shoes?
In the trunk of a car?
Handcuffed to the floor in a crack house?

Sounds good, but could you be more specific?
Re:LA Based ? CPC 502 applies by kubrick · 2002-05-07 03:22 · Score: 1

You forgot option E -- all of the above.

--
deus does not exist but if he does
Re:LA Based ? CPC 502 applies by Amazing+Quantum+Man · 2002-05-07 04:11 · Score: 2

Sentenced to watch Barney the dinosaur 24 hours a day...

Of course, that might violate the 8th Amendment.

--
Fascism starts when the efficiency of the government becomes more important than the rights of the people.
Re:LA Based ? CPC 502 applies by arivanov · 2002-05-07 04:36 · Score: 2

The methods used by Philip the IVth in france on the d'Honet brothers. Should be applied to all spammers. Unfortunately the judicial system seems to disagree.

If you do not know french history here is the list:

1. Break all limbs on the weel.
2. Casrate and show the removed offending material to the public
3. Skin alive
4. Dip into boiling oil
5. Hang what is left on a hook upside down
6. Leave for the crows to finish off.

That is of course in public.

It should be enough to do it once for anyone not to think of spamming as a business idea.

--
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
Re:LA Based ? CPC 502 applies by shawnseat · 2002-05-07 05:38 · Score: 1

I would have modded you up had you included this!

--
Religion is the opiate of the masses. The wealthy smoke the real stuff.
Re:LA Based ? CPC 502 applies by UncleFluffy · 2002-05-08 09:03 · Score: 2

By "put away," what methods are you suggesting?

I would suggest putting them in prison, with the words "I put something where it didn't belong without asking, please do the same to me" tattooed on their foreheads.

--
What would Lemmy do?

Another reason why choice is good. by aao-brad · 2002-05-07 02:46 · Score: 2, Insightful

I think this is the problem with M$ trying to take over the world, so to speak. If all users in the world had to use M$ products and browsers, this kind of thing would happen a lot more. Why? There are a lot of other slimeball businesses out there thinking up ways of doing things, and I bet they'd read this article and wonder why they didn't think of it first.

With that in mind, if the slimeballs knew that they can target one platform / browser (which is the case now as most normal people use IE anyway), they can devise things like this. Personally I use Mozilla, and tonight I'm converting to Linux, so this won't be much of an issue. I just wish more people knew there were other choices out there besides M$, and then they wouldn't fall victim to this.

--
"What kind of chip you got in there, a Dorito?" - Weird Al Yankovic

Re:Another reason why choice is good. by sillyputty · 2002-05-07 03:54 · Score: 1

This also allows a legitimate software writer to make a piece of software that will work for a high percentage of the market, so it isn't all bad. Besides, if a significant number of people switch to, say Mozilla, then you'll just see the companies like this invest in exploiting Mozilla.
sillyputty
Re:Another reason why choice is good. by Steveftoth · 2002-05-07 04:13 · Score: 2

Another reason this works is because since everyone runs the same platform, but doesn't update the software to the newest version. These exploits would not work (as well) if everybody went to microsoft.com and downloaded the newest version every day.

It was only a matter of time... by GnomeKing · 2002-05-07 02:46 · Score: 2, Interesting

Companies appear to be using more and more dodgy ways to make money from us

Spyware for targetted ads... Scumware for stealing our resources... using exploits to do whatever they like

whats next?
deleting competitors software? (or even worse, dissabling it/making it give incorrect results in such a way that the user doesnt know its been tampered with)
Installing backdoors so they can verify that your not using their software illegaly?

I feel increasingly that we, the consumers, need to have some sort of protected from spyware, scumware, companies who exploit security problems and the next generation of click through "but you signed your kidneys over to microsoft when you bought office!"

Re:It was only a matter of time... by chiph · 2002-05-07 03:23 · Score: 1

Companies appear to be using more and more dodgy ways to make money from us

It's because they think that no one will catch them at it. "Oh, we'll track their surfing habits by downloading this little control onto their PC. They'll never notice, and we can resell the info for a butt-load of money."

The thing I find amazing is how you can be running a truly useful website, and some banner ad that you're displaying links to software 5 businesses away. Which then downloads spyware onto your loyal visitor's computers. The next thing you know you're getting hate mail and end up on the RBL over something you had no control over. As a website owner, that's a hassle I just don't need, and is probably a contributing factor in the decline of banner ad revenue.

Chip H.
Re:It was only a matter of time... by swordgeek · 2002-05-07 03:57 · Score: 2

"deleting competitors software?"

Kazaa is pretty close to this: Install it, and the bundled adware deletes your install of Ad-Aware.

"Installing backdoors so they can verify that your not using their software illegaly?"

Whether or not MS is prosecuting, XP has the ability to do this.

"Oh brave new world, that has such people in it!"
*sigh*

--

"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
Re:It was only a matter of time... by cicho · 2002-05-07 06:51 · Score: 2, Insightful

Not Kazaa. RadLight. They've been slapped for this and apparently stopped.

--
"Only the small secrets need to be protected. The big ones are kept secret by public incredulity." - Marshall McLuhan

M$ bought by VA Software by Tharsis · 2002-05-07 02:48 · Score: 2, Funny

although, I admit, all preceding days would have to be pretty bad.

What's scarier by shawnmelliott · 2002-05-07 02:53 · Score: 5, Interesting

I don't know what's scarier. This article or that a related article at the bottom of this one talks about our "friend" Fritz who wants to "protect" spyware by defining what's sensitive.

Quote
The second is "nonsensitive" information, and among that will include your name, address, and records of anything you buy or surf on the Internet. Under the act, business can't collect or divulge the sensitive bits without your express consent, but anything classified as nonsensitive can be freely collected and sold at will.
End Quote

The article can be found here

happily unsupported by BroadbandBradley · 2002-05-07 02:55 · Score: 1, Troll

as ISP techsupport front line, I hear about this type of stuff all the time. Customers often think the ISP is the culprit and ask us to stop the pop ups. These are the same folks who can't get thier email after messing with firewall settings (not even knowing what a 'port' is). I'm amazed that novice users put up with all that winblows vrus crap. I guess they don't know there's another way to deal with it, until I tell them about Linux.

As a Linux user, my platform doesn't seem to be supported by any of these AdWare/SpyWare applications.

Sometimes it's good to be unsupported, and I think a lot of these novice users might do well on an unsupported platform.
Long live Tux, Defender of the free!

--
"The Most Fun Possible on 4 wheels" is at SunBuggy in Las Vegas

Re:happily unsupported by doofusclam · 2002-05-07 05:11 · Score: 1

And how do you suppose these people get a linux distro on their pc. Bearing in mind the usual driver issues/incompatibilities etc?

I appreciate the spyware may not be your ISPs fault, and it costs to have people like you on the frontline, but recommending Linux to noobs? Sorry, but the penguin just ain't ready for the AOL masses. You're just helping someone butcher a pc that someone with a clue will have to wipe and reinstall. Are you really advocating the use of an unsupported platform to the sort of people who call your ISP? If you worked for me you'd have been fired by now.

(Unless a distro comes preinstalled, and is only used for AOL - but thats a different story)

seany.
Re:happily unsupported by BroadbandBradley · 2002-05-07 09:07 · Score: 2

the usual disclaimer is: We don't support Linux, but there are sources of support elsewhere.

I don't know about you but I find Linux is WAY easier to use.

--
"The Most Fun Possible on 4 wheels" is at SunBuggy in Las Vegas

Are we surprised? by mixbsd · 2002-05-07 02:56 · Score: 1

Don't forget that this happened via Flowgo, spammers extroadinaire, who have no scruples about using the September 11th disaster for their own ends.

Personally, I hope both IntelliTech (misnomer) and Flowgo are prosecuted for this.

That comment is not insightful by Darren+Winsper · 2002-05-07 02:58 · Score: 2, Insightful

It's just a statement with no supporting evidence.

Re:That comment is not insightful by spectecjr · 2002-05-07 03:34 · Score: 1

Hey; don't complain - the same scheme worked for YOUR comment; you got modded up.

Simon

--
Coming soon - pyrogyra
Re:That comment is not insightful by MillionthMonkey · 2002-05-07 04:52 · Score: 2

>>>Come on. Netscape's engine didn't follow the Java spec. In fact, it had more violations that Microsoft's engine.
>>That comment is not insightful
>>It's just a statement with no supporting evidence.
> Hey; don't complain - the same scheme worked
> for YOUR comment; you got modded up.

He didn't make any statement that needed any more supporting evidence than the post he was responding to.
Re:That comment is not insightful by spectecjr · 2002-05-07 09:41 · Score: 2, Insightful

He didn't make any statement that needed any more supporting evidence than the post he was responding to.

If you had written applets between 1996 and 1998 using Netscape's VM, the Sun JVM and the Microsoft JVM at the time, and tried to get the same code working on all three, you wouldn't have needed any corroboration.

One of the worst was that Netscape's VM used completely different Z-Order to everyone else's. Their security manager was different.

I'd come up with more examples, but I've blocked out that awful part of my memory.

Simon

--
Coming soon - pyrogyra

This one doesn't... by ringbarer · 2002-05-07 03:03 · Score: 1

What about the next? How trivial would it be to code up some cancerware that gathers addresses from the victim's address book, and sends itself out to them, hidden in some kind of novelty 'Purple Monkey'-type application?

This situation reminds me of a docu-drama they had on the UK's Channel 4 a few years back, set the requisite 20 minutes into the future, about the ultimate video multicasting 'killer-app' that spread itself across the Internet as a virus. When people wanted to view the video files, they found they automatically HAD the right software without needing to run a complicated install.

--
"Why did they cancel my favorite Sci-Fi show? I downloaded ALL the episodes!"

Old version of VM/IE? by ejaw5 · 2002-05-07 03:04 · Score: 1

The article said the flaw exists in an old version of the Java Engine of Microsoft's Internet Explorer...

The M$ bulliten linked on the article and here shows that
The Microsoft VM is a virtual machine for the Win32® operating environment. It runs atop Microsoft® Windows 95, 98, Windows Me, Windows NT 4.0, or Windows 2000. It ships as part of each operating system, and also as part of Microsoft Internet Explorer. The version of the Microsoft VM that ships with Microsoft Internet Explorer 4.x and Internet Explorer 5.x contains a security vulnerability that could allow a Java applet, on a malicious web site to take any desired action on a visiting user?s machine.

Now, to me, Windows 2000 / IE 5.x isn't really OLD , considering that the majority of M$ users have IE 5.x. It may not be "new" like IE 6 or XP, but it doesn't mean 5.x is outdated.

--

$cat /dev/random > Sig

Re:Old version of VM/IE? by RailGunner · 2002-05-07 04:50 · Score: 1

I got hit with it here at work.. running IE 6 on Windows 2000. I don't know if the problem in IE has been fixed, and I don't care. This was the final straw, and I won't be using IE anymore.

Wow!!! by feloneous+cat · 2002-05-07 03:07 · Score: 1

My day has been ruined! Outlook AND Explorer both can spread virii?

Shit, this is like Microsoft writes bad code or something...

Can this be true or am I just living a nightmare?

Will we end up removing BOTH programs and installing two million candle-power lights to point up into the night sky to symbolize where these two mighty titans once stood?

Will Bush launch a strike against Redmond killing thousands (or putting them out of there misery)?

--
IANAL, but I've seen actors play them on TV

internet explorer slashdot story icon by ubiquitin · 2002-05-07 03:07 · Score: 2

This is the first time I can remember seeing a I.E. icon (Mac-style) on a slashdot story. How appropriate that the story is about the most annoying feature of Microsoft's browsing apps: javascript pop-up hell. But seriously, times have never been better for non Internet Explorer browsers: Opera, Konquerer, iCab, Chimera, and Mozilla are all extremely usable at this point.

--
http://tinyurl.com/4ny52

Re:internet explorer slashdot story icon by Wyzard · 2002-05-07 07:46 · Score: 1

Actually, I saw a segment about Opera on CNN the other day. I was surprised, and pleased.

Moot licensing? by Denium · 2002-05-07 03:11 · Score: 3, Interesting

IANAL but...

If a piece of software *is* malicious spyware, it would be counterintuitive to ask the user to authorize its use and consent to a license agreement.

So -- let's assume that the software exploits the hole and, in the process, causes damage to your machine. Because you did not agree to the usual clickwrap, (software is AS IS, etc etc) could you hold the company liable for this?

Just a thought :)

Re:Moot licensing? by nuggz · 2002-05-07 03:26 · Score: 2

Good idea, no waiver of incidental damage, could be quite a heavy hit.
Re:Moot licensing? by A.Soze · 2002-05-07 05:22 · Score: 2, Interesting

This brings up the question of legality within a contract. If the software could be construed to be damaging to a system, is the contract (license agreement) valid at all? I seem to remember somthing to the effect that, if a contract spells out something illegal in its terms, it ceases to become a valid contract. Wouldn't this revoke all permissions and open the floodgates?

--
"Goodness, how did you people live long enough to invent tools?" -Hobbes (the tiger, not the philosopher)

Speaking of slimeball tactics.... by artemis67 · 2002-05-07 03:14 · Score: 2

You may remember that, immediately after Sept. 11, a very popular popup making the rounds was for a game called "Yo Mama, Osama". If you clicked the ad and played the game, of course, it installed a spyware app (don't recall which one).

While technically not any different from the way other spyware are distributed, it still tops the list in my book for the sleaziest thing I've yet seen in spyware, i.e., capitalizing on the emotional turmoil for 9/11.

Re:Speaking of slimeball tactics.... by peddrenth · 2002-05-07 04:52 · Score: 2, Insightful

the sleaziest thing I've yet seen in spyware, i.e., capitalizing on the emotional turmoil for 9/11

No, respectable people would never do that, would they? Respectable people like, hmmm, THE FBI???

Trojans and Popups and Slimeball Business.... by josquint · 2002-05-07 03:14 · Score: 1

...Oh my!

Trojans and Popups and Slimeball Business
oh MY!!

Trojans and Popups and Slimeball Business
OH MY!!!

*out pops the wicked digital witch of the west*

What bothers me... by j-turkey · 2002-05-07 03:15 · Score: 5, Interesting

What bothers me the most, is that Federal Law Enforcement agencies have been going after individuals who crack corprate machines for years -- and hitting them with hard criminal charges (or in some cases, just throwing them in jail without clear or formal criminal charges).

Its clear that the federal government is zealous in its crusade to protect corporate America from "hackers". But who protects individuals from shady companies?

Its also clear that the company behind the trojan popups has engaged in criminal activity...but where the hell is the criminal investigation -- anyone being brought up on charges? At most -- we might see some fiducary damages awarded to someone (but not anyone here -- and not to anybody we know)...but if the feds can throw Kevin in jail -- I want the fuckers responsible for this kind of malicous marketing in jail too...(don't forget spammers either).

-Turkey

--

-Turkey

Re:What bothers me... by Amazing+Quantum+Man · 2002-05-07 04:08 · Score: 3, Troll

Its clear that the federal government is zealous in its crusade to protect corporate America from "hackers". But who protects individuals from shady companies?

<SARCASM>
Companies and corporations can do no wrong! Just ask Senator Disney^H^H^H^H^H^HHollings. On the other hand, those Evil Unamerican Terrorist Hacker Content Pirates(tm) are a threat to our very way of life!!!!!
</SARCASM>

To comply with the ADA, SARCASM tags have been added for the sarcasm impaired.

--
Fascism starts when the efficiency of the government becomes more important than the rights of the people.

look here. by leuk_he · 2002-05-07 03:15 · Score: 2

the hun It has a warning about exploit a site linked here used.

Investigate this! (warning: lot's of pink images, don't investigate at work).

Ad-aware by DeadSea · 2002-05-07 03:17 · Score: 5, Informative

Ad-aware is a Windows program from Lavasoft that will remove spyware from your computer. It is freeware. There is also a plus version available for a fee that will run in the background and prevent spyware from being installed.

Re:Ad-aware by Schrodinger's+Mouse · 2002-05-07 03:37 · Score: 2, Funny

Hear, hear. I've got it running on my parents' Winbox, and whenever I mooch^H^H^H^H^Hvisit I have it clear out all the piggybacking crap my teenaged brother installs. It's a nice little program. Now if only it could knock some sense into the kid...

--
*****
There are many people in this country who, through no fault of their own, are sane.
Re:Ad-aware by mixbsd · 2002-05-07 05:35 · Score: 1

Original article mentions that the IntelliTech cancerware also disabled the user's firewall, if running, so it wouldn't be too surprising if it also disabled Ad-Aware a-la Radlight's Spyware Media Player.

Whats to be done by martinmcc · 2002-05-07 03:22 · Score: 2, Interesting

It sickening to here how low some people will go to earn a few extra bucks, but such is the world we live in. The real problem is how to deal with it. Many people like to quote that 'all you need to do is run firewall x and anti-virus b' etc. which is fine for the tech savvy, but as we are all painfully aware, the majority is not tech savvy.

I think using a computer should be though of more like using a car than a calculator - no one would dream of sitting in a car and going for a drive before taking some lessons and getting a license (apart from a joyrider perhaps), yet many people phone DELL-U-WANT, order their box and sit down thinking they will be able to browse away, most getting very irrate when it doesn't work out. People need to realise that to use a computer they need to put in time and effort to learn how to first, which is something not helped by all the AOL type adds saying how easy it is.

Another possible fix I like the idea of is to have a 'safe zone' - The WWW is a large and mostly free place, and I for one do not want to see ANY legislation changing that, whether apparently for the better or not. As anyone who lives in a large city nows, you don't go to the bad end of town unless you now how to handle yourself, people will learn to stay in the safe zone. It could work by having a controlling body which hands out domains (here.sfe etc.). Anyone using this site must sign a rigirous contract of use, forbidding any type of exploitation of the vunerable users. Thus, any company exploiting in the domain will be liable through breach of contract, and leaves the rest of the internet free for those of us who now what we are doing. Systems could come with 'IE-safe', which does not allow browsing outside the safe domain, so only someone who knows what they are doing will be able to download full browser and go to the big bad web.

These solutions are far from perfect, and do leave room for exploitation, but I think the're better than the 'I'm safe, I don't care' attitute, and a bit more constructive than 'lets melt the &"%$ in a vat of acid' solution :).

Re:Whats to be done by Anonymous Coward · 2002-05-07 03:36 · Score: 1, Interesting

Systems could come with 'IE-safe', which does not allow browsing outside the safe domain, so only someone who knows what they are doing will be able to download full browser and go to the big bad web.
I thought they already had that... (at one time anyway)
Re:Whats to be done by martinmcc · 2002-05-07 10:18 · Score: 1

They certainly have failed me, what, with me being from Ireland and all that. Oh well, at least I'm getting a proper education here at slashdot, thanks to the diligents of the ever present AC. Perhaps your proclavity to propagate corrections is a long time urning for perfect, or pehaps it is simply becuase your a dick. Anyway, I eagerly await your correction to this post (I'm not going to spend the time when you so obviously have it).

Cheers!

I've got their cancerware on my computer. by Anti-Microsoft+Troll · 2002-05-07 03:24 · Score: 1

It's called "Windows Update."

Re:I've got their cancerware on my computer. by sillyputty · 2002-05-07 04:02 · Score: 1

...and if these people had RUN that, they'd have had the new VM and wouldn't have been affected. But nobody wants to hear that.
sillyputty

ReDefinition: Viral Marketing by mcrbids · 2002-05-07 03:26 · Score: 2

I've always thought that "Viral Marketing" is when you design a product so that use of the product by the consumer promotes the product.

An example of this might be name brand T-shirts..

But this puts "viral marketing" in a whole new light...

--
I have no problem with your religion until you decide it's reason to deprive others of the truth.

wwws1.com by Tottori · 2002-05-07 03:27 · Score: 1

Yup, like I said, I have a log full of lame server entries for wwws1.com -> translation, the program was sending her to wwws1.com and my DNS server when doing the resolving was reporting the fact that the DNS for wwws1.com is not setup correctly.

Specifically, wwws1.com has two nameservers, ns1.zonesnow.net and ns2.zonesnow.net. But only ns2.zonesnow.net actually knows about the domain. If your nameserver goes to ns1 first, it will report "lame server" then try the other.

Amusingly, the whois information (and hence top-level DNS servers) contain two completely different nameservers, NS1.QUIK-NET.NET and NS2.QUIK-NET.NET. Again only NS2 knows about the domain. This is common with badly configured DNS.

--
use constant PERL_IS_BROKEN => $] >= 5.006;

Just in case Slashdot gets slashdotted!! by Anonymous Coward · 2002-05-07 03:29 · Score: 1, Funny

from the remember-when-the-net-was-polite dept.

Selanit writes "Salon.com is reporting on a company which exploited a vulnerability in an old but common version of Internet Explorer's Java engine to install spyware on the visitor's machine. " It's a pretty in depth story showing the lack of respect that some companies have. My favorite part is that the guy who denies any knowledge of the trojan popup is named 'Frank Bigott'.

I had GoHip installed from outlook express by iamr00t · 2002-05-07 03:32 · Score: 2, Interesting

The only thing I did was look at the e-mail.
That was more than a year ago.

Fortunately they just replaced my homepage and search page in IE. No spyware.

Well, I don't use IE now anyways, but I use Outlook Express to read my Hotmail account.
Now I just turned off preview screen so I can delete spam and stuff without actualy rendering it.

Scary Stuff! by newerbob · 2002-05-07 03:39 · Score: 2, Insightful

Fortunately, I run ProximaBob, a pop-up killer that neuters Java and JavaScript from sites that I don't mark as trusted.

I hope this company is held accoutable.

There's another company that's nearly as bad: Real Networks. Ever see how much crap they try to install if you're not paying attention?

Our company now has RealPlayer on its banned list, because we consider it a virus.

--

--
Ask the Ya-Hoot Oracle Anything!

Not exactly a surprise... by ari{Dal} · 2002-05-07 03:50 · Score: 2

it was only a matter of time before some unscrupulous ***hole took advantage of MS's unscrupulous coding to do something like this. The only surprise I got was that it took this long to happen, and is only now getting into the news. While I use IE for browsing, it's just because of things like this that I long ago disabled all active scripting, uninstalled flash, and never installed the MS virtual machine to begin with.

I also block any ad tracking site from setting cookies or sending popups through the nifty 'security' settings. Every time I find a cookie in my temp internet files that I don't recognize, the host automatically goes into 'ad tracking sites'.

Call me paranoid, but if it ain't plain HTML and static images, I don't wanna see it.

--
Moral indignation is jealousy with a halo - H. G. Wells

You should sue by kryzx · 2002-05-07 03:53 · Score: 3, Informative

You really should consider going after them in court. There are currently no federal laws restricting spam, but many states have laws.

Investigate your state laws here: http://law.spamcon.org/us-laws/index.shtml

Some of the states allow quite significant damages, for example, California law allows "damages of $50 per message, up to $25,000 per day, or its actual damages, whichever is greater."

If you are in a state with anti-spam laws you could really lay a hurtin' on them, and might even collect some dough in the process. (Although, given that we know they are unscrupulous, collecting will not be easy.)

Here are some other resources:
http://smallclaim.info/
http://www.spamcon.org/
http://www.aboutspam.com/
http://http://www.cauce.org/about/resources.shtml

--
"I don't know half of you half as well as I should like, and I like less than half of you half as well as you deserve."

Wow.... by Wntrmute · 2002-05-07 03:57 · Score: 2

So what, exactly, gives you the right to deny them of funds like that? Now if you simply close the ad and don't click on it, thats one thing, but to never view it....

Good to see Jamie Kellner's got an account now.

Internet Explorer's WHAT machine? by Rogerborg · 2002-05-07 03:58 · Score: 3, Redundant

Correction: the Microsoft VM is not a Java Virtual Machine. It is a Virtual Machine that supports Java. Lest we forget, Sun had to fight long and hard to have a court uphold this. Check out the Microsoft security bulletin about this flaw and note that it is the "Microsoft® virtual machine (Microsoft VM)". Let's not tar JVM's with the same brush.

--
If you were blocking sigs, you wouldn't have to read this.

What about Alchemy's actions? by nolife · 2002-05-07 04:00 · Score: 2

What about Alchemy's response:

When contacted by Salon on April 26 about reports of malicious code at the IntelliTech sites, Alchemy's vice president Jamie Daquino said his position was Shut down first, ask questions later.

"For someone to get written up as a virus, that's pretty serious. If they're doing what people are saying, it's illegal. We don't want to be associated with that," said Daquino.

I hate to quote so much but this is scary. This is Alchemy's response based on some info from Salon? Without even checking with IntelliTech first they simply "pull the plug"? After reading the articles I formed my own opinion that IntelliTech is complete trash but what gives Alchemy the right to simply pull the plug? I assume they have an official step by step to deal with issues of this nature but they appear to not use them. Alchemy basically states that they don't know what IntelliTech is doing, did not bother to ask, but pulled the plug anyway.

--
Bad boys rape our young girls but Violet gives willingly.

Re:What about Alchemy's actions? by frost22 · 2002-05-07 06:15 · Score: 2

It is a very sensible position. Shut down first, ivestiagte immediately after, then shut down permanent.

Alchemy has every right to pull the plug immediately. You might debate if they have the right to leave the thing unplugged without any investiagtion - but venture to guess they got someone to have a look at the site's code immediatley.

--
...and here I stand, with all my lore, poor fool, no wiser than before.

Bust 'em by Mr+Happy · 2002-05-07 04:01 · Score: 1

If writing viruses can land you jail time (witness the fate of the author of Melissa) then the scum that distributed this code ought to be criminally prosecuted as well.

Its despicable enough to install files onto a user's machine without their consent but to turn off the protection they're relying on is disgusting.

Burn the bastards.

ActiveX Backdoor by Animats · 2002-05-07 04:10 · Score: 3, Informative

It's in the "ActiveX Backdoor" that Microsoft put in their VM. Microsoft lets Java programs load ActiveX controls, presumably so that Java programmers can be induced to create programs that won't run on non-Windows platforms. As Microsoft says,

The Microsoft virtual machine (Microsoft VM) contains functionality that allows ActiveX controls to be created and manipulated by Java applications or applets. This functionality is intended to only be available to stand-alone Java applications or digitally signed applets. However, this vulnerability allows ActiveX controls to be created and used from a web page, or from within a HTML based e-mail message, without requiring a signed applet.

Just call me Pandora by ArhcAngel · 2002-05-07 04:10 · Score: 1

But with all the fuss here and on a couple of other sites I am finding it hard not to scratch the itch to go over to flowgo and see what all the fuss is about. Somebody hold me back!....HTTP://www.flogo.c....

--
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K

Re:Just call me Pandora by ArhcAngel · 2002-05-07 04:15 · Score: 1

Too Late! I got bit by a Gator and an ad for AT&T Wireless.

--
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K

Re:Yeah, well Mozilla sucks because... by EvilOpie · 2002-05-07 04:33 · Score: 2, Informative

Actually, to answer your question, it's not too hard to get java working on mozilla. It just takes an extra step. I have it working here and I'm using mozilla 0.9.9

First, go to Sun's Java page, and download their SDK for Java. Then run their installer and install that on your system. The next step is to go to the bin directory in the location where you just installed Java, and copy all the .dll's to your mozilla plugins directory. Then close (if it's running) and restart mozilla. After that, java support should work for you.

--
-Through the server, over the router, off the firewall... Nothing but 'Net!

I got hit with this at work.. by RailGunner · 2002-05-07 04:36 · Score: 1

I came in to work the last friday morning and noted that McAfee Virus Scan had found this spyware on my machine. It's actually a bit of a pain to remove, but fortunately there doesn't seem to be any super destructive payload.

However, this did prompt me to do a few things at work, home, parents, in-laws, etc:

1. Check for the spyware

2. Remove all shortcuts to Internet Exploder

3. Install Opera 6.01

4. Install Mozilla RC1

5. Explain to less technologically inclined family that if a page doesn't render correctly in one, try the other, if it still doesn't render correctly, then email the webmaster of the site.

6. Despise Microsoft even more... even though I don't care who knows I visit Slashdot and Drudgereport.com... (though the principle of spyware pisses me off)

White of an Egg by Roanna · 2002-05-07 04:36 · Score: 1

This comes from a joke, where you talk about
what you do with your finger (poke), and when
you sit in a nice hot bath you soak. In England a fellow is called a bloke. Now what is the white of an egg?

Flowgo/Funstun/Send4Fun use a very similar technique to get users to opt in to their spam lists. When you recieve a typical e-card (and not all of them but enough) there is a link in the first paragraph of the letter for ordinary pick up and a second link for AOL. You get a card from a friend and don't examine the links too closely. Besides the pattern is all the same.

Flowgo/Funstun/Send4Fun make their first link say something like "to see this card and recieve our great newsletter click here." The second link says "to see this card and recieve nothing," click here. Users who read carefully get no newsletter, but how many do?

Of course those who click the first link technically had a choice and are opting in. Opting in to receive a newsletter is not spam.

It's slimey and deceitful but since users technically opt in, I believe it's legal. I've gotten myself off Funstun/Flowgo's spam list twice. It's very easy to forget that the white of an egg is not a yolk.

For card education please visit Solla Sollew
http://nakedmolerat.org.uk/sollasollew It was my attempt at starting my own ladies' group.

--
Please visit ZOID CITY Community and Community Competition http://www.zc2zc3.st

Re:White of an Egg by rgmoore · 2002-05-07 05:47 · Score: 1

As far as I know, though, you can't claim that once somebody has opted in they may no longer opt out. If the email administrator sends a message to Flowgo asking them to stop sending email, those people have now been opted out. At that point, further email from Flowgo is definitely spam, whether the users originally asked to be put on the list or not. That's why keeping records of the time that you asked them to stop sending the company email is so important.

--
There's no point in questioning authority if you aren't going to listen to the answers.

Software nutrition information by CaptainPhong · 2002-05-07 04:40 · Score: 3, Interesting

The FDA has strict standards for listing nutrition information on food. A simple, consistant, easy to read, strictly formatted box shows you what's in it and how bad it is for you. IMHO, it works well (even for your average idiot at the grocery store), and is a Good Idea. Would it be so hard to do the same thing for software? Before installing, it presents the user a concise, consistantly formatted box that shows the user what the software does, what files it installs, what services/ports it uses over the internet, what information it collects, stores, uses and shares, and with whom it shares the information. Anybody who creates software that doesn't fit this policy gets heavily fined/jailed/deported/bludgeoned/etc.

--
... "Give me a woman who loves beer and I will conquer the w

Re:Software nutrition information by BeeShoo · 2002-05-07 05:41 · Score: 1

Unfortunately, that food labeling law is not as effective as you might think (forgive me for going off topic by commenting on this). If a manufacturer includes someone else's product in his own product, let's say adding beef bullion to a company's soup for example, he does NOT have to list any of the ingredients in that 3rd party product. That 3rd party product could concievably contain several ingredients that you're allergic to (or worse), but there is no obligation under the law to list those ingredients. This is done constantly with MSG and NutraSweet (Aspertame).

Back on topic- Odds are that any software law passed would end up including a similar loophole.

Flowgo by macdaddy · 2002-05-07 04:43 · Score: 2

That's all the farther I had to read. Anything beyond that is pointless. Flowgo is spam and nothing more. I block every single piece of flowgo netspace I can find. I also use the flowgoaway.com DNS blacklist. Block flowgo and you'll be a much happier mail admin.

Re:Flowgo by mixbsd · 2002-05-07 05:07 · Score: 1

From the original article on salon.com: Online1net.com, along with wwws1.com and KoolKatalog, was summarily unplugged last week by Alchemy Communications, the Internet collocation facility that services New Directions.

Perhaps it would be a good idea if pressure was put onto flowgo's uplink to do the same thing - then we wouldn't need spam bouncers in place :)
Re:Flowgo by macdaddy · 2002-05-07 09:42 · Score: 2

Problem is, Flowgo/eUniverse has numerous blocks scattered all over the place. Big pain in the ass to coordinate that mass bitch-slapping.

It's ALIVE by nkrgovic · 2002-05-07 04:44 · Score: 1

How come no one noticed this:there was one a virus. Then that virus has met with anouther virus, they joined their "genes" and created a new one.

More simple they mutated. And I don't mean "mutated" like we usualy call a virus when someone changed it. I mean they did it on their one!!!!

Or, is you prefer it: they had sex...

Anyhow, these two viruses changed themselves on their own. I know that this was "probable" but so was evolution... Let's face it: we are witnessing a new life form being created here, or at least something like that....

THAT THING IS ALIVE!!!!!!!

Bullet-proof computing by freeweed · 2002-05-07 05:17 · Score: 2

Many people like to quote that 'all you need to do is run firewall x and anti-virus b' etc. which is fine for the tech savvy, but as we are all painfully aware, the majority is not tech savvy.

You know, it's precisely this attitude which pisses me off the most out of anything in the computer industry currently. For one thing, the above poster is right - the masses are NOT tech savvy. Nor should they have to be.

Hell, I'm tech savvy as far as that goes. But running a whole host of extra software and/or hardware just because we have weak laws/stupid people is NOT an acceptable answer. Think about it - if, instead of laws making it illegal to shoot people, we just said this:

"If you don't want to get shot, well, you shoulda worn a bullet proof vest and helmet when you went out."

I always shake my head when tech-related issues arise; it's as if people suddenly lose all common sense. I can freely walk down the street (for the most part) in the US without fear of being shot, sure it's a remote possibility, but everyone does and very few people get killed proportionally. Why oh WHY can't we use our computers freely also?

--
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.

Disabled by phriedom · 2002-05-07 05:56 · Score: 1

Not quite. It disables itself if there is a firewall program running. I assume so that it doesn't get detected. If there is no gatekeeper, then it goes ahead and downloads other programs and installs them. If that isn't malicious intent I don't know what is. It makes sure you aren't watching before it trys something.

--
Don't moderate flamebait as Troll. Know the difference or you will be Meta-moderated.

How do you block OnClose? by jerryasher · 2002-05-07 05:58 · Score: 1

I use Mozilla and have it configured through the Advanced preferences not to pop things up. How do I block OnClose or other specific elements of JavaScript?

Re: How do you block OnClose? by elemental23 · 2002-05-07 11:42 · Score: 1

You already have. That setting disables opening new windows onLoad or onUnload. onUnload is what's being used when you see new windows open as you close a different one.

--
I like my women like my coffee... pale and bitter.
Re: How do you block OnClose? by jerryasher · 2002-05-07 12:18 · Score: 2

Since I can't contribute (except for bug reports) to Mozilla, I dislike appearing critical, but I wish it were a bit more obvious and configurable what is happening with these Advanced Scripting options. (Or if I could configure them on a site by site basis.)

Yes, I am a TV Junkie. I find tvguide.com invaluable, but tvguide.com uses popups to show a closer look of each show:
closer = window.open("", "CloserLook", opts); closer.focus();
On Mozilla 0.9.9 the only thing I allow JavaScript to do is to "Open a link in a new Window". This lets me use TV Guide, and keeps almost all other popups away. On Mozilla 1.0RC1, I have to enable "Open unrequested windows". Yikes, if I want my TV Guide popups, I also get all the other pop ups in the world.

So I am still not sure what I need to be doing to get TV Guide to work once more while keeping the junk popups away

Re:Not a good day for M$ on Slashdot by spencerogden · 2002-05-07 06:05 · Score: 1

Who says that people involved with Linux care about Stallman's crusade?

--

Spencer Ogden

Spyware indeed... by pyser · 2002-05-07 06:23 · Score: 1

When I try to access the Salon article, Opera (NT4, which I have to run here at work) Dr. Watsons. Every time.

Affected Systems: by bill_mcgonigle · 2002-05-07 06:37 · Score: 3, Interesting

Internet Explorer running on Microsoft Windows

Systems not affected:
Internet Explorer running on Macintosh
Internet Explorer running on Solaris
Netscape running on Windows
Netscape running on Macintosh
Netscape running on Linux
Netscape running on Solaris
Netscape running on BSD
Mozilla running on Windows
Mozilla running on Macintosh
Mozilla running on Linux
Mozilla running on Solaris
Mozilla running on HP/UX
Mozilla running on BeOS
Mozilla running on AIX
Mozilla running on VMS
Opera running on Windows
Opera running on Macintosh
Opera running on Linux

etc.

(they forgot to mention this in the article. Not that any patterns are starting to appear...)

--
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)

Comet Cursor, Movie Networks, Gator, Bonzi Buddy by Renraku · 2002-05-07 07:53 · Score: 2

They all try the same thing. They simply start an installer and demand that you click next and that you agree to the EULA (which I don't think is shown, but they assume you've already read it). And Movie Networks tries to disconncet/dial into some CA-based server to download the rest of it. It doesn't even ask, it just says, "Disconnecting to call remote server" or something like that. Good thing I have DSL, or it would have made the call. Companies like that should be sued. It would be like watching a commercial, only to have a product arrive at your house, along with a bill demanding money.

--
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?

An Endless Cycle by Roanna · 2002-05-07 10:32 · Score: 1

This crap with invasive software, opt-in by deception, and just plain garbage is going to go on forever until and unless users get more savvy or those in the know take the time to train them.

I tried some of this last summer with awful
results. I was in a group that is now defunct called the Secret Garden. I think it is now called http://rainbowofhope.tripod.com

I was head of the Support committee which meant we not only made web pages with graphic gifts but we also sent tons of cards.

I got up a good discussion on ecards and I showed my committee a spam trap and explained why it was bad. It was a card an actual member had sent.

The fireworks exploded. The woman who sent the card knew I meant what I said when I said it wasn't her fault.

Another member who had the ear of our Fearless Leader, Jules, did not. She feared she would be at the wrong end of the tirade I was directing at the spam pit, Flowgo.

I explained over and over to Jules the need to make spam traps a public issue and that providing good support means no spam. Jules worried about hurt feelings. I worried about screw ups.

I got through though when I said that the last thing any of us needed was to send a Flowgo/Funstun card to a sick or bereaved member and stick someone who has more than enough stress with the stress of spam.

We began to test card providers by sending cards amongst ourselves. Again, this does not take much skill. I think we would have gone much further if Jules hadn't pulled her cop de tat.

I think people can learn. Sometimes I wish they wouldn't. I'm currently head of RAOK's guestbook committee and lately there has been a huge drop off in the number of guestbook signings. The reason is that Bravenet is no longer as stable as it was precrash. I didn't pick RAOK's guestbook provider. It also throws two to three popups a signing. Signing a Bravenet guestbook just isn't much fun any more.

By the way, I feel about Bravenet the way a lot of you feel about Flowgo/Funstun/Send4Fun. At least the guestbook signers are avoiding garbage.

--
Please visit ZOID CITY Community and Community Competition http://www.zc2zc3.st

Alchemy calls kettle black by rev_doc80 · 2002-05-07 10:42 · Score: 1

I love it -- the article quotes Jamie from Alchemy (which is owned by pr0n company Babenet) as saying their policy is shut down first, ask questions later, but witness an article at Wired which discusses the gohip virus Alchemy was installing on peoples computers two years ago!

ObSimpsonsQuote: by kubrick · 2002-05-07 12:17 · Score: 1

Homer: "Can I have some money now?"

--
deus does not exist but if he does

WNAD.EXE by BillX · 2002-05-07 21:02 · Score: 1

http://cexx.org/osama.htm

The wnad.exe program initiates connection to www.rankyou.com:80 and other sites, apparently for the purpose of transferring personal information and downloading targeted advertising for later display. According to reports, wnad.exe hijacks the Web browser to display pop-up ads every hour or so. While it is claimed that the purpose of the software is to raise money for the American Red Cross, the suspicious activities associated with
the software tend to cast distrust on these claims.

--
Caveat Emptor is not a business model.

no, that's not quite how it works by hawk · 2002-05-08 00:22 · Score: 2

the price of the newspaper covers roughly the distribution cost. The content, printing, staff, profit, etc. come from ads.

However, advertisers won't pay (or at least not nearly as much) to advertise in something free. They take the number of paid subscribers--even if it's only a small amount--as a measure of how many people actually read it.

hawk

Re:no, that's not quite how it works by SkyLeach · 2002-05-08 06:30 · Score: 2

So why do they charge more for the distribution of the sunday paper? Because it's heavier. Why is it heavier? All those adds.

You are paying to get it brought to you so that you can pay another company (your trash pickup) to haul it away on Monday. :-)

--
My $0.02 will always be worth more than your â0.02, so :-p

The Computer Misuse Act 1990 (UK) by Martin+Spamer · 2002-05-08 00:37 · Score: 2

If you live in the UK (or EU) then this is already illegal under section 1 of the Computer misuse act. Since this act is a result of EU Treaty obligations similar legislation exist accross the EU.

This same legislation could theoretically be used against junk emailers.

'The Computer Misuse Act 1990'
Section 1;

1.--(1) A person is guilty of an offence if--
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at--
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.

http://www.hmso.gov.uk/acts/acts1990/Ukpga_19900 01 8_en_1.htm

Slashdot Mirror

Trojans and Popups and Slimeball Business

170 of 269 comments (clear)