Slashdot Mirror
World's Most Annoying IE Toolbar
nautical9 writes "Following the same devious footsteps of the infamous Bonzi Buddy, Gator, and Comet Cursor "enhancements", Xupiter now has their own self-installing toolbar for IE. There are many claims that if you leave your security preferences at their default level, it will install itself without your express permission. And once on your system, it's gracious enough to reset your homepage to xupiter.com, forward all your searches to their search engine, download and automatically launch applications (like gambling applets), and blocks all attempts to set these back to normal. Removing it isn't trivial either - it automatically checks for updates upon reboot, where it constantly changes the registry settings it uses, making the jobs of spyware removal programs like AdAware or Spybot Search & Destroy much harder. No word yet if it collects and forwards personal data."
to their credit, Xupiter's search engine returns the best quality squirrel porn I've ever seen.
No, if you leave your security preferences at their default level, things like this will not install. That is clearly FUD. Even if you have your security preferences a notch lower, it will still prompt you to confirm installation.
People get into the habbit of clicking "OK" whenever something pops up. Next thing they know, they have Gator and all sorts of junk installed.
Amazing magic tricks
Thanks a lot. I clicked on the link, and now I have this stupid toolbar installed!
idm owns me
Make the lawyers do some good for once. We need a lobbying group for People With Common Sense, and crap like this shouldn't even be legal. If somebody performed a similar act of sabotage with other peice of personal property it'd be illegal. We need to be telling our representatives on C.H. that we're tired of this kind of crap. Sadly, our voice is fairly small. Most people don't know or care.
No word yet if it collects and forwards personal data.
Is this just more mindless Microsoft bashing on Slashdot? It's one thing to post a notification of actual, privacy damaging spyware, but if it's simply annoying and you don't know if it spies on you or not then DON'T INSTALL IT!. Sheesh...
It keeps asking me to get a MSDN subscription, it's really annoying, how can I remove it?
Je t'aime Stéphanie
ya.. now u have done it.. now every
ahh... so u dont need to read the actual article to comment... damn it #*#@
... hee2 is stuck under the bed.
Oh yea... as if they're going to go through all of that trouble and deception and not collect and forward personal data.
Right.
-S
--- What parts of "shall make no law", "shall not be infringed", and "shall not be violated" don't you understand?
It's pretty easy to use Moz or Opera, which never started going down the security-hostile path of automated installation from *web pages*. And bookmarking. And so forth.
:-)
If you're using IE, you're running a piece of software *on your machine* which is advertising and providing the ability for a web page to basically screw your system up. If precisely this happens...well, you should have tried another browser.
(If you don't like the Moz suite approach, try Phoenix)
May we never see th
I know it isn't a perfect solution, but I only launch IE for a few pissant sites that require it. I've nearly forgotten about the hostilities of the Internet since switching to Mozilla.
-- Solaris Central - http://w
Help, help! My Bonzi Buddy is eating my Gator, and my Comet Cursor is header for a direct impact with Xupiter!!!
Sig.i>
Xupiter has been around for a while. And it's NOT hard to get rid off: http://www.xupiter.com/uninstall That's it. Way to overreact guys.
I've got default security settings and while it certainly displayed a few popups nothing else got installed. If however the user clicks 'OK' to things being installed without checking what they really do first then you get what you expect. :)
Rule of thumb: Never install anything while browsing when it pops up and says "Hi install me for extra wizzy things!!!".
Martin Piper
Owner - ReplicaNet and RNLobby
You know, I should have sympathy for the victims of this, but I don't. The solution is simple; don't use IE! Countless security holes and other problems have occured with IE in the past, yet people still use it.
This goes double for the people I've already warned. Every time something nasty like this happens, I tell them the solution is to use something else. Then they come crying to me the next time it happens.
Use alternate browsers like Mozilla when generally browsing the web. Disable 3rd party websites from sending cookies or images. When you hit a page/site Mozilla has trouble with, then and only then, should you launch IE to view that page/site. This has been my policy for about 6 months, and I'm quite content now.
Xupiter is also being bundled along with at least one peer-to-peer file sharing program
Anyone know which P2P one it is?
(Mainly so I can avoid it.)
Avantslash - View Slashdot cleanly on your mobile phone.
If it looks like a duck and quacks like a duck then it's usually pretty safe to say that it's a duck. In this case all of these enhancements sound like viruses to me, or at least a derivitave of a virus. Where viruses had to be cleverly coded in order to be as small as possible and avoid detection by a skilled hacker these new pieces of code are large and increasingly rely on being able to remove software that would remove it.
If you modify my system without me requesting it then you've installed a virus on my system. I should be able to call the FBI computer crimes division and get proceedings underway that result in you getting some nice free government accomodations.
Chris Kuivenhoven is a thief, beware
I guess I still don't see what the big deal is. It's just like the email "virii" that require people to execute scripts. If you don't want the stupid toolbar, don't download and install it. If you do install it and then you change your mind, uninstall it. This is isn't rocket surgery, people.
I'm also pretty surprised to see this kind of sympathy for Windows newbs on this site. We're all well beyond computer literate, and we recognize that computers and software are just tools that do what we want. If the lusers can't take the time to learn how to use their computers properly, well, that's their own fault.
The toolbar must not fall into the hands of one who would use it to destroy us. It is folly, then, to take it to him, when we could use it ourselves for such greatness.
Boromir, son of Faramir, King of Gondor and Minas Tirith
Might be fun to slashdot the site for a while to, uh, "thank" them for their generous "gift"
:)
Also, site said to report any problems to help@xupiter.com. How many requests do you think they'll get about the toolbard?
I have no
***//MESSAGE TERMINATED//INSERTING REPLACEMENT//***
XUPITER IS GREAT! EVERYONE NEEDS XUPITER! IT CAN TYPE FOR YOU! WHY DON'T YOU INSTALL XUPITER NOW?
Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter Xupiter
Rock!
sign me up for 3 of them.
There are some odd things afoot now, in the Villa Straylight.
I used to think that all Internet Cafes were owned by a company named "Xupiter" - but now I know better. This Slashdot posting explains a lot.
Solution?
- Don't use IE. Try browsers like Phoenix or Opera.
I use IE only on Windows Update on my Windows machine.
I demand the Cone of Silence!
Could this be considered malicious? Is there any sort of legal action you could take against the company for installing the software (hacking your machine) without your permission?
It's interesting, if a teenage computer wiz went on someones website and changed the configuration and wrote lets say "riaa is ass" they'd be charged, why is this any different? If I hack (hypothetically) into the Xupiters site and alter it, am I released from any legal liability because they did it to my machine first? Sort of like a cyber self-defence?
"http://www.xupiter.com/uninstall.html"
But...but...I want my browser taken over too! We Mac users never any get any of the cool stuff Windows does...::snifff::
CDE open sourced! https://sourceforge.net/projects/cdesktopenv/
I run Opera and keep my IE set up for a proxy on localhost(No I don't have a proxy). Then if something needs to use IE due to integration I can add the site to the proxy bypass list.
There is also no word in yet if it will blast your brain with secret radio waves that will make you submit to secret commands from the government but it's a good idea to always wear your tin-foil hat anyways.
Sheesh...
All the best,
--Bob
Yes, this is a tricky bugger to remove, unless you find the uninstall. Not documented, but thanks to some nice folks in the forum, here it is:
http://www.xupiter.com/uninstall/
Where's my lobbyist? Right here.
ANOTHER reason to use Mozilla!
This space for rent
The problem with these damn things is that you never quite know how they got onto your machine. I'm always very careful about what I install, and which dialog boxes I say "OK" to, but there's always the possibility that I accidentally let something slip through. I suppose that's why people aren't 100% sure if it can install itself right from IE without confirmation.
I'm getting increasingly sick of using IE, but I'm constantly running across sites that Mozilla just can't handle properly (or swiftly). And yes, I've cranked up the security level, though god knows why there exists any level of "security" that would allow unconfirmed installs.
... it's having your ActiveX security at default permissions, which in itself is a boneheaded move by Microsoft.
Basically, default permissions say that any "signed" ActiveX control is OK to install without a prompt. So Xupiter just goes ahead and installs it.
People need to read up and learn how to use the (fairly powerful) security settings in IE6, and Microsoft needs to be chastized again for making default security too trusting.
But it's NOT a bug.
www.mozilla.org
www.netscape.com
www.opera.com
Hey, if you insist on using the damn IE (like I do) just set your security settings to "paranoia". Set everything to "prompt", disable everything that you don't think you'll need, etc. Just use some other browser... or better... get a shell somewhere and browse with "links", or even "lynx". It won't be pretty, but... who needs images when you have text? :)
By reading this signature you agree to not disagree with the post you just read.
Would be to activate IE's "Disable 3rd Party Extensions" option (In IE6: Tools-> Internet Options-> Advanced -> 12th Option Under the "Browsing" section)..
I was fixing somebody's computer that had this toolbar installed and it would crash IE every time you opened IE (Or tried browsing the web via windows explorer). But once I Disabled 3rd Party Browser Extensions, it worked fine...
Supposing that this app does indeed install without user intervention (I doubt it... not even a lousy IE install confirmation dialog?), what differentiates it from a virus? Can programs like this be considered a virus? If so it would be interesting to see them get sued just like virus-creators are caught. IMHO this type of programs can even be worse than a virus. A virus sometimes destroys or degenerates its host. But these apps suck and abuse the host.
Of course it's modded up.
It blames microsoft for a completely unrelated businesses shady practices, blaming it on a 'security hole' with no evidence.
And of course, if Netscape/Mozilla/whatever gets popular enough, admonkeys will create a toolbar/plugin for them too.
I don't need no instructions to know how to rock!!!!
did uninstall really ever work on windows? i thought it's afeature that uninstall wont remove every file for the case you want to re-install the software later.. since when has this changed?
Here's an alternative way to use the Security Zones of Internet Explorer to protect you from crap like this.
First, set the "Trusted Sites" zone to the "MEDIUM" level.
THIS MAKES YOUR TRUSTED SITES ZONE THE SAME AS THE NORMAL INTERNET ZONE.
(People seem to flame this idea as a security risk without understanding that last bit)
Then, modify the "Internet Zone" and disable Active Scripting.
Finally, add all your favourite sites to the "Trusted Sites" zone.
You can now enjoy the full functionality of JavaScript etc. on your frequently visited sites including the usual protection of the Internet Zone.
Any site not in the Trusted Sites list cannot use JavasSript and so prevents pop-ups and other nasties such as self installing spy-ware.
I did get this toolbar without clicking yes to anything. I wasn't on xupiter's website. I was browsing and after i was done i closed explorer. When i opened it back up late there was the tool bar. I still dont know where i got it. It took me a while to figure out who it belonged to and how to rid myself of it. I flamed away afterwards.
-Foxxz
On my Windows 98 SE box, I now browse with Phoenix almost all the time. I've discovered, though, that some browser downloads Internet Explorer asks me about, Phoenix installs automatically. (Phoenix seems a little too promiscuous about accepting Java, and doesn't remove .class files when it flushes the cache. Check the %WINDIR%/.jpi_cache/ directory structure.)
It's the kind of thing you might expect from a 0.5 release; unfortunately, it's not the kind of thing you should only expect from Microsoft.
Stupid job ads, weird spam, occasional insight at
Not always there is many things that people can install on your computer through IE using bugs in active x controls and java script.
"rocket surgery"
Hah, now that's even funnier.
GL
Time to recheck my security settings. ..bruce..
Bruce F. Webster (brucefwebster.com)
Here at the ole corporate plantation, we get calls every day from people who have installed apps like this and now wonder why their IE won't work right, or they are getting illicit (gambling, nekkid chicks, etc.) pop-ups and the like. Of course, they all go doe-eyed and deny they did anything wrong.
Usually, it is something seemingly innocuous like Xupiter, or Gator. As much as I detest Microsoft, I can't really blame them for this one. After all, they didn't make the software MAKE the user click on the download and install buttons, did they?
People should know better, but they don't. I guess it goes back to the analogy of you don't have to know how to rebuild the engine to drive the car, but they should be aware enough to know that after four times, their computer won't work as well when they put some free trash on it to make it pretty or better.
At the end of the day, the biggest security hole is the user. And no software can ever change that.
1 -- It does not magically install itself, you have to either tell IE to let any old junk execute or click on the OK button yourself. Either way, it's your fault.
2 -- It is not hard to remove. There's even an uninstaller provided that works (I just tried it on a sacrificial computer).
3 -- No matter how much you like Linux or Mozilla or whatever, mere anti-MS fear and loathing is not news.
Thank you for your attention.
Whence? Hence. Whither? Thither.
In this country (UK) we have something called the 'Computer Missuse Act'. This is a very dull piece of legislation which says (among other things) that using someones computer without their consent is illegal. Any program which runs on your computer without your explicit consent therefore violates this. If you click 'Okay', on the other hand...
I am TheRaven on Soylent News
(maybe with claims like that we can convince the goverment to go start witch hunts that will go after all the irritating things like that one)
"There is no teacher but the enemy."-Mazer Rackham
Don't use IE. Use Phoenix, Mozilla, Netscape or Opera. I haven't faced any such problems since I switched. The other way is to get free versions of pop-up blockers so that you don't click OK on everything that pops up. This is nothing new. I am sure this was a piggyback install on something else. You just need to read the fine print before agreeing.
Stupid plugins exist for many browsers, yet the story submitter is just bitching about some random IE plugin for the sake of bashing IE.
I don't know about this week's version of the uninstaller, but previous versions were nice enough to leave behind big chunks of the program. Still running. Sort of the way a tick will leave its head behind if you yank it out with tweezers.
This is a pretty common and ugly tactic among spyware developers.
Whens it coming out for Mozilla?
Opera announced a 220% increase in the number of downloads.
Seriously, though, if you have to use Windows at work (which is my case -- *sigh*), try Opera 7... You'll never look back on IE again.
At least that's what I did -- Opera 7 for windows is schweeeeet! =)
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
Heh. I'd like to see the script kiddies and virus writers try to emulate stuff like this. Either it's legal and anyone can do it, or it's illegal and they shut everybody down.
You could have an anti-Microsoft toolbar. Anti-RIAA/MPAA/DMCA. Pro-linux toolbar.
A Goatse toolbar...no that's too terrible. Ban it. Ban it all.
If you have got this stupid toolbar installed, here are some removal informations. Basicly, you need to edit the right regkeys and delete some VBS files
I don't know what you are talking about but Xupiter is known for taking over IE without prompting you.
I just went through 20 minutes of deleting it!
"Only one thing, is impossible for god: to find any sense in any copyright law on the planet." Mark Twain
My wife was unfortunate enough to "click through" and victimize herself with this thing. I happened to notice 20-30 different sessions being generated every few minutes through our firewall and started tcpdump to find out what was happening.
After finding that it did indeed have my wife's credit card number/home address/phone number I asked her what she used it for; She said that she didn't know where it came from but that it was causing her laptop to crash about every ten minutes ever since it added itself to her IE toolbar.
I then spent about 3.5 hours hacking the WinME registry trying to peel this thing out of her laptop because it's 'uninstall' doesn't!
Perhaps the DMCA might have one useful purpose...
perspex -- ruler of all cheez (tm)
...and it nicely helps you avoid the trap.
There's a free version.
http://www.panicware.com/
In earlier versions of IE for windows (like the ones that come bundled with windows 98 or ME and maybe 2000) there is a very well-known security flaw that allows malicious code on a website to make the computer download and execute arbitrary files without confirmation from the user. Most people are too stupid to download the updates to fix that vulnerability, so they should blame themselves. But that's how spamware trojans like Xupiter often spread.
And anyway, isn't that the digital equivalent of mugging and rape? I mean they either install the thing on your computer without permission and it totally fucks with everythig, or they trick you into installing it by outright lying about it and not telling you what a piece of shit spamware/spyware TROJAN HORSE it is. Couldn't they easily be sued for fraud and/or hacking people's computers?
Repeal the DMCA!
Any company who unknowingly installs spyware, adware, etc. should be prosecuted for distributing a computer virus. Seems reasonable to me. Many of these programs seem to have affects WORSE than many viruses. They crash your computer, violate your privacy, and infringe on your right to free commerce.
Heck, if you get SQL Slammer worm, you can atleast get rid of it. These new spyware programs really are a disease like infection.
Start throwing some of the company's CEO into prison for a few years, and our problems will disappear.
Get a copy of GoBack 3, and use it.
Works great for the removal of viruses, fixing system crashes that damage stuff, etc.
Even aside from that, why the hell does IE do installations directly from a web page? That's beyond idiotic.
Let's see, we have the technically illiterate on one hand. These people fall prey *far* more to malicious remote-install links than they are benefitted by deliberately remote-installing software. Not benefit to IE's behavior there.
Then we have the technically ept, who are quite able to download, save, and run an installer if they really want to run it. No benefit to IE's behavior there.
Frankly, IE's behavior takes a position of extreme trust of the remote end, which is just plain *stupid* in today's world.
May we never see th
Lets play a game, which of these words doesn't belong in this list:
Spyware
Popups
Adware
Mozilla
Outdoor digital photography, mostly in New Engl
La la la la exploit, la la la la description of exploit, la la la la list of many other unpatched IE holes, some are over a year old. This one in particular is over 4 months old.
It lets you block popups, window resizes, window moves, etc. at a very granular level (per domain).
Use another browser. I use either Opera or Mozilla (whichever suits my fancy) at home, and need never fear this toolbar.
http://www.xupiter.com/privacy.html
Read just the first couple paragraphs to find out what they admit to collecting:
Your time zone
Sites you visit and for how long
How you enter and exit sites
Response rate to ads
Applications on your computer (to resolve SW conflicts...right).
License terms can be found at http://www.xupiter.com/terms.html. Frankly, I am scared to read them.
peptidbond
peptidbond I was crazy once....
Microsoft isnt liable for security bugs, do you hold GM liable if someone breaks into your car?
HOW DOES Xupiter WORK?
We provide you with advertisements that match your interests to make your Internet experience more satisfying. We determine your interests by collecting information about what sites you visit on the Web. For example if you visit a travel Web site, we may present an advertisement that promotes the sale of airline tickets. These special offers and advertisements may be displayed using various browser enhancements and pop-up windows on Web sites you visit.
Standard Web log information and computer settings such as your IP addresses, browser type and versions, screen resolution, time zone selected and the version numbers of some of the software installed on your computer.
Information about Web sites you visit -- this information includes the Web sites address (URL), the amount of time spent at a Web site, and how you entered and exited a particular Web site.
By using the Xupiter software application we are able to create a profile that is used to select and deliver special offers and advertisements that we think might be of interest to you. This profile is stored on Xupiter servers and contains the following information:
Your Xupiter ID which is a numeric identifier that is generated by the Xupiter software application.
A historical record of content and advertisements delivered by Xupiter, and the response rate associated with the content and advertisements that was delivered to you through the Xupiter software application.
I think that qualifies as close enough to collecting personal information...
You may like and use MS products, like Office, and still be throroughly disgusted with IE.
It occurs to me that since the US advocates pro-active hacking (ie: "The bill will create a legal safe harbor for what Berman euphemistically calls "technological self-help measures." He really means 'technological vigilantism', but whatever you call it...") why not hack xupiter for infiltrating your computer? Certainly I did not authorize Xupiter to install this toolbar, NOR did I authorize Xupiter to instantly re-direct me to their webpage whenever I cannot access a page on the net. Therefore, what other personal information of mine are they stealing/taking? what other private, possibly lucrative ideas are they stealing from me? I feel I have the right under said legislation to hack Xupiter and attempt to find my own data. I cannot be blamed however if I accidently misplace a few files in the process can I?
f'Xupiter.
Oh, I'm using Konqueror... Hehe.
If, as people on this thread are suggestion, this software exploits a security flaw to install itself without authorisation, how can this not be conisidered a Trojan, and classified as such by anti virus vendors?
Funny, I just tested this on a stock install of win2k sp0, and got nada. Perhaps you changed your security settings?
funny munging
I use Phoenix now, so why do I care? Besides, I'm not stupid enough to leave my security at the default level in IE. Which I use when I'm in windows and there's a weird page.
If I had a lawyer, and I was a business, and this thing automatically installed itself on my computer without my permission, obviously it is doing something to get by my security. Which means it's hacking into my computer. Any company with a laywer and a computer can sue these guys and get a nice sum with almost no effort.
The GeekNights podcast is going strong. Listen!
Shouldn't be. This should be on all the sites my mother goes to, like home and garden, etc... This community knows better than to randomly click 'OK' buttons and what not. Most of use don't run windows let alone IE. While its always interesting to hear about the goings on of slimy companies like this, its not really needed out side of a blub really.
On another note, I wonder when the gov will dip its big toe in and make stuff like this illegal. This is almost the equivlant of goign to the gas station and having the attendant try to install a gps device in my car without me asking for such a service first. While I REALLY don't want them to even look crosseyed at stuff like this, you know it will happen. Maybe we should get together with local reps now and try to draw up some kind of bill/law/etc.. with them before they start to do it themselves and mess it all up.
I recently spent half a day cleaning out several of these programs after hearing complaint from my kids about how slow the PC was when they where doing nothing more than reading e-mail I was distressed to find 15 svchost processes running using close to 100 M of memory I then did a search for files with recent time date stamp I found several odd directories after opening the files I was more disturbed to find a log of all the web sites they had visited how long they where there
I will admit the main fault was mine for setting the OS (windows 2000 in this case) with permissions to install apps (I was sick of logging in to install the flash updates) it turns out the bonsi buddy includes in its ULA the right to install any thing it wants when ever it wants now keep in a minor had agreed to this "contract" I have now reset the permissions on the OS and blocked with my firewall these sites.
http://xupiter.com/uninstall
When will a mozilla version be available?
That's what you get for running IE.
REAL MEN parse the raw html in their heads and just imagine what the pictures are from the tags.
Wimp.
You guys are amazing. Really.
It's a problem with default permissions in IE - they're too lax. MS deserves blame for this. But it's not another security hole.
Christ, Slashdot is at least as guilty of spreading half-informed FUD as Microsoft. Probably more.
The editors take particular joy in posting articles about every single MS security flaw, but neglect to mention that Lunix and OSX probably have at least as many flaws, but they aren't targeted because they're not as popular.
I know you're all jumping over each other to post an anti-microsoft sentiment to get some karma, and it's really sad.
Please, before you go spouting opinions, know what it is you're talking about. Otherwise you sound like the Lunix equivalent of Microsoft's FUD department... which I suppose is a better description of Slashdot than "News for Nerds."
Posting as AC because CmdrTaco can't take criticism.
--MondoMor
Somewhere along the line, my browser must have been hijacked and I got stuck with this little piece of badware. I used Ad-Aware to detect and destroy, but I got a little creative. I kept the C:\Program Files\Xupiter directory, and set the attribute to read-only. I'm hoping that any future attempted hijackings will result in the installation failing due to the inability to create or write anything into the Xupiter directory.
attrib +r "C:\Program Files\Xupiter"
You certainly are quick to know about the "uninstallation" directions. You got nailed by it, didn't you?
May we never see th
Software like this is so commonplace. It's sad that the general public has no way of voicing thier dislike for Adware (or at least not in a way that makes any difference). Most people just seem to live with it, uninstall it, but never complain to the company or any privacy group.
It amazes me that any company can make money off of these spyware programs.
The icon used by /. to cover this topic actually suggests it would be IE/OSX.
OK, I know there is Safari now (in case you'd be afraid it would pollute your cosy Jaguar) but the article doesn't make it obvious that this only covers the IE/Win browser.
Or maybe I am wrong and it actually covers any version of MSIE ?
Trolling using another account since 2005.
Why do people put up with this stuff.
First I got fed up w/ aol and all their bullcrap, then tucows and their persistent popup window, real and their slew of mystery apps that install themselves all over the fckin place. I haven't been to any of their sites in years, nor do I have any of their software installed on my machines.
P.S. - I'd love to see someone sue their asses.
...being stupid, there wouldn't be any funding going to dot-coms any more. Stupid Windows users subsidizing my Internet experience is okay in my book. Heck, I'd love to see even more people using Internet Explorer.
Thats why I use Mozilla
It's not much different than if someone downloads a file to the desktop and decides to double-click on it.
Ultimately, the user should read any warning message that pops up, whether it's from IE, your anti-virus software, or from your OS.
Amazing magic tricks
I think I know where IE has a "loophole". The default setting for running a Java Applet is enable. I wonder if they are using Java as a piggy back for their toolbar?
I went through the settings and saw that was the only place where something more complicated could be downloaded.
Thoughts?
"You can't make a race horse of a pig"
"No," said Samuel, "but you can make very fast pig"
Is there a XULpiter available?
Fortunately, there aren't many people like you (Mozilla users)...there are far more hordes of stupid IE users. These suffer through popups and popunders and spyware so that money can be infused into the Internet to subsidize my fast, ad-free experience. Well, and yours.
Here's to IE!
My IE settings on one of my boxes was set at default, as they had never been changed. Browsing to some site (either Geocities or Tripod) evidently downloaded it and installed it. There was most definatly NO dialog box, or request to install. Literally, I came back to the machine, started IE, and there was a toolbar that wasn't there before. Freaked me out.
AdAware found it, and tried to removed it, but not everything was deleted, as there were still at least 1 or 2 DLLs that were registered and running, that couldn't be deleted. Couldn't find the processes, either. Had to use regserv to get rid of them. This company is about the lowest of the low in my book.
Just quit using explorer. People I know who have have fewer problems on their systems.
When will people learn.
"We are all geniuses when we dream"
- E.M. Cioran
I have never checked 'always trust' and have wished for a 'Never trust, key their car, and don't ask me again' checkbox for a long, long time.
Especially after the "Microsoft is no longer a 'Trusted' party fiasco of last year.
If you can't trust Bill, who can you trust?
Thanks for listening, Bonzi Buddy. You're my only friend.
does anyone know if there is a one step uninstall for xupiter? i dont need to install ad-aware on 50 computers well yeah i do but the tech people here wouldn't like that.
Anyone?
Xoom
...people should learn the joys of browsers like Mozilla and Opera.
I recently updated IE (it has a problem with Cartoon Network's gToons game) so I could do a little gaming. I noticed when I bumped it up to 5.5 that it gave me a list of things to install along with it, including Media Player, Outlook and Script Support. Script Support? Isn't that IE's problem in the first place? You'ld think they'd take that sorta crap out. Long story short, I unchecked everything but the browser update, and sat back while my painfully slow 56K connection chugged away.
After about an hour (damn Adelphia), I ran the update and of course, rebooted. Once I was back in Windows, I fired up IE, only to be greeted with an alert window telling me "Hey! You need to get Script Support!" Now, didn't I tell it that I didn't want that in the first place? After telling it that I never want that crap installed on my machine, things have been fine, but I still can't play gToons. Not to mention the damned thing made itself my default browser again without asknig my permission...
Crap like this Xupiter nonsense is exactly why either Microsoft needs to clean up it's act (script support is usually what starts up web-based virii), or people need to actually try and learn something about computers instead of sticking with the Beast for the easy factor.
Blog Prophyts - Right On, Man
Wow. After my 15th or so run-in with Xupiter last week, I considered submitting this story to /. myself. Bah.
Anyhow, the best page for information and removals which I've found to date is at http://www.allentech.net/parasite/Xupiter.html
The removal info has worked every time, with the exception that on WinME it is usually possible to just drag the Xupiter folder into the Recycle Bin and delete it directly after a reboot.
So if I leave my front door unlocked and some one comes into my house and assults me, it's my fault for their breaking and entering? Microsoft may have designed a less than ideal system, but it isn't their fault that this company is designing software that intentionaly exploits flaws in the security.
can someone point out to me why my post was a troll?
I agree. But it's interesting to note that if this software had been written by an individual, rather than a corporation, the FBI would already be looking for the culprit. For some reason, corporate misbehavior is below the FBI's radar.
From the article:
It's a browser toolbar that some swear is doing "drive-by downloads" -- installing itself without users' permission -- then taking over their systems and making it impossible to uninstall.
Technically, this is a virus. And IIRC, "unauthorized alteration of a computer system" is punishable by 5 years in prison and up to a $250,000 fine.
The society for a thought-free internet welcomes you.
but what if you agreed on installing the product?
That's what you do when you click "Ok".
Artaxerxes
HKEY LOCAL MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Open a DOS command prompt window (Start->Programs->Accessories) and enter the following commands to deregister the toolbar. For Windows 95/98/Me:Or for Windows NT/2000/XP:(If your Program Files folder is something other than 'C:\Program Files' - for example because you have installed on a different drive or you are using a non-English version of Windows, you will have to change the commands accordingly.
Restart the computer and you should be able to delete the Xupiter folder in Program Files. You can now restore your home page (Internet Options->General->Home page) and your search settings (Internet Options->Programs->Reset web settings).
For me, this is old news...I already took on Xupiter.com months ago.
One of our users had the toolbar installed because they somehow had their Internet Zone security settings on "Low." Xupiter found its way onto the PC and the rest is history.
Hm. Sounds suspiciously like a trojan horse to me. Doesn't anyone know the difference anymore?
Sam: "That was needlessly cryptic."
Max: "I'd be peeing my pants if I wore any!"
This spyware is not taking advantage of any bugs in IE to install itself without the user's explicit permission, and I don't see anyone providing any evidence to the contrary other than "my girlfriend was surfing the web when..." or a friend of a friend went blind after Xupiter forced itself on him.
It is just another Gator clone. Besides it is easy to block at the firewall, or for that matter remove it by hand, if a user has itchy trigger fingers. I am sure AdAware will also do the trick.
I am a virus, put me in your
Sometimes pop-ups pop...up as you're typing, and you might, just might hit enter (i.e.: OK), by accident.
IE's behavior is stoopid.
Ultimately, the user should read any warning message that pops up, whether it's from IE, your anti-virus software, or from your OS.
Kazaa is/was programmed in Estonia, was it not? So the threat of RIAA lawyers is something they won't have to worry about ;)
Even aside from that, why the hell does IE do installations directly from a web page? That's beyond idiotic
So I guess you dislike mozilla too?
Hint: Google for xpinstall or go to mozdev and install a browser expansion - directroly from the web page.
It's not much different than if someone downloads a file to the desktop and decides to double-click on it.
I'd argue that it is. First they have to see a (familiar) file-dialog box pop up. They aren't just hitting "OK" in a box -- they know that they are saving a file somewhere. Even novice users are generally pretty familiar with the file open/save dialog boxes. Second, they have to navigate to their desktop. to save the file. Then they have to click "save", switch to Explorer, and then double-click the icon. Again, double-clicking is a fairly familiar action, and people are aware that yes, they are openin something. So we have many steps, including familiar steps that will tend to clue even a novice Windows user, rather than a single "OK".
Ultimately, the user should read any warning message that pops up, whether it's from IE, your anti-virus software, or from your OS.
Windows users are *innundated* by dialog boxes. Every time they delete a file. A whole slew of them when they install software. Four hours ago, my roommate was using a TV-viewing program that brough up a message box telling him that he'd "enabled option foo" each time he clicked a checkbox in the prefs dialog.
In addition, Javascript can bring up message boxes (idiotically enough, this is enabled by default by MS). So most users (*especially* Internet Explorer users) run into a ton of message boxes while browsing. Yes, perhaps they should go through each dialog box and examine it, but that's very time-consuming. If you read through Apple's Human Interface Guidelines, you'll notice that the *vast* majority of rules for menus and modal dialogs are designed around one single goal -- letting the user *not* have to examine each dialog box once they're familiar with it or boxes in similar software. The point is that Windows users are sick and tired of dialog boxes, and *do not read them* in detail. And they shouldn't *have* to be screwed over if they skim or misread a box when simply web browsing. A Javascript should not be able to take malicious, destructive action just because someone clicked "OK" in one of a series of dialogs that a Javascript popped up. To set up IE to operate this was was irresponsible in the extreme by Microsoft.
May we never see th
If it looks like a duck and quacks like a duck, then it's a bad analogy for software, innit?
I don't know how you call it, but if it crashed your computer, refuse to uninstall, send private information, have your credit card number, etc... maybe we can convince virus software companies to define it as a virus? A malicious code at best.
This somehow wormed its way onto my system a month or so ago. It took me at least four hours of trying different remedies, spyware removers, and registry mucking-around to get it off, and it still rendered IE6's "auto search" (i.e., type a phrase into the address bar and get a Google search results page) unusable and unfixable. That's when I switched my default browser to Opera, and I've never looked back.
Faramir was Boromir's brother. Denethor was his father.
You are in a maze of twisty little passages, all alike.
I work for a fairly large tech support / helpdesk outsourcing company. Programs like this are de facto viruses from the point of view of the end user. 90% of the ones that I talk to have no idea what this is or how it works, and no idea how it got installed. I remember talking to this one person who'd had Xupiter installed and their story was "Well we clicked Yes by mistake once...."
I find it hard to believe that it would install itself with everything set to default on a properly updated copy of IE 6.0 SP1. It's much more likely that Xupiter is just betting on people clicking yes to the security warning prompt.
Taken from Xupiter's end user agreement: To further enhance your media viewing experience, Xupiter reserves the right to run advertisements and promotions based on URLs and/or search terms users enter when navigating the Internet. Other enhancements and to allow access, users web browser, start page, search page, auto search option, bookmarks and default error page will be changed, along with the Xupiter accessory toolbar added to the web browser. Active desktop panel will be installed on the users desktop which will enable active desktops on the system for special promotions. Our software license requires that users browser start page be set to Xupiter.com in order to continue use of the Xupiter toolbar, from time to time we verify that users start page url is set to Xupiter.com, if it is not we reserve the right to alter it back.
Great - it enables active desktop too; what fun!
Do not taunt Happy Fun BarTM
to Xuranus...
Check out this part of their license agreement:
(a) This Agreement constitutes the entire agreement between the parties concerning the subject matter hereof;(b) This Agreement and any dispute arising out of it shall be governed by the laws of Hungary; (c) Unless otherwise agreed in writing, all disputes relating to this Agreement (excepting any dispute relating to intellectual property rights) shall be subject to final and binding arbitration in the country of Hungary; (d) This Agreement shall not be governed by the United Nations Convention on Contracts for the International Sale of Goods; (e) If any provision in this Agreement should be held illegal or unenforceable by a court having jurisdiction, such provision shall be modified to the extent necessary to render it enforceable without losing its intent or severed from this Agreement if no such modification is possible, and other provisions of this Agreement shall remain in full force and effect; (f) A waiver by either party of any term or condition of this Agreement or any breach thereof, in any one instance, shall not waive such term or condition or any subsequent breach thereof; (g) The provisions of this Agreement that require or contemplate performance after the expiration or termination of this Agreement shall be enforceable notwithstanding said expiration or termination; (h) you may not assign or otherwise transfer by operation of law or otherwise this Agreement or any rights or obligations herein. (i) This Agreement shall be binding upon and shall inure to the benefit of the parties, their successors, and assigns; (j) Neither party shall be in default or be liable for any delay, failure in performance (excepting the obligation to pay), or interruption of service resulting directly or indirectly from any cause beyond its reasonable control.
Isn't that bloody well lovely?
Blog Prophyts - Right On, Man
So what happens to one of those "real men" when they accidentally try to parse an MS HTML page in their heads?!?
--- I wish I could hear the soundtrack to my life. That way I'd know when to duck.
Probably because the popup is a fake user interface dialog. How in God's name does even a novice user inadvertently grant permission for a software install when their original intent was to close the window? Or is it common knowledge these days that the X in the top right corner of a dialog box is synonymous with the OK button.
Bonzi is being sued for this, and these scumbags deserve the same.
I myself have been the victim of random clicking errors when a million popups come up.
Sometimes people don't want to install it on their computer. Popups seem to be strategic, though, so that they popup in front of key links at key times. If you're clicking on a link because you're not used to the popup being there, or use Mozilla or some such thing, and a popup pops up, you may accidentally click on the popup.
And when you have numerous popups to close, sometimes you make mistakes, especially when popups are still popping up.
It's important to remember that just because the program says "click here to install", doesn't mean that's the reason why someone clicks on it.
Mysterious index.dat files tracking your browsing, pop-up windows, vulnerabilities all over the place, broken HTTP requests unless you're connecting to an IIS server etc etc.
Mozilla is good enough for me - I've even converted a couple of friends.
When I am king, you will be first against the wall.
So that's what this Xupiter thing is! I was visiting my family this weekend, and my sister asked me to fix her Win98 computer. IE was crashing every time she started it. I found this set of program files under this "Xupiter" directory and a bunch of load-on-startup registry items referencing them. Most of the files in this directory were locked by some running process, of course. Apparently, this Xupiter was not only self-installing but also Win98-unfriendly. And there was no uninstall program.
Restarted at DOS prompt to delete all the files. Regedit to remove every registry entry containing "Xupiter". After that, everything worked just fine, and I cranked up the security settings before I left.
Good judgment comes from experience.
Experience comes from bad judgment.
http://www.xupiter.com/uninstall.html
I found this rather funny too:
9. Governing Law and General Provisions.
This Agreement will be governed by the laws of Hungary, excluding the application of its conflicts of law rules. This Agreement will not be governed by the United Nations Convention on Contracts for the International Sale of Goods, the application of which is expressly
So what, basically this program looks like a virus and quacks like a virus? Or is it a duck? Or does is just weigh the same as a duck? Does this mean it is made out of wook? Man, I'm all confused now...
They treat it as a virus.
I followed this on friend's computer and it works.
http://vil.nai.com/vil/content/v_99904.htm
127.0.0.1 xupiter.com
127.0.0.1 www.xupiter.com
Oh, and search M$ for their IE Power Tools and install them. And add *.xupiter.com to the Restricted security settings (which should have EVERYTHING turned off)
I've got to agree. Programs like this are viral and malicious. "and were written to evade removal as well as modify your system in ways that you may or may not have approved"
Where are our elected officials? We are far enough into the "digital age" to have codified this behavior as criminal.
If someone entered your house under false pretenses and without permission painted your walls an ugly color and changed the locks on your doors we would all agree this is at least vandalism.One would think politicians would see this as a slam dunk chance to please 99.9% of all voters.And pass bills prohibiting this anti-social behavior. But I hear nary a sound coming from their reptilian lips.
Surfing to http://www.xupiter.com/uninstall/
and this appeared on my browser
-------------
Xupiter Toolbar Uninstallation process was started.
Please, close this window.
-------------
Sound like those guys are pretty annoyed somehow.
No, they should blame Microsoft. Like that article posted earlier about Slammer, the idea of blaming the victim for the crime is a little skewed. Microsoft needs to engineer better products.
Very true -- the whole "user is the guilty one" approach is a pretty disgusting spin from PR people. However, I'd point out that MS is not the only company that tries to pull this.
If you are selling shoddy software, you may not be legally liable (if your EULA disclaims responsibility for damages, say), but you are *not* an innocent babe when it comes to bad things happening. Customers should avoid companies that try to pawn blame off on their customers for their product's flaws.
May we never see th
Exactly. It's made out of Wookiees. And it floats. Wookiee hair is naturally bouyant.
Hate to break it to you, but Mozilla does do automated installs from web pages. Just head on over to MozDev [mozdev.org] and see for yourself. Many projects, such as OptiMoz and Spellchecker, have automated install links right on the page.
Which only work if a) you actually have software installation enabled in your preferences, b) have write access to the location where mozilla is installed and c) will prompt you BEFORE it installs the software, giving the web server and the package being installed.
Automated installs are extremely useful - it's all a question of finding that balance between ease of use and ease of abuse.
Cheers,
Toby Haynes
Anything I post is strictly my own thoughts and doesn't necessarily have anything to do with the opinions of IBM.
Actually, now that I think about it, my Redhat desktop is kind of boring.....
"doesn't have any security exploits"
If you believe this about ANY piece of software, you are asking for a lot of trouble!
Unless you are going to write a very small piece of code in machine language, for a very specific piece of hardware, there are too many variables to make the statement "This software is 100% secure and bug free"
there could be problems with your code, and with the compiler tools you use. Not to mention the OS.
What? You can't read GIF or JPEG files? Loser.
I recommend don't let this crap get on your computer in the first place. Then don't worry about removal...
e r.html
May I recommend Spyware blaster to do that for you:
http://www.wilderssecurity.com/spywareblast
Seems to work real good.
I don't know what you're talking about, pansy.
Real men browse the web with hexedit.
Sig.i>
Since MS lost the lawsuit and all, and IE is the target for these daggone self-installers...
How/can I make another browser(i.e. Mozilla) the only browser that will run in my (WINDOWS) system? Sure, I can make it default for HTM's, but how can I get Outlook(required here at work) or Outlook Express to either use Moz when clicking links, or even better, having the right pane in Outlook use Mozilla instead of IE.
Can I really uninstall IE and get stuff to work???
Wouldn't it be nice if their were some sort of hardware based solution to the problem that could prevent such code from executing? I would love something trustworthy that I know is signed by the software maker to make my system more secure.
http://saveie6.com/
La la La don't for one second think that open source solutions such as mozilla and phoenix are any more secure. The only reason all their holes haven't been blasted wide open by shit like this is because not enough people use them to make it worth the advertisers' while researching the exploits.
I use IE and i'm going to continue using IE for the forseeable future because it does a far better job of what it does than the competition. Why I think it does is an argument in itself, but lets just say that just because there are bad people with guns wandering around outside, it doesn't prompt me to barricade myself in my house and live in a bullet-proof vest. In other words, I'm not making myself suffer (by sticking to an inferior product) just because there are fuckwits out there that make this shit, and far far more fuckwits out there that click 'OK' on every fucking window they see.
Before you say, I do evaluate most if not all competing products at least on every milestone release, and as of right now they're still all lacking in most of the features that I enjoy in IE.
I got hotbar (or rather it installed itself automatically on my work PC after going to a site), had to download an uninstaller to get it to remove since the uninstaller I got was broken, then after removing it my IE user agent is STILL suffixed with "hotbar".
From their FAQ:
In the terms and conditions of any of our software products it is clearly stated that we grant you a free license to use the software and by installing the software on your computer you agree to use our search services in your web browser.
We're all one big happy family, aren't we?
Error:
In addition, Javascript can bring up message boxes (idiotically enough, this is enabled by default by MS).
Idiotically enough, this is enabled by default by just about every browser for every OS.
A Javascript should not be able to take malicious, destructive action just because someone clicked "OK" in one of a series of dialogs that a Javascript popped up.
It can't. You're mistaking "Install on Demand" (bad thing) for JavaScript alert()s.
The Tooth Fairy is known for leaving money in exchange for children's teeth... doesn't make her real.
If you don't use secure OS like Linux or Mac OS X at least Phoenix or Mozilla as your default browser.
Since I installed Mozilla on my work computer I haven't found any spyware. Before, when using IE I would find tons of it.
Karma: The shiznight, mostly because I am the Drizzle.
I've had some users at work who (knowingly or not) install 50 different toolbars on their workstations.
They are sometimes hard to uninstall and can cause serious problems. It's fun to try and fix IE when it causes an Illegal Operation the second you start it.
Toolbars = Evil
I'd force everyone to use Mozilla but there's still a few problems with it.
Initially every virus is also a Trojan horse anyway. The virus writer has to start the inital propogation somehow and so attaches it to something they know will be downloaded. From there it propogates like a virus by attaching itself to programs that it's victim uploads or gives to others.
Yeah, virus isn't the right term but it doesn't exactly fit into any of the traditional descriptions. Trojan horse is less wrong than virus though.
Chris Kuivenhoven is a thief, beware
If most of the data that Xupiter monitors is the websites you visit (like most spyware) then how can it expect to collect a decent amount of information if its toolbar causes people's computers to crash so often?
"I hate quotations. Tell me what you know." -Ralph Waldo Emerson
a thirteen year old kid writes a virus that emails itself to everyone in your address book. he's found, caught, sentenced and tossed in jail.
a company comes along and writes a piece of "software" that installs itself on your computer without your knowledge, changes your preferences, watches your every move and reports it back to the marketeers, and digs itself into your system so the only way to get it out is to reinstall your entire computer... (oops, by the way, now that you're using Microsoft products, you may just have to buy a new version due to licensing BS) ... and the worst that happens to the company is some negative press (which, as we all know, bad press is better than no press at all).
so, why the hell isn't the FBI busting these peoples' door down and arresting them? what is the damn difference between what they do and what script kiddies do?
Disclaimer: I am aware that I am exaggerating, are you?
Gabriel Ricard
Or go the other way... write a virus that hijacks all the users personal info and sends it to you, then formats their hard drive. Just have it pop up a permission window first, asking the user if they want to install your "Hard drive cleaning untility".
If they click "OK", you're covered... right?
I am NOT a man!
I am a free number!
Is it possible to override the behaviour of the close button (as opposed to cancel) in a JavaScript popup? If it gets installed once can it screw with defaults such that it has an easy in next time around?
Chris Kuivenhoven is a thief, beware
Or sometimes you'll need to install a piece of software for some reason and it automatically installs a bunch of spyware with it.
I am not talking about crappy shareware either but actual programs that I have spent good money on that install crap without asking me.
You'd think /. readers would have been exposed to sufficient information to at least be able to make an informed browser decision.
But people still enable javascript, use cookies, and so on. I remember back when the website registration thing was just starting. I'd argue with people about it, and they'd say "If I register, the site enhances my visit to the site."
THey same for cookies and javascript. What are you supposed to say to people like that?
They're bound and determined to learn their own lessons one way or another. But yes, they do tend to bitch a lot, considering they go through a lot of inconvenience through their poor decisions.
i put xupiter.com pointing to 0.0.0.0 in my hosts files for both my windows and linux machines
- ...it constantly changes the registry settings it uses, making the jobs of spyware removal programs like AdAware or Spybot Search & Destroy much harder.
That's bullshit, of course. Programs like AdAware don't need the registry settings to remove the offending application. It only needs to delete the program executable and the IE registry entries that reference it. And as long as the program exists in a consistent location and doesn't significantly change its file name and/or contents, it can be deleted. And even if it doesn't, "much harder" is still a pretty extreme word choice.What a load of troll crap. Maybe if you actually understood something about UI instead of just spouting shit you read in (of all things) Apple propoganda your comment would be intelligent.
This is the first paragraph of their EULA:
IMPORTANT -- READ CAREFULLY: THIS END USER LICENSE AGREEMENT ("AGREEMENT") IS AN AGREEMENT BETWEEN Tempo Internet ("Xupiter") AND YOU (also referred to as "USER") FOR THE USE OF THE Xupiter SOFTWARE APPLICATION ("Xupiter Software"). YOU MUST ENTER INTO THIS AGREEMENT IN ORDER TO DOWNLOAD THE SOFTWARE AND USE THE RESULTING SERVICES. Xupiter RESERVES THE RIGHT TO CHANGE OR MODIFY THE TERMS AND CONDITIONS OF THIS LICENSE AND ANY OF THE POLICIES GOVERNING THE SERVICES AT ANY TIME IN ITS SOLE DISCRETION WITHOUT DIRECT NOTICE TO YOU. YOUR CONTINUED USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF ANY SUCH CHANGES. IF YOU DO NOT AGREE TO BE BOUND BY THE TERMS OF THIS AGREEMENT, DO NOT INSTALL THE Xupiter SOFTWARE.
It is pretty clear and i take it that they must be showing this before anyone can "use" their software considering the fact that they say that you *MUST* enter into that agreement.
Isn't there a lawyer here that can explain this to me. Because "self installing" and "entering in an agreement" don't mix up very well i think.
IE Toolbars are simple self-registering COM objects. That means that they are controlled by registry entries. If one gets installed, its a simple matter of deleting the associated registry entries to keep it from loading. IE looks in the following key for toolbars which it should load:
e t Explorer
HKEY_LOCAL_MACHINE
Software
Microsoft
Intern
Toolbar
{Your Band Object's CLSID GUID}
Find its CLSID and remove it. Also remove the object's COM registry entry by removing the following key:
HKEY_CLASSES_ROOT
CLSID
{Your Band Object's CLSID GUID}
Be careful though - the menu, address, links, radio, etc... toolbars are also controlled this way. Make sure you're deleting the right entries!
Unless there's some other program running in the background that re-establishes these keys, there isn't any way that IE can load the toolbar if these entries are not present.
Kelly
lexteq.com (we've done a few toolbars ourselves)
"The Tooth Fairy is known for leaving money in exchange for children's teeth... doesn't make her real.
What?! She's not real? Dammit!
So much for my retirement teeth.
psmylie's dictionary: Godzillion (noun) Any number large enough to destroy Tokyo
I always figured that most spyware only gets on peoples machines because the user is using IE. Does Spyware go thru IE because it is the most widely used browser or because of security flaws in IE? I figured that it was because spyware is configured for IE. I always use Mozilla, but if Mozilla/Netscape ever goes back to being the most widely used browser or even with IE will spyware start targeting Mozilla's engine?
I never liked you
You know, we have a name for a piece of code that installs itself without permission, changes settings, takes control of your machine, and fights you when you try to uninstall it. It's called a virus, and last time I checked, distributing such things was illegal and punishable by jail time.
In the end they will lay their freedom at our feet and say to us, Make us your slaves, but feed us. - Fyodor Dostoyevsky
Everyone has already mentioned the altered home page, etc, but here's some more fun:
From their EULA:
2. Use of the Software.
You acknowledge and agree that you shall not... (b) attempt to disable the Licensed Software by any means or in any manner...
Also, Active desktop panel will be installed on the users desktop which will enable active desktops on the system for special promotions.
So, it seems they have a self-contradictory EULA. Section 15 gives an uninstall link, but that seems to conflict with section 2's prohibition on disabling the software. So what exactly does the uninstall utility do? It's an extra download too. Why can't it just be removed with Add/Remove Programs in the Control Panel?
And most annoyingly, they seem to have the ability to set your desktop background to some ad...
sudo eat my shorts
Ive been to many customer homes who have gotten that crap Xupiter installed on their systems. It likes to screw up and crash each time you try and run anything that deals with explorer. Really nice product. Might as well be a virus.
More stuff like this is needed to teach non-slashdot.readers what running insecure software *really* means. Maybe it'll stop a few of them from browsing with machines that catch every worm or virus there is, just to help in the next DDoS-storm...
well i had this thing a week ago. 1st you have to uninstall it from control panels. 2nd you need to take it out of msconfig (if you got it) 3rd do a search in the reg with the name and xtc delete all .dll files and everthing you see that starts with xtc (takes about 10 mins)
4th c\programfiles\ folder delete it and then your done :)
took me about 15 mins total
Software like this is not usually installed by script, it's installed by IE's ActiveX installer. This feature is set to "prompt" on typical IE installs, and simply needs to be moved to "disabled" for most users.
This feature is actually useful - in our internal browser based apps we can install new versions of software without bothering the user (as we make ourselves a trusted publisher on their machines), but the feature was implemented poorly. It should have been disabled by default on the Internet zone.
Let's not stir that bag of worms...
It's not a civil offence (like libel or breach of contract), it's a crime (like breaking & entering or theft). So you don't get sued by the victim if you break it; instead, you get prosecuted by the British government, and they certainly didn't agree to follow Hungarian law.
Besides,
(e) If any provision in this Agreement should be held illegal or unenforceable by a court having jurisdiction, such provision shall be modified to the extent necessary to render it enforceable without losing its intent or severed from this Agreement if no such modification is possible
and that's even if clickwrap licenses are binding in the UK (it hasn't been tested, but the prevailing opinion seems to be that it's unlikely).
trick! It will get you evertime! And don't tell me I know my spelling sucks (+10 point Physcological Disadvantage Can't Spell to Save Life (Frequent, Complete Impairment)).
Onward to the Aether Sphere!
OK, this junk has got to stop. I now download and automagically install software WITHOUT my knowledge or permission just by visiting a web page.
Where is the ACLU when you need them? Anyone have the phone number to Johnny Cochran? Willie Gary? This has to be a violation of my rights. We as users should be able to SUE to regain our privacy and right to have a "working and functional system".
If someone can sue McDonalds for fatty foods, I'm sure we can sue these companies for BAD software.
if (!sig) { printf("Signature Unavailable\n"); }
Xupiter PRIVACY STATEMENT
Xupiter is an advertising supported software application that provides you with additional content and advertisements based on the Web sites you visit most!
HOW DOES Xupiter WORK?
We provide you with advertisements that match your interests to make your Internet experience more satisfying. We determine your interests by collecting information about what sites you visit on the Web. For example if you visit a travel Web site, we may present an advertisement that promotes the sale of airline tickets. These special offers and advertisements may be displayed using various browser enhancements and pop-up windows on Web sites you visit.
Standard Web log information and computer settings such as your IP addresses, browser type and versions, screen resolution, time zone selected and the version numbers of some of the software installed on your computer.
Information about Web sites you visit -- this information includes the Web sites address (URL), the amount of time spent at a Web site, and how you entered and exited a particular Web site.
By using the Xupiter software application we are able to create a profile that is used to select and deliver special offers and advertisements that we think might be of interest to you. This profile is stored on Xupiter servers and contains the following information:
Your Xupiter ID which is a numeric identifier that is generated by the Xupiter software application.
A historical record of content and advertisements delivered by Xupiter, and the response rate associated with the content and advertisements that was delivered to you through the Xupiter software application.
HOW DOES Xupiter AUTO-UPDATE?
Xupiter software has both client and server-side components. Xupiter servers communicate with your computer frequently to ensure that you have the most recently released version of the Xupiter software. You acknowledge that Xupiter or parties appointed by Xupiter may from time to time provide programming fixes, updates and upgrades to you, including automatic updates to Xupiter, through automatic electronic dissemination and other means. You consent to such automatic updates and agree that this Privacy Policy will apply to all such updates. Unless explicitly stated otherwise, any new features that augment or enhance the current Xupiter software application, including the release of new Xupiter software, shall be subject to terms of this Privacy Policy.
HOW DOES Xupiter RESOLVE SOFTWARE CONFLICTS?
Conflicts may occur with other software applications that may already be installed on your computer. Xupiter will report back to our servers what applications may be running on your system and will resolve these conflicts whenever possible. This will make our software more reliable and provide you with products and services that are compatible with your current system settings.
HOW DOES Xupiter DELIVER ADVERTISING?
Xupiter may deliver advertisements and promotions based on URLs and/or search terms you enter when navigating the Internet. This service is offered as a benefit to our users to obtain useful and informative information about products and services offered by our sponsors. We collect aggregate statistics about the URLs and search terms you enter.
WHAT HAPPENS IF Xupiter CHANGES ITS PRIVACY POLICY?
By installing, using, or copying Xupiter you acknowledge that you have read, understood, given your informed consent to, and agree to be bound by this Privacy Policy. This Privacy Policy is subject to change by Xupiter at any time. Notice to members shall be made by adding any changes to this Privacy Policy document, which will remain posted at the Web site. Members agree to review this Privacy Policy from time to time for changes and updates. Notice of any revisions to this Privacy Policy shall be considered effective when transmitted to the Xupiter servers.
HOW DOES Xupiter USE COOKIES?
A cookie is a small file, often containing an anonymous unique identifier. Cookies can be sent to your browser from another computer and stored on your computer's hard drive, or they can be generated by the Xupiter software application and can be stored on your computer.
Each server in communication with your computer can store and read only it's own cookie. You can change your browser settings to disable cookie functionality, although it is not recommended if you are a novice computer user. Xupiter uses cookies for the following purposes:
To display the most relevant advertising based on your interests and surfing activities.
To identify the affiliate that introduced you to Xupiter, so we know how many introductions that particular affiliate made, and how much to pay the affiliate for the introduction.
To identify which version of Xupiter is running on your computer.
WHAT SECURITY MEASURES ARE TAKEN BY Xupiter?
This site has security measures in place to attempt to prevent the loss, misuse and alteration of the information under our control. All information is for our accounting and registration purposes only. Only employees of Xupiter and its licensor will be authorized to have access to this information.
To review the Xupiter.com downloadable Application, Terms, and License Agreement click here.
Comment removed based on user account deletion
The key definition for whether something is a virus or not is whether it is self-replicating in such a manner that it renders an infected host capable of infecting other hosts.
This piece of crap is not a virus, but it's certainly some kind of disease. It is more akin to a hot dog vendor purposely injecting his hot dogs with staphilococus bacteria than it is to catching HIV from a malicious hooker.
However, if you purposely give someone a fatal disease, you are still guilty of manslaughter and can go to jail. I think similar penalties should apply here.
Do daemons dream of electric sleep()?
In Soviet Russia............
HTML parses YOU!
Anonymous, somewhat, but mostly just a coward
The c't IEController (translation attempt here) might be worth looking at... I'm not sure though whether it will prevent the automated installation of crap like this, as I've never gotten around to trying that software myself.
See also this article (translation).
The italicized post was by Nautical9, not Michael. Michael made no commentary.
Thwapp!
I am now trained to use Alt + F4 aggresively anytime I get close to a windows box.
Use winbloz, pay the price.
My friend is on winbloz 2k and he is NOT very adept at computing. He only knows about downloading pr0n in vast quanities and frequently. I've warned him over and over of the dangers of this. His PC is constantly riddled with virii, trojans, BOs, you name it.
If you use winbloz you would have more privacy standing buck naked in the middle of the highway waving at cars.
Now, to add insult to injury, a "friend" of his went to his house and installed that friggin purple monkey crap on there so now he's REALLY getting a raw screwing.
I've lost count of the number of times that his machine had to be low level formated due to extreme infections. He's had hundreds upon hundreds of infections and he just won't learn.
Well, I've had enough of seeing my friend being st00pid so I told him that it's time for him to switch over to Linux. This weekend I'm wiping his drive clean and loading Mandrake.
Install Linux, end of problem(s).
If he want's his pr0n that's his problem but at least he won't get virused up every five seconds and I won't get constant "help me!" calls...
God how I hate M$!!!
IF you're a paraiste that feeds off the blood of animals then aving your head pulled off is not an evolutionary benifit. However being able to grip so tightly to your host that a tremndous force is required to disloge you, is.
The former can be a result of the later.
(Not saying anything to the valdity of the claim that a ticks head comes off one way or another, only addressing the issue that an evolutionary benifit can still cause undesirable effects.)
funny that .... Mac's and linux are immune to all these WindBlows tricksters - muhahaha
....
... i finally reformatted and restored from the backup ... we just wont stand for it
its down to the Mac / Linux user mentality
we simply wont put up with it
so eventually no one continues to try to foist such things on us
case in point . Netbarrier used to overwrite and patch something in the system in OS X
so that once installed you couldnt then ever again use the built in ipfw for your firewalling/routing
they changed their s/w after many many protests from users
but back then they knew that their market for 3rd party Mac OS firewalling was dying
built in ipfw and potentially free "IF-YOU-LIKE-WARE" BrickHouse gui config
despite denials from them that it wasnt, it was actually their attempt to tie us into using their s/w grrr
after an hour of trying to fix things
i know of at least 10 other ppl who have done the same
vote with your £'s and either buy other platforms or get linux is what i say
sorry i know its not helpful if this thing has already auto installed itself
do acts of random kindness and senseless beauty
"5. Software Conflicts.
Conflicts may occur with other software applications that may already be installed on your computer. The Xupiter software will report back to our servers what applications may be running on your system and will resolve these conflicts whenever possible. This will make our software more reliable and provide you with products and services that are compatible with your current system settings."
but they do collect you application-running habbits. And, of course, they probably 'inadvertantly' return the urls that internet explorer is browsing along with the application details.
'Oops'.
ok, I know you need it because some dumbasses use frontpage tags, but let those site owners know you don't appreciate their reliance on IE.
BTW, this crap of taking over your internet preferences without notice should be illegal.
in squid.conf
.xupiter.com
acl known_bad_urls dstdomain
http_access deny known_bad_urls
What? You mean you're not using SQUID and are placing Windows boxes directly on the internet?
Then you're a freakin' moron!!!! And deserve what you get.
The article says that it is claimed that the user doesn't actually need to approve installation, in which case it's a virus. They then hedge to say that maybe you have to click "OK" on trickily-worded pop-up; if so, it's a trojan.
That's OK, I listened to a radio show about Slammer on the way in today. Their 'computer experts' explained that a virus is a program that destroys files on your hard drive, whereas a worm is one that replicates itself. They get paid pretty well for these appearances.
God, I need an iPod.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
...can be had here: http://www.doxdesk.com/parasite/Xupiter.html
Let the /. effect take down Xupiter. Everyone surf on over there, just remember to CLICK NO on anything that might pop-up!
:)
Lets take them down
Real men will give helpful advice because they want to help and not act like snobbish bastards who think they are the gods of all computers.
Gothmolly, eh? Real men wear clothes that have colors other than black.
You can to to their FAQ page which has a link to their uninstaller
'Course, it requires you to download and run another application from the same slimy people that gave you the spyware anyway. And yes, it IS spyware-Read their privacy policy-they freely admit it.
I cannot vouch for how well their uninstaller works because I was never infected (I use a Mac).
As an aside, I was just talking to my friend yesterday on the phone and he mumbled something like, "Xupiter? what the hell is this? This isn't my home page." (He uses a Gateway).
Veritas patesco per quaestio questio. Truth is revealed through questions.
Yeah, but what if the "cancel" button is simply labled cancel, when it performs the "ok" function?
When I got the Xupiter crap, I NEVER clicked "ok".. It was installed on my system through a subversive channel.
Funny thing is that I hear everyone joking around about this Xupiter crap, but I don't hear anyone finding out who is responsible. A spammer was featured on this site not to long ago, and within hours we knew where he lived, who his layer was, and we even had a picture of his newly built house. Why isn't this the case with something just as bad, if not worse. Spam can simply be deleted, to the millions of users that can barely turn their computer on without a call to their computer buddy, this is a horrific.
Care to tell us what program that was, so that I can avoid it like the pest? Especially commercial software should not include spyware.
Even aside from that, why the hell does IE do installations directly from a web page
Agreed, the "security level" should have nothing to do with it..
I looked at their FAQ on their homepage and it had a like to here: http://www.xupiter.com/uninstall.html
That is why every single style guide in the known universe tells you NOT to make the destructive choice the default. If the dialog has two buttons, "O.K" and "Cancel", Cancel should be the default...
If you are running windows, then run Proxomitron. It is a local proxy server. I run it all the time and never see popups. It also kills most other adverts as well.
Sorry, by double-clicking an EXE, you agreed to whatever that EXE wanted to do, even if it's lying to you.
I haven't seen any evidence that this thing installs silently over the web.
Unfortunately, the multi-user security models as found in NT and Unix don't really handle the 'dodgy software' problem very well, assuming that everything running local is trusted.
Nothing to do about that other than switch to Trusted Solaris or wait for Palladium.
Click Here to uninstall the application.
why they cant put an entry in add/remove control is beyond me... oh, I forgot, this is a sypware/trojan/worm/virus, it dosnt like to be uninstalled.
yes, mozilla can do that, but I believe it's disabled by default
All you folks saying "sue" and talking about laws....
1. No individual is going to pursue this. Most don't have the time, finances, or care enough to start a lawsuit against a company in HUNGARY.
2. No politician is going to pursue this. It has little to nothing to do with getting elected. There's already probably an applicable law somewhere, but see #1 for what THAT'S going to get you.
3. No corporation is going to pursue this. They don't care. They'll yell at the idiot employee who installed it, and let their IT department fix the damage.
Wake up guys. Uninstall it, run a different browser, or turn up your security settings and patch often.
Expecting someone else to take care of you is going to get you poor and on welfare with a computer that doesn't work.
What does IE have that Mozilla doesn't? I mean genuinely useful things, not silly twiddly toolbars and the like.
This is precisely why I don't use IE. It's bloody awful. It seems to me that Microsoft is in bed with the adware companies, have you ever noticed that there is an option in every automatic install window that pops up saying something like, "Always trust content from Foo inc." or whatever. Why isn't there an option that says, "NEVER trust content from Foo inc.?" I'll tell you why, it's because companies like Xupiter pay Microsoft to make shitty software.
Now that I'm finished ranting...
I must say that people should be aware of adware and spyware. The problem with most software today is that it is made to be too easy (eg automatic installation of software through IE, as opposed downloading and installing software seperately). Because of this simplicity, we're breading a generation of computer morons. Personally, I think computers should be challenging to use because it forces people to learn how they work. Those who aren't willing to learn, simply shouldn't be granted the privelege of using a computer. Ergo, it would be significantly more difficult for spyware and adware to be in existance.
--
Adobe's anti-counterfeiting softw
127.0.0.1 xupiter.com :P
in your hosts file
Yeah, but Mozilla, by default, prompts you before installing anything. It sounds like, for some default installations of IE, this gets installed without any prompting.
"It take 9 months to bear a child, no matter how many women you assign to the job."
or try k-meleon (which, unlike mozilla/phoenix, is native to the OS)
kmeleon.sourceforge.net
I submitted this a few days ago, but apparently it wasn't deemed worthy.
I use Opera almost exclusively and suffer very few web annoyances. There are sites that are run by crap-heads which only work with IE, so I use it for that, but otherwise, Opera is great. It's also way faster than IE. I have never seen IE act any quicker than Opera. Perhaps it's because I use LAN and DSL access exclusively. Who knows.
Opera also seems to render CSS a lot better than IE. If you have any interest in avoiding the Evil Empire, I highly recommend giving Opera 7 a shot.
"Would it kill you to put down the toilet seat?" -- Maya Angelou
Probably an old one.
Patent: from Latin patere, to be open
Yuo one-eyed IT fucktards are the reason this whole thing keeps propagating in the first place. Haven't you read the above comments? This thing loads itself without "buttons" and such. Did you take a look at the source code of xupiter.com? Did you see where it tries to change the default home page? And this is the USERS problem? I don't think so. IE is wide-open to stupidities such as Xupiter. Xupiter was designed to take advantage of IE security. Either remove IE from all "your" machines or STFU and fix the problems as they come up.
from the EULA: " 5. Software Conflicts. Conflicts may occur with other software applications that may already be installed on your computer. The Xupiter software will report back to our servers what applications may be running on your system and will resolve these conflicts whenever possible. This will make our software more reliable and provide you with products and services that are compatible with your current system settings. "
Talk about slime.
Things are more like they are now than they ever were before.
You must have smarter ticks. Nearly every time I try to remove ticks from our cats the bloody head pulls off and needs to be removed (although to be honest, just leaving them results in the wound scabbing over and the head coming out a day or so later). The only thing I've found that sometimes makes the ticks let go is prodding them with a soldering iron. Yes, I have a very patient cat.
When will Internet users finally get tired of this sort of thing and switch to a different browser? I realize much of the reason IE stays at number one is because Windows bundles it with their OS, and the majority of people can't be bothered to download something else. But at what point do even the moderately clueless finally get fed up with IE's security holes and install something else?
They have every piece of annoying software installed on there 500Mhz computer. From Yahoo Toolbar, to some WeatherBug thing, to Gator, CometCursor...
As a Linux guy, and techie in general, it makes me sick whenever I wonder how much spyware is on that box. Of course they think these things are useful!
Before I installed W2K, the time it took for Windows 98 to boot was astronomical. P.O.S.O.S.
Patent: from Latin patere, to be open
The software ( "YourAnus" ) will ehance your computing experience by forwarding your private emails to random people in your address book with suggestions that they download and links to make it easy. Then the software will play fun jokes on you like corrupting files - especially text files and word documents by inserting random obscenities that you might not notice until you give it to someone else like your boss.
Finally, in order to increase your quality of life by encouraging you to get out and excersize more or maybe walk the dog, the "YourAnus" software will reformat your hard drive replacing your operating system with a mini-os that displays the goatse.cx picture when you turn your computer on. Any attempt t remove this os will result the software kindly resetting your horizontal refresh rate in order to make it explode.
Eat at Joe's.
For some reason, corporate misbehavior is below the FBI's radar.
Oh please! This sounds like a typical anti-corporate rant.
Yeah... the government is owned by the big, evil corporations. The FBI is part of that corruption and never, ever goes after a corporation. In fact, if you owe a corporation money, the FBI will come and collect it from you and beat you up if you don't. Heck, the FBI itself is one big corporation, isn't it?
Grow up!
The only good weather is bad weather.
From the EULA:
... (b) attempt to disable the Licensed Software by any means or in any manner;"
"You acknowledge and agree that you shall not
So you can't uninstall it?
Also in the EULA:
5. Software Conflicts.
Conflicts may occur with other software applications that may already be installed on your computer. The Xupiter software will report back to our servers what applications may be running on your system and will resolve these conflicts whenever possible. This will make our software more reliable and provide you with products and services that are compatible with your current system settings.
"In the event of a merger, acquisition, asset or stock sale, bankruptcy, or other asset transfer (regardless of legal formality), any of our assets may be transferred to An assignee, including personal information collected from visitors to our Web site."
Personal information collected from their website? Wonderful. Good thing I'm on a public computer right now.
Terms
- The Xupiter software will report back to our servers what applications may be running on your system and will resolve these conflicts whenever possible
- Xupiter has included an auto update
... upgrades may include installation of third party applications
- To further enhance your media viewing experience, Xupiter reserves the right to run advertisements and promotions
- . Our software license requires that users browser start page be set to Xupiter.com
Privacy PolicySo yeah, basically the program will pop-up-ad slam you, give away your personal info, install crap software on your PC, and has the ability to change it's "terms" to allow it to do more behind your back.
for old, unpatched versions of IE, there is a security hole (OLD security hole) that bypasses the "open/save" dialog box.
The truth doesn't care what I think.
"rocket surgery"
Hah, now that's even funnier.
No this is a proper term. E.g. I believe Bush is planning some Rocket Surgery for Saddam Hussein.
I briefly looked through the comments, and didn't see this link. My apologies if this has been posted already.
Xupiter is actually pretty simple to remove. Just run that file, and reboot.
http://www.xupiter.com/uninstall.exe
I use Opera and leave the popups shut off almost all the time. However, when i go shopping on the net i enable popups because many shopping sites will offer you good deals with popups like free shipping or some deal of the day or whatever. when i finish shopping i turn the popups back off.
Computer Misuse Act 1990 (c. 18)
1.--(1) A person is guilty of an offence if--
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at--
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
Come on people,
The fact that someone can remotely install whatever the hell they want onto your computer is not THEIR fault. It's not even their responsibility. When you break it down to the most basic level, you go to a website and their server says, "Hello, here's your page, and you need this!" If your browser is an inferior one, it says "OK, sweet! Thanks so much!" How is that their problem?
I agree the coders responsible for these kinds of things are sick individuals, but money can buy anything these days.
It is ON YOU to use software YOU know about. YOU can't BLAME ANYONE but YOURSELF for using IE. I mean we're talking about a browser that had a bug where if you clicked the "back" button on the right (err wrong) page, you could format your hard disk. I put it to you (IE Users) that it is YOUR fault for getting "violated"!
www.opera.com
www.mozilla.com
what planet are you on?
I'd argue that it is. First they have to see a (familiar) file-dialog box pop up.
Where is your arguement? All you did is detail how Windows users save files. There is no argument there, since everyone already knew that.
Javascript can bring up message boxes (idiotically enough, this is enabled by default by MS).
idiotically? MS? I think that should read "conveniently enough, this is enabled by default by most browsers."
So most users (*especially* Internet Explorer users) run into a ton of message boxes while browsing.
again, where are you? Where are these users? Where are they going that causes them to get a "ton" of message boxes? I don't think you have a grasp on the common user nor the power user nor even the internet. Please give me a couple URLs where I can see all these pop-up boxes that I have been missing.
A Javascript should not be able to take malicious, destructive action just because someone clicked "OK" in one of a series of dialogs that a Javascript popped up. To set up IE to operate this was was irresponsible in the extreme by Microsoft.
JavaScript can't do that except in unpatched browsers. MS did not "set it up" that way. Lying like that is irresponsible in the extreme of you.
but, hey, I could be wrong, please send me to one of these magic web sites that most users frequent and are constantly bombarded and maliciously toyed with by the All Powerful JavaScript Alert(); Or admit that you made up your own version of the story and forgot to post it in the 'short fiction' section instead of 'news'.
The truth doesn't care what I think.
Sign them up on every spam list you can think of. At least one of the email addresses is support@xupiter.com ; another has to be webmaster@xupiter.com .
The Tooth Fairy is known for leaving money in exchange...
Viruses are known for leaving megabytes of junk in Exchange.
Follow me
Installs without your knowledge
Intentionally causes harmful effects
Cannot be removed [or at least, tries not to be able to]
Is spreading, by tagging on to other programs an unsuspecting user might download, such as filesharing apps
What purpose is there in the article's stating that "This is not a virus"? It is merely a virus which takes you to the author's home page: A virus made by an idiot who wishes to be caught.
There is nothing un-virus-like about this.
-- 'The' Lord and Master Bitman On High, Master Of All
It installs without permission.
:(
It does a lot of things that you don't want it to.
It checks for updates on reboot.
I think that anybody that finds this on their system should sue them as a hacker spreading virii personally, because that's what it sounds like they're doing.
Reinvent the wheel only at either a lower cost, greater effectiveness, or your own personal enrichment and satisfaction.
But it's interesting to note that if this software had been written by an individual, rather than a corporation, the FBI would already be looking for the culprit. For some reason, corporate misbehavior is below the FBI's radar.
So, do you know this for a fact? Have you called the FBI and reported the crime?
I got pissed by a bait & switch performed by a book site (they were advertising used copies at one price, but when you went to the site, they were all out, but would sell a new one to you for more), and actually went and filled out the FTC form online.
Imagine my shock when, a few weeks later, I got a call from an agent at the FTC, who was following up on the complaint.
Don't bash your government employees until they deserve it. Make the report; then, if they do nothing, start making noise at your local tv station. Offer to come down and show them what happens when you install this software from the web. Then tell them that the FBI refuses to do anything about a federal crime...
If a Wookiee falls out of a tree on Endor, does it quack?
How to remove Xupiter.
I like the fact that the Xupiter site can be used to find anti-Xupiter pages.
"Live Free or Die." Don't like it? Then keep out of the USA
Its written by a corp. That makes it alright. Because All Good Americans (TM) know that corporations can do no wrong.
I left someone house sitting for a weekend and came back with it on! I had to go and search through the registry to get everything removed. Its terrible.
Every slashdotter from the UK should now do the following:
1. Set up a spare computer with Windows 9x and IE.
2. Set IE to the minimal security levels.
3. Browse to that site, taking care not to click OK on any agreement.
4. Videotape your entire session, possibly with a witness, to provide proof that it happened.
5. Reboot, and demonstrate that their software is now illegally installed.
6. File a criminal complaint with your local authorities.
7. File a civil complaint with your local lawyer.
If more people did this, there would be fewer scumbags. We have all the laws we need in this world; they just need to be applied.
rhymes with stupider. :)
So, where can I get a download URL? Where can I find it. No real links on the web site, just an ugly page listing search categories.
"Live Free or Die." Don't like it? Then keep out of the USA
Kick them in they're advertisers, and the related companies of course.
You mean like this? This was taken by the famous squirrel pornographer, Luke!
SQWire changes your homepage, your 404 error page, messes with your ability to view graphics, adds a toolbar, adds their search engine as default,and if there is even the slightest thing wrong with a a page, such as a broken banner link, it flips to the SQWire 404 error page.
And what's worse, you can't uninstall it on your own.
I had it my system until I found SQWire's uninstall instructions on their site. It was easy, once I found that. Just 2 clicks and a reboot, and it was done.
After reading this article, I decided that Xupiter.com has nothing to offer me. Not now, not ever.
So, they are now added to the blocked zones in my firewall. I will be unable to ever see any of their pages again.
What we need is a publically available list of fuckheads like Xupiter so that others can do the same thing. This is what the internet is great at; routing around damage.
Wow what a FUD page, be a good idea if it was even relavent as NONE thats right absolutly NONE of those 19 listed "exploits" even work on my WinXP IE6 + ALL updates, they all die or crap out with various script errors or fail to produce the results they state
anyone got any new exploits ?
watch out i can kill your browser in 1 line
for(i=0;i100000;i++)alert('0wned')
"Let's see, we have the technically illiterate on one hand. These people fall prey *far* more to malicious remote-install links than they are benefitted by deliberately remote-installing software. Not benefit to IE's behavior there."
Blame the dot-bombs for that. My company used to be one of those, and we made a plugin that you had to run a setup to install. Everybody who wanted to use our plugin barfed at that idea. They wanted it to auto-install, or they thought nobody'd ever use it. I'm dead serious.
If that's any indication of the crap other web companies had to go through (Macromedia, for example) then it doesn't surprise me that IE works that way. I wish these people had more faith in the intelligence of their customers.
And that's with the security settings notched up a little, there is no pop up box, wanna test it on yourself? goto lyrics.com and we'll see if you get a pop up box you idiot. I know not to say yes to the stupid installers, I didn't get a fricken choice in the matter at all.
Software is similar, I don't agree to anything by double clicking on it other than the fact that I might like to try out what that piece of software purports to be. Double clicking on it may install a virus, or a Trojan horse or format my hard drive. There are laws against deploying software that does this with corresponding penalties which are enforced if they can manage to figure out who the author was.
In this case the author is a company but the same rules don't seem to apply even though the authors and distributors are much easier to find. The people who propogate this software need to be fined and/or jailed.
Chris Kuivenhoven is a thief, beware
Windows XP :)
I had this piece of sh!t install itself on my computer. Every time you'd type in the wrong URL, you'd get redirected to Xupiter's search page. It automatically installed a toolbar, which could be removed. Hoever, it also checked for updates when IE started, which meant IE would pause for about 5 seconds whenever you started it.
I don't know HOW I got this on my WinXP computer. I think I typed a URL incorrectly, but Xupiter owned the URL. Before I knew it, it was installing itself on my computer. My IE had the default security settings.
I use Phoenix almost exclusively now. Do what I did. Go to Xupiter's website and bitch about this non-stop. Spam them if you have to.
.. use mozilla. (Or Netscape7)
Sometimes I wish I was a plumber, then I'd know how to deal with other people's shit.
Quoted from the Wired article
that that is is that that is not is not
I went to the site in question (http://www.free-game-zone.com/ - thanks for providing the link in your later post), and Opera didn't show any popups. I have Javascript and popups disabled.
How did it get Moz to show popups?..
#1 Wrong, IE can install this stuff without your premission. Even if you never clicked ok and have your "security settings" in IE on high. They exploit the flaws inorder to install it without getting your premission or letting you know about it. I know some pages explot IE to make their page your default home page without providing a confimation dialog box. Or is it your fault that Microsoft's programs keep getting exploited despite your doing everything possable to prevent it?
#2 Thats what they want you to belive. If they installed it with out your premission in the first place, what makes you think that their uninstaller will remove all of it?
#3 So then we shouldn't report or discuss any questionalbe applcations that are nothing more then trojins that exploit secrity flaws for their own gain? If you don't like it here you can go else where.
you forgot dillo and links, the browsers I use most.
There's also netrik and retawq.
Install IE and then try and to uninstall it...
see what it leaves behind...
Forward, retransmit, or republish anything I say here. Just don't misquote me.
duh
There's a fatal flaw with your claim that failing to apply patches for six months is negligence to the point of absolving MS of all responsibility.
MS patches are notorious for introducing new bugs. Or new "features" that break existing applications. Or bundling in totally unrelated things - fix this critical bug in one application, but accept another application being patched to call home. A lot.
Do you remember the service pack saga from a few years ago? SP4 introduced a serious bug, SP5 fixed it but introduced another serious bug, then SP6 fixed that one but... a lots of sites couldn't apply any patches for a *long* period.
Or just read the war stories in the SQL Slammer thread. A lot of sites knew about the recent patch, but were unable to apply any patch because an earlier patch brok their mission critical applications.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
"Yes, perhaps they should go through each dialog box and examine it, but that's very time-consuming."
Are you mad? How many programs do you install in the run of a day that you feel you are wasting a substantial amount of time reading dialogue boxes? And how poor is your memory that you can't remember what actions provoke which dialogue boxes? Never mind that causing users "to be screwed over" with "malicious, destructive action" is hardly being initiated by a toolbar app.
You know, whenever you drive in your car you have to check to see if traffic is coming. Do you stop doing this once you get tired of it, and just skim over the lanes of oncoming traffic? Or what about when you cross the street?
You seem to have an axe to grind against Windows, ostensibly because you are a Mac user, but if I am installing software onto my computer I want to know what it is doing and why, and if it is asking my permission then I should probably devote the brain power to read the request. This applies to ALL operating systems, and beyond that, this sort of "think about what you are doing before you do it" policy should apply to life in general.
"Welcome to planet Xuranus"
"Quoting famous computer scientists out of context is the root of all evil (or at least most of it) in programming." - K
A huge streached asshole? Please share this with those of us who want to remember not to click it and forget the image of this horror!
Well, okay, if you want to nitpick, the average knowledge is going down because new users are always coming on, but of the people already on, the knowledge of malicious code is going up. I've seen a lot of people get a lot more knowledgable about how malicious code works after I managed to "miraculously" save their computer from about 10 pieces of spyware. I'm usually not a dickhead about fixing computer stuff, but when it comes to spyware, I always make it seem more serious than it is so that they're very careful about it in the future. It tends to work... my extended family is quite knowledgable about how corporate tactics really are on the Internet now...
Karma: pi (Mostly due to circular reasoning in posts).
Cancel is the default in this dialog.
Only if someone's there to hear it.
Hokey statistics and ancient misconceptions are no match for a good thought in your head, kid!
...yet they are villified with vengence and put onto anti-virus lists...
Reason is the Path to God - Anon
I would like to throw in another mechanism to inoculate yourself against this and other ones. It is a little bit of a catch-up game though. When you encounter one of these nasties for the first time (and you get the dialogue where you can choose to trust this cert) take the cert and export it into a file. Now go to Local Security Policies (in Administrative Tools) and create a so-called Software Restriction Policy. Choose a cert rule, browse to the cert you saved earlier, and create a disallowed rule. Now if you encounter anything from for example Gator Inc. again that was signed using the same cert (and they only have a limited number of those) it will never be allowed.
Untill the US forces that country to pass its laws and agenda through things like WIPO.
Xupiter claims to be based in Hungary. But it may not be.
First, Xupiter appears to be the same thing as Browserwise. The content of the two sites match, and you can download their malware from either site.
Whois for Browserwise yields:
Administrative Contact: Inc., Browserwise, admin@browserwise.com
Browserwise, Inc
15445 Ventura Blvd
Sherman Oaks, California 91413
United States
(818)229-5631
Technical Contact: Inc., Browserwise, admin@browserwise.com
Browserwise, Inc
15445 Ventura Blvd
Sherman Oaks, California 90413
United States
(818)229-5631
Domain servers in listed order:
NS1.CANDIDHOSTING.COM
NS2.CANDIDHOSTING.COM
A traceroute on Xupiter isn't particularly helpful, but a traceroute on Browserwise leads to "amateurpornhouse.com", hosted on the same server. The server is thus virtual hosted by name, but if you try it by IP address, you get Browserwise, so Browserwise is the main user of that server. "amateurpornouse" is thus either affiliated with Browserwise, or buys hosting from them.
Whois for "amateurpornhouse.com" yields:
SC Enterprises
P.O. Box 91114
Henderson, NV 89009
US
(702) 224-7750
Domain Name: AMATEURPORNHOUSE.COM
Administrative Contact:
Phucksum, Jeff webmaster@sexycouple.com
P.O. Box 91114
Henderson, NV 89009
US
(702) 224-7750
So we check Sexycouple's legal page, and find:
- Custodian of records for SC Enterprises: All records required to be maintained by 18 USC 2257 are kept by the custodian of records, Barry Levinson, 2810 South Rainbow Blvd. Las Vegas NV. 89146.
(Presumably this is not the well-known film director Barry Levinson.)Looking up "SC Enterprises" in Las Vegas, we get
134 Spinnaker Dr
Henderson, NV 89015-5639
Phone: (702) 558-8908
Also, DNS for Browserwise is provided by CandidHosting.com, next to the police station in Tampa, FL. They have to know who's behind this, so that's where to start with legal process.
That should be enough to get the lawyers started.
Yup, one more reason why DRM and Palladium will help stop nonsense like this. By giving Microsoft the authority on what can and cannot be installed on our systems, it makes it so much safer.
I'm not being sarcastic, but Microsoft was smart by introducing these technologies.
Just edit your hosts file and point xupiter to 127.0.0.1.
That should stop it from updating itself while you work on removing it.
(Or, you might have to give yourself xupiter's IP address.)
So, which IP block do we need to drop into the DENY rules now?
:P
Anybody know?
I use iexplore -nohome : it forcefully skips all IE update checking which sometimes sneaks back in. Also loads quicker.
.exe to 'pissoff.exe' to make sure nothing else can run iexploiter.
I also renamed the
ALSO my jsp site only look sright in Mozilla now, even opera has a problem with the table spacing (same with IE) even tho it is valid, and when I refresh, it corrects it (moz rulez!)
'tisn't even complicated.
heh 'tisn't
If we (the US) can't get our way via lawyers, isn't it standard operating procedure to bomb them into submission? :)
GetRight [download manager]. When I had dialup, I used it to download larger files. I used it enough that I decided to purchase the program.
I eventually reinstalled Windows and installed the program [with license key] and immediately Zone Alarm detected the Gator program trying to connect from my computer to a server. Grrrrrr.
Makes you regret paying for it that is for sure.
1. Use Mozilla.
2.Pull down Edit.
3.Select preferences.
4.Select advanced.
5.Select Scripts&plugins.
6. there are check boxes under "allow scripts to," uncheck them.
How ya like dat?
When I connect to a web site, it asks what page would you like and I answer "NNNNNNNNNNNNNNNNNXXXXXXXsomething to replace return address here...", it's then all legitimate too, right? Your argument makes writing worms, viruses, trojan, cracking legal too.
Opus: the Swiss army knife of audio codec
You can forcefully uninstall any IE toolbar using Advanced Uninstaller from Innovative Technologies.
It also works on IE plug-ins and BHOs (browser helper objects).
You can download it from here (CNET).
For some reason, corporate misbehavior is below the FBI's radar.
From the article:
Xupiter.com is registered to a company called Tempo Internet, in Gyongyos, Hungary.
Also, for another strange reason, corporations outside of the US don't worry about the FBI knocking on their door. Could it be that there are actually soverign nations outside of the US that have their own laws and law enforement? Write to your congressmen, ask them to propose a bill to change this fundamental oversight in the FBI's power.
If you like the system configuration the way it is right now, with the apps installed as they are...
Image the drive. Several good apps around (Norton Ghost and others) that will image a drive to a set of CD-R discs, and then you can restore from a bootable floppy/cd and re-image the drive from that cd-r set.
Then keep backing up data files only. If the system ever gets hosed, instead of re-installing everything, you restore from the drive image, and then restore your then-most-recent data files.
Saves a lot of time. You might use a 50-spindle of cd-r discs if you have a lot of stuff on a 100gig drive, but it will be worth it if/when you have to restore.
And if you are a believer in the "Windows is just happier if you do a fresh install every 6 months" theory... this works for that too.
This is my sig. There are many like it but this one is... Oops. Frank, I've got your sig again! Where's mine?
MS puts "Windows Update" shortcuts everywhere. If you never click on them, IE will periodicly take you to the update site.
Once there, you click OK to install their update component.
They probe your software, list updates (all checked by default) and all you have to do is click "Update"
Less than 5 simple tasks that even a child could do.
http://security.greymagic.com/misc/globalDgArg/ - I can display arbitrary files from my hard drive in the javascript dialog. Other exploits don't seem to work.
http://sec.greymagic.com/adv/gm012-ie/vobjcache.as p - Clipboard exploit works, others fail.
These are two near the top of the list that work, while they aren't remote code exploits they illustrate continuing security problems.
Bleh!
if this software had been written by an individual, rather than a corporation, the FBI would already be looking for the culprit.
Do you have some evidence that this is their modus operandi, or are you just making stuff up to justify your personal beliefs?
What is seen in the FBI's radar? Murder, kidnapping, terrorism, cracking, etc. Corporations aren't usually in their radar because, frankly, corporations do not usually engage in those types of behaviors. But corporations are frequently in other department's radars, like those of the SEC, Commerce, etc.
A Government Is a Body of People, Usually Notably Ungoverned
An easy to use interactive log of what global state changes there have been. If a plugin has installed itself it should appear in the log. I should be able to click on the relevant line in the log and then uncheck a box to indicate I want it removed. As it is, if a state change happens, even one that I might have done myself, it can be hard to find the relevant menu options (not to mention DLLs snuck into directories) to undo it.
Doesn't it make you feel good to know that our freedoms are protected by politicans, lawyers and journalists.
You have to click on any of the links. In addition to taking you to the next page, it will put up a popup ad.
Man when are we ever going to catch up? Once again Explorer developers have surpassed the OS browser engineers with a new, insecure, unwanted feature. If OS doesn't want to be marginalized, it needs to add this feature. We still don't have nearly the number of downloadable exploits as Explorer, and now this! Man I feel so obsolete.
"somehow" they got me yesterday when i was surfing around.. bastards!! but i did get it uninstalled after flaming their customer support monkeys. i think its funny that this story shows up after i got hit.. :)
Try heating up a straight pin (like the ones tailors use) with a match, then applying it to the tick. Safer & less cumbersome than a soldering iron.
I like to think of them as parasites. which explains why anti-virus programs don't remove them, because then they aren't viruses but they're still bad.
See the Pictures of the Flood of '08
But, I guess that would be rude, mean and obnoxious.
Almost as much so as refusing to let me visit their site because I use Mozilla or Phoenix.
I probably won't. But I'll probably be tempted often enough.
To further enhance your media viewing experience...
Actually, it makes perfect sense if you change "enhance" to "replace with infinite gobs of shite".
--grendel drago
Laws do not persuade just because they threaten. --Seneca
Been reading a bit of John Bell, have we?
I think the biggest problem for what he proposes would simply be that unpopular people would frequently get shot. Heck, so would popular people. Anyone who's well known enough will have a critical mass of enemies who'd toss in a buck for their assassination. This wouldn't destroy power; it'd destroy celebrity as well.
--grendel drago
Laws do not persuade just because they threaten. --Seneca
Naw, it's just that most virus authors are too lazy to include a 12-page "terms and conditions" shrinkwrap rider that grants them access to the victim's computer.
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
This Xupiter thing sounds like it's more like a virus to me. Not that most spyware programs aren't viruses to some degree or other...
I've thought about this many times, of all it's good and also very bad implications, but if there were an act or law that required software companies to fully disclose all files installed/modified/deleted by their software (or face prosecution) would it prevent the viral nature of spyware? And more importantly, would it increase the amount of security on home computers that are 'infected' by this software?
For example, a piece of spyware that includes a p2p sort of function, for acting as a node or supernode in a larger network, gets installed somehow (like how this annoying toolbar installs itself). Someone in the security (white or black hat, take your pick) field finds an exploit in this spyware and either a.) produces a worm/virus/trojan that takes clear advantage of this exploit to pull of a massive DDoS attack (if possible, mind you) or b.) publishes the report, and then some other party creates their own worm/virus/trojan.
I know the sky is not falling, but is that a viable possibility in the future? Could spyware just be opening the door for something even worse?
Assuming the story is true that it will *auto* install, with out permission or anything this cannot be legal. Might even be considered terrorist like activity and get the feds stirred up..
Though.. I doubt it can 'auto install' with NO warning..
---- Booth was a patriot ----
host xupiter.com
xupiter.com has address 63.236.32.50
mail is handled by mx1.xupiter.com
host mx1.xupiter.com
mx1.xupiter.com has address 63.236.50.196
whois -h whois.arin.net 63.236.32.50
Qwest Communications NET-QWEST-BLKS2 (NET-63-236-0-0-1)
63.236.0.0 - 63.239.255.255
Qwest Cybercenters QWEST-CYBERCENTER (NET-63-236-0-0-2)
63.236.0.0 - 63.236.127.255
Internext Media, Inc. QWEST-JSV-INTERNEXT1 (NET-63-236-32-0-1)
63.236.32.0 - 63.236.32.63
whois -h whois.arin.net 63.236.50.196
Qwest Communications NET-QWEST-BLKS2 (NET-63-236-0-0-1)
63.236.0.0 - 63.239.255.255
Qwest Cybercenters QWEST-CYBERCENTER (NET-63-236-0-0-2)
63.236.0.0 - 63.236.127.255
Snapshot Productions LLC. QWEST-JSV-SNPSHTPR (NET-63-236-50-192-1)
63.236.50.192 - 63.236.50.223
so I added 63.236.32.0 - 63.236.32.63 and 63.236.50.192 - 63.236.50.223
to my firewall block list, and they shalt never trouble me henceforth.
Done! Next!
Java WebStart is the same.
It's gotta make you wonder, do these people make money this way? It's ludicrous though that this company can get away with this behavior while the average person would be in hot water for doing the same, which amounts to a trojan. It's disgusting.
"that result in you getting some nice free government accomodations."
About $200-$500 per day, depending on security, paid for by you, the taxpayer. With 1% of US population in prison (16% of black people, I believe?), that's $200 * (1 prisoner / 99 taxpayers) of your tax bill, per day.
They used to spam me on ICQ. Then I decovered that they own a /26 in aussie land. I found the CEO's workstation. Running Windows 2000. With messenger service enabled. I spammed back, and made threats. They don't spam via ICQ anymore....
I didn't realize Flying Crocodile had moved to Hungary.
You do not nead to use the third party uninstall software.
... (b) attempt to disable the Licensed Software by any means or in any manner; ...
Anyway, if you have the software installed, you have agreed to the licence agreement, which says that you are not allowed to disable it by your self.
Here's the part:
2. Use of the Software.
You acknowledge and agree that you shall not (a)
And if you want to uninstall it, read the licence agreement again:
15. Removal of Software.
IF YOU WISH TO UNINSTALL THIS SOFTWARE OR ANY OF ITS UPDATES, Xupiter HAS PROVIDED AN UNINSTALL FEATURE which can also be found at the url below. To uninstall any of our software products simply click on the following hyperlink and either download the file and run it from your desktop or select open when prompted and the Xupiter toolbar with automatically uninstall from your computer:
http://www.xupiter.com/uninstall.html
that's another good reason to be using OSX/Linux and other non Microshit browsers
I think this problem began when Bill Gates said they could make MS-DOS
No it's not. It's very much enabled by default.
*You* have a cap of six months of unauthorized computer access. *We* get it potentially classified as a terrorist act, capped only at life imprisonment. Lovely justice system we have over here.
May we never see th
Um, no. Apparently, the US believes that their laws (*cough*DMCA*cough*) apply anywhere (*cough*Russia*cough*), and can prosecute anyone (*cough*Skylarov*cough*) for committing a crime anywhere on the planet.
why isn't it out yet? Their site makes it look like it's released but the download links just tell you it's coming next month sometime. There's not even a link to the older version incase you actually wanted to install their software.
MoRe... LaTeR... -=PJK=-
At the risk of being (unfairly) pegged as flamebait:
I think one of the stated purposes of Palladium aka Microsoft Trusted Computing is to give control such as whether something like this is installed back to the end user.
Uhm, getright asks if you want to install gator. Just click the No button instead of blindly hitting enter. Getright is a good program and it actually warns you about the advertising and gator during the install. Grrrr. Time to reinstall windows again huh? Makes me regret not advancing my plan of Worldwide fucktard cleansing sooner than I have.
This is useful demonstration material. It demonstrates how worms can get into your system and some of what they can do. Other than worms, it annoys users rather than trying to spread itself, so it's mostly harmless to the rest of the web. Thanks for opening people's eyes, Xupiter! Figuring out the title of this comment is left as an exercise to the reader.
---
The irony is that Bill Gates claims to be making a stable operating system and Linus Torvalds claims to be trying to take over the world.
Please correct me if I got my facts wrong.
Today's fun was with Internet Explorer 6
I believe it's spelled propaganda. I was going to consider arguing whether or not Apple produces propaganda in guidelines, but to a sane person, the answer is 'no'. To argue with you would be to enter a race against a man with no legs.
The slimiest that I ever found is by a company called commonName. do a google on them lots of hate sites. and it kills your ie
Help or More Info should be the default button for most web install popups. Since few people read the help or read-me's, this may give them a second to think and understand what's on their screen.
So if I wanted to do something evil, I could just do this...
First, put up a web page with an input form (oh, like the one I'm typing at now) and get them to start typing.
Second, do some interesting scripting that will make it do the "install this?" pop-up about 15-30 seconds later. Maybe a hidden frame with a refresh that fetches the evil content on the second load, or whatever.
So, people who type heads-down really get into their message, eventually hit ENTER or Y, and boom - my evil program gets installed with their consent!
Sounds like a winner to me.
Browserwise.com seems to be a totally different company, even the top level where the IP range is purchased from is different. Browserwise.com is hosted at the top level by Level 3 Communcations, while xupiter.com is hosted at the top level by Quest. I looked at both web sites (with Lynx! it's safe... ^_^) and the content does NOT seem to "match" to me.
Sorry but I think you just got carried away in your search and these two companies are not the same, or even related in anyway.
I had a terrible time removing "search and browse" from my Gf's computer. it hijacked the autosearch function of the browser. Evil critter it was, adaware and spybot couldnt get rid of it. I did finally find it but it was an obscure registry entry. But thats not what im getting at here. There is a setting in the intenet CP for disallow any third party 'add-ins' from running under IE (6?). I suggest you turn it on it will cut down on the crap that self installs. If anyone is intrested in the searchandbrowse thing, get in touch with me and i'll try to look it up for you. It took me hours and hours to find.
A couple months ago, I noted that my homepage had been hi-jacked and other odd things were happening to me in IE. I searched around and found Xupiter on my system. I nuked it and forgot about it.
Two weeks later I get the same thing... I got slightly pissed and downloaded a copy of Mozilla. I deleted the IE icon from my desktop and my quicklaunch. After the initial shock of doing things the Mozilla way, I fell in love and now use Phoenix as my primary browser.
Thanks Xupiter! With out you, I prolly would have never abandoned IE.
Str8Dog
using System.Darkside; public
Not sure if anyone has posted this since there is so much in here.
http://doxdesk.com/parasite/Xupiter.html
I tried twice to remove this off my father-in-law's machine (I looked like idiot) and failed but will try the above.
As for all of this...
Xupiter and all of these other whining crybaby ad-bastards need to go back to sending me half price oil changes...snail mail style. Need to nullroute them into the ground.
it's almost like a wash of sanity.
.
If somone in the UK broke in to Microsoft headquarters and managed to download the full XP Source Code with the intention of studying it in order to write better Windows client software then it would probably cost them 3 months in stir and a monkey [£500]
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
It's all about retirement grease.
Finally, math books without any of that base 6 crap in them.
I just used one of my work-mates machines (*g*) (because it has a clean build of Windows2K, IE6SP1 + patched to current as of last Tuesday) having downloaded the uninstall proggie and Spybot Search & Destroy.
I reset all settings to the MS defaults and went to the Xupiter site: It installed without prompting, home-page set to Xupiter etc. Conclusion from this step is that the MS Default security settings suck ar$e.
I used the uninstall proggie - it got rid of the toolbar. Good, but did it get rid of the spyware? I rebooted to make doubly sure.
I then installed SS&D and ran a check: Riddeled with spyware from visiting Xupiter - therefore the uninstallation does not do a complete job. I got SS&D to remove said spyware and rebooted - Spyware gone =)
Being in a corporate environment where the Proxy server is set in such a way as that the ONLY application that it will allow to connect through is Internet Explorer (and only on port 80 - even 8080 and 21 are blocked) using the Windows login (I have tried other browsers that claim to work with this, but they turned out to be either IE extensions or they could not connect through), I have no choice BUT to use IE, as I do not like any of the IE variants. Our admins distribute it with the default settings. Across the company around 400 people have (anti-pr0n URL-filtered) internet access, and many more have limited access (depending on role - either limited by hours of access and/or sites accessable) - in my estimate, that's roughly 900-ish machines from just over 2500 PCs that are, by default configuration, vulerable to either uneducated users or users that have their settings locked-down (Depending on the setup & environment) to getting this piece of crud installed on their machines.
Blame the Tech Support crew? While some would do that, I still feel that IE should have been locked-down tighter against crud like this out of the box.
-Trav
I should really get around to creating a sig.... Nah - too lazy =)
Use Safari, or Mozilla, or anything but IE. Until they start making Mozilla Annoying Toolbars, of course
-Phil "Got Rice?"
> You have to click on any of the links. In addition to taking you to the next page, it will put up a popup ad.
Sorry, I should have said this in my first post - I did so, clicked on at least five of 'em, none showed me a popup.
With mozilla the user is presented with the same dialog each time. I'll recognize a mozilla install box immedialy. IE will popup premission boxes that look like the typical junk add box and install when the user hits cancel to "abort installation" or some such.
Exchange is known for leaving viruses _and_ junk in your mail.
[alk]
My settings on my Win98 box are on default. This Xupiter thing still installed, no warning, no options to not install. This much be a breach of privacy, no company has the right to use any of my computers as their personal playground. Try getting rid of the thing, it's a beast.
"In our office, Xupiter is known as Idiotware. A typical support call from an infected user sounds like: "Hey, um....I've got this thing on my *internet* that won't go away..." PEBKAS. HEY! A popup dialog is not a test of your mouse-clicking reflexes. Maybe they should read it before clicking OK. Next time it will be:Click Here to Reformat C:. Just wait."
"In our office, Xupiter is known as Idiotware. A typical support call from an infected user sounds like: "Hey, um....I've got this thing on my *internet* that won't go away..." PEBKAS. HEY! A popup dialog is not a test of your mouse-clicking reflexes. Maybe they should read it before clicking OK? Next time it will be:Click Here to Reformat C:. Just wait."
The Tooth Fairy is known
I'll stop you right there..
If the tooth fairy is KNOWN, doesn't THAT make her real?
Jus' pickin on ya'..
Isn't this what they call a computer virus.
Once executed it changes parts of your computer without your knowledge doing distructive acts...
yea... this sounds like a virus.
Most people aren't thought about after they're gone. "I wonder where Rob got the plutonium" is better than most get.
According to the site, I have found the magic link, I can get $250,000 for free, and find the best search results, this place is heaven! But seriously, what do these people call themselfs ... companies? How do they expect to make any money by flashing crap at you like this?
Run the uninstall here
I have NOT tested this however, as I'm running Solaris, so I can't tell you if it actually works or not.If they get data through my firewall, have they violated the DMCA?
Someone actually tested the bloody thing rather than randomly speculating. Mod up please.
cheers
Phil
Vino, gyno, and techno -Bruce Sterling
Good point. I've got needle-fine SMD points, which I've never tried.
Domain Name: AMATEURPORNHOUSE.COM
Administrative Contact:
Phucksum, Jeff
I bet he has a moustache on his driver's licence photo.
Vino, gyno, and techno -Bruce Sterling
Checking server [whois.crsnic.net]
Checking server [whois.opensrs.net]
Results:
Registrant:
Tempo Internet
P.F. 284
Gyongyos I, 3201
HU
Domain Name: XUPITER.COM
Administrative Contact:
Reg, Dom support@xupiter.com
P.F. 284
Gyongyos I, 3201
HU
+36.203548526
Fax: +36.203548526
Technical Contact:
Reg, Dom support@xupiter.com
P.F. 284
Gyongyos I, 3201
HU
+36.203548526
Fax: +36.203548526
Registrar of Record: TUCOWS, INC.
Record last updated on 18-Dec-2002.
Record expires on 31-May-2004.
Record Created on 31-May-2002.
Domain servers in listed order:
NS1.XUPITER.COM 63.236.32.51
NS2.XUPITER.COM 63.236.32.52
anyone know what country this is?
The working patch for the vulnerability in question has been around for more than a year. Anyone who hasn't patched yet is just as retarded and just as at fault as someone who doesn't change their oil for a year or doesn't wear their seatbelt despite constant warnings and then blames the car manufacturer when they get hurt.
Repeal the DMCA!
The ability to load instantly? Smooth scrolling? Fully customisable toolbars? Do you want me to continue?
After installing it, the provider of the toolbar starts copying Bob's files completely without his knowledge, and against his will
That, to me, sounds a lot closer to theft, or at least a major invasion of privacy/rights than downloading stuff on p2p
In general you are liable for what the software does to your data/computer, because 1) You are not really forced to install the software and 2) In court you are assumed to have read the legal agreement concerning the software before you used it. If you didn't, that invalidates your case anyway, for obvious (though rediculous) reasons.
I'm not sure about the court thing.. but it makes sense that it would work like that, or else why do EULAs exist?
Thank you! You just made my day.
Long live lynx and mosaic!!! Now, back to our regularly scheduled rant...
Seeing the discussions about how this could've been avoided by using Opera or Mozilla (currently bringing me to slashdot, just for the record), brings a question to mind. How are these "alternative" browsers? Netscape has been around a whole lot longer, so shouldn't IE be the alternative? Just an off-the-wall idea.
One only needs two tools in life: WD-40 to make things go, and duck tape to make them stop. ~G.M. Weilacher
Gee, who woulda thunk -- an insidious piece of spyware coming from the world capital of sleaze -- the San Fernando Valley -- and incorporated in NV to avoid taxes. Sounds like a porn affiliate to me. Gee, I wonder if it has popups to offshore net gambling sites...
20MB is only a 1 hour download on a 56k connection, assuming average speed around 5.3KB/s
Repeal the DMCA!
My systems are set up as minimally as possible for efficiency and reliability. For the life of me, I can't figure out how people manage to screw up their computers as badly as they often do.
I have many friends who have enormous hard drives and have filled them to the brim with all kinds of programs and downloads. Their computers, which are some of the fastest around in terms of hardware resources, run more slowly than an old 286 would if it was running Windows XP through a Pentium IV emulator written in Microsoft GW-BASIC, where the emulator's "RAM" and its processor registers reside on a slow tape drive, with each register on opposite ends of the tape. Oh, and did I mention all the graphics, sounds, windows, and other garbage that shows up all the time as they're running their computer? Just so you understand, all they ever do is write emails and write text in a word processor. But their computers are filled to the brim with crap.
I think the xupiter toolbar would be an innovative addition to my friends' highly optimized configuration.
Sincerely,
The Negra Modelo Troll
P.S., I drink Guinness too. I know I've talked smack on its flavor in the past but you have to find a bartender who knows how to pour and serve it. I can't stand the stuff out of bottles.
I wouldn't say that the only reason that MS has more exploits is because there are way more hackers hacking into Windows because it's popular (although that is an overlooked factor by many /. types), however, the original "+5 /. Insightful MS basher" post was far off from the fact books.
There is no longer anything that can be done with computers that is nontrivial and clearly legal. -- Paul Phillips
Several things somehow got installed on one of my computers (I wonder if it may have been the payload of a klez variant (one that wasnt detected by hotmail's virus scan) that installed itself in the latest fully patched OE) that redirected all new IE windows to that site, without changing the homepage setting (it continually set the lovely microsoft runonce homepage feature!). Additionally it was messing around with my windows *.pwl file, AND the kicker is, it waited 14 days after it was installed to make the visible changes (the default history expiration in IE is 14 days); So, conveniently, the average user can't track where they were when they got this virus! (and none of the virus tracking vendors I emailed will even acknowledge its a virus).
i got rid of my Xupiter tool bar by doing a registry search for xupiter, killing the key, ripping out the guts from the directory. Poof, gone. No more annoying tool bar, casinos, cute fluffy animal porn.
I do suggest backing up your resgistry before attempting this, but is life with the beast, win2k, whatever.
You can render this stuff harmless and never see it if you add the following to your bind9 config:
zone "xupiter.com" {
type master;
file "/dev/null";
};
It's magic, I tell you, magic!
A quote from both:
You could have downloaded and installed one of our many software applications. In the terms and conditions of any of our software products it is clearly stated that we grant you a free license to use the software and by installing the software on your computer you agree to use our search services in your web browser. Any and all changes made to your system are clearly stated in the terms and conditions.
Any questions?
It does take a real MAN to enjoy imaginary pictures on the kind of HTML pages slashdotters are looking at. Wonder if blind people can sue those websites for ADA violation.
Well there's morality, and then there's code.
It might be nice if there were laws against this and everyone followed them, but it would be better if operating systems were designed to prevent it. Which Unix|NT aren't.
Could it be that there are actually soverign nations outside of the US that have their own laws and law enforement?
There are, but the US never sees other nations as soverign. It's always 'us' vs 'them', and when 'them' try to uphold their soverign rights, the US sees it as an attack against the "American way" ie) capatalisn, or 'the rich get richer while the poor get poorer"
I don't get it. I went to xupiter.com and nothing happened. It's just some lame search engine. No pop-ups, no errant behavior. And nothing weird got installed -- that's for sure.
Oh, I'm using Safari on OS X, if that helps. (snicker)
--- Why yes, I am the webmaster of Microsuck.com
Whatever you nasty slashdotters do, don't post the owner's info on slashdot. Or subscribe him/them to all the snail mail stuff, or other spam. What you guys did to the spammer guy is horrific.
So don't track down the personal info of the owner(s) of the tool bar company, and don't post it to slashdot. That is very nasty. Very, very nasty.
Its not disabled by default, if you go to a mozilla browser extensions site, or a mozilla theme site, you will notice that upon clicking the "install" link (as it is usually labelled), a dialog box will appear asking if you wish to install this item. This is similar behaviour to IE, heres an example link to "BannerBlind" (which attempts to remove ad banners via style sheets). http://bannerblind.mozdev.org/installation.html#
Microsoft didn't invent JAVAscript, SUN did. And SUN SUED Microsoft to force them to put JAVAscript in their browser. Don't blame Microsoft for this one!
Netscape, and their own flavor of JAVAscript, "LiveWire" should also take some of the blame.
Don't you remember? Microsoft was pushing VBScript! They would rather not even have JAVAScript in their browser if they could avoid it.
Is now a good time to mention that Ad-Aware v.6 was just released?
I want to install it on purpose now to see what happens.
*I used to be quite irreverent and ignorant. I am probably much smarter now. I seem to realize this every 45 days or so.
I was infected with the toolbar last week, and had to do a little stalking to cool down...
Xupiter.com's netblock is registered to:
CustName: Internext Media, Inc.
Address: 15445 Ventura Blvd., Suite 318 Sherman Oaks CA 91403
Country: US
RegDate: 2002-05-09
Updated: 2002-05-09
NetRange: 63.236.32.0 - 63.236.32.63
Some other interesting things registered there are:
WHOIS whois.dotster.com cashclicks.com:
Registrant:
Erika Online Inc.
15445 Ventura Blvd Suite 318
Sherman Oaks, ca 91403
United States
WHOIS whois.dotster.com nudelink.com:
Registrant:
Universal Net
15445 Ventura Blvd Suite 318
sherman oaks, ca 91403
United States
Registrar: DOTSTER
Domain Name: ABCSEARCH.COM
Registrant:
Internext Media Corp.
P.O. Box 260542
encino, ca 91426
United States
ABCSEARCH.COM is run by a gentleman by the name of Daniel Yomtobian. Do a search and you'll be amazed by the number of lawsuits against the guy for domain squatting.
Sounds like a contender to me.
Mozilla loads about as quickly on my girlfriend's laptop as IE6. I can't compare it on my desktop, because I don't have Windows (and I'm not going to go and buy it just to test how fast IE is) but it loads fairly quickly in NetBSD and Linux. I tend to leave it open anyway, since it doesn't take that much memory (and before you start, think about how IE works).
.dlls). Is being able to make your text wobble up the screen really slowly such a useful feature?
Smooth scrolling isn't something I've ever used, so whether or not Mozilla has it I don't know. Certainly I can't find an option for it in Galeon (which, as I'm sure you know, uses the Mozilla rendering engine, in much the same way that various "alternative" browsers use the IE
Thanks for pointing out that Mozilla doesn't have fully customisable toolbars. I suppose I'd better set mine back to defaults, since they're not customisable. Pity, since they looked pretty much fully customisable to me.
Continue.
The mozilla install box will only install software IN your browser, never on your system. Those programs will always be programs that are part of mozilla, your browser, not your operating system. They won't be able to run a check when you boot, only when you start your browser. They won't be able to run in memory to check changes if your browser isn't running. And (as far as I know), mozilla doesn't allow registry changes from it's internal programs.
With IE, you can install software with a single 'Yes' button that is entirely unrelated to your browser. Take the 'Windows Update' for example, this is a single 'Yes' that changes your system files.
Quite a difference, I would say.
> It can't. You're mistaking "Install on Demand"
> (bad thing) for JavaScript alert()s.
Yep that's the revolting difference between Javascript (ok) and ActiveScripting(tm)(Totaly unsafe at any speed) Basicly they are the same but JavaScript has the 'sandbox' principle which is totaly ignored in activeScripting on windows. _that's_ why it is so idiotic to surf the net with IE. To view a lot of pages you need Javascript (animated menus, mouse over effects,....) which is not nesecarily a bad thing. But 'dangerous' things can be done with ActiveScripting. That fact that you cannot have one without the other is the main reason not to use IE.
we need an "-1 Plain wrong" moderation option!
a virus (which are illegal to distribute)? If no permission is given to install it and it installs without giving you an option to get rid of it. Sure it doesn't spread from your computer to other computers but it spreads from xupiter to home computers so I can see it still being classified as a virus... when is someone gonna bring a lawsuit on companies that thing they can pull this crap and put a stop to it?
I don't have a sig, can I borrow yours?
Mozilla allows popups in response to clicks when "unrequested windows" are turned off.
I am rather suprised I don't see many people using proxies to deal with the "wild wild web" of spyware and malicious javascript/java/flash.
I have found a good combination is Proxomitron and JD5000 filterset. Both can be found here
http://home.satx.rr.com/jd5000/
It works with all browsers that support proxies (EG IE, Moz, Opera, Netscape) and best of all beside's ad blocking it does some rather cool features.
First filter I find handy is
Convert - Flash to Links.
Visit a site that has flash crap on it and it will say Flash removed/disabled. Next to it will be a option to turn on flash for the selected website only. This website URL will go into a blockfile named Allow - Flash.txt
Disable - Applet, Object, and Embed.
Now this is really damn handy as it will disable java applets, embedded crap and activeX objects, IE How Xupiter manages to get through.
If I need a site that has been verified by me that absolutely needs java or activex I can add it to the Allow - ActiveX blockfile.
THIS is basically how Proxomitron and JD5000 work's. It has a lot of features for security/ad blocking and more. Has also the usual filters to disable javascript or tame it down entirely, prevent nasty IE exploit's, etcetra.
To give everyone a idea at what exactly the filters the latest JD5000 update has, below are two pictures showing *ALL* the filters. First is the web page filters, second is the Browser Header filters. Filters that are in black are what I have turned on for day to day use.
Proxomitron's JD500 Web Filters (Jan 13th Release)
Proxomitron's JD500 Browser Header Filters (Jan 13th Release)
If configured right, Proxomitron+JD5000 can secure any browser a lot more, especially IE from all the nasties that rely on Activex to try and get through to your machine.
You must master your joystick like a fisherman masters bait! - Gimpy
I see this as an OS problem rather than a browser problem. OK, IE is full of security holes, has to be patched on a regular basis, flouts several standards, and is forced upon the user. However, the real crime here is an operating system that allows 'applications' to be installed (either willingly or unwillingly) and prevents (almost?) them from being uninstalled. This is the most blatant security hole I can imagine and yet it exists on a huge amount of machines throughout the world. Why can't you uninstall the thing? : the registry. I don't know if M$ will ever be able to backtrack on such a stupid invention but, until they do, I really do not feel in control of my own computer (at least, when I HAVE to run the thing which, unfortunately, I often do).
"Xupiter" ? Like Jupiter but with an X? How do you pronounce X? "Ssst"? So it's "Stupiter"?
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
They're not fully customizable. by 'fully customizable' I mean more than 'being able to skin'. For one thing you can't do things like move the standard buttons and the address bar all up onto the same row, saving screen space.
And if mozilla loads at the same speed as IE6 on your girlfriends' laptop, I suggest you get her laptop looked at, seeing as how there sounds like there's something wrong with it. IE6 loads instantly even on my meagre hardware, compared with 10 seconds to load mozilla and 5 to load phoenix (compared with almost 15 to load on a standard, fresh install of debian 3 on the same hardware). For that matter, i'm fully aware how IE works and I think its a good thing. If its the single most-used application on 90% of Windows computers, why not cache it on startup? Why not integrate it into the operating system and let other parts of the OS draw on the same resources? That sounds like a remarkably efficient idea to me. Why can't mozilla cache itself like that? Phoenix can at the moment but the last I heard was that feature was going to be removed in the next release because of 'compatibility problems'. That sounds like a rather large step in the wrong direction for me, as they certainly won't have secured me as a user until they can sort it out.
And as for smooth scrolling, why did you even bother to argue the point? The fact is that mozilla can't do it. Wether or not you think that it's a useful features probably depends on things like how much you value your computers' ability to render all these fancy 'colours' and interface with one of these new-fangled 'mice' devices. I don't appreciate IE any more for having it, but I sure as hell missed it when I switched to mozilla and it wasn't there.
re: the problem. I have fixed the problem. It will no longer trouble you. Please feel free to contact me should you ever need my help again.
On testing, it takes about 15 seconds to start Mozilla, and about 18 to start IE6. This is, however, on Windows ME. When I've upgraded to Windows 98 I'll try it again.
(Given the facts stated are true)
1. It's self installing without asking the users consent.
2. It then illegally changes a users personal data.
3. It's impossible to remove for Joe Sixpack.
Which in my mind means that this works the same way as any computer virus, and that the company in question should be prosecuted for willfully creating and spreading it, just like in any other case.
--Yep, this happened to me. I made SURE everything *piter related was deleted before rebooting, and I won't be using IE direct over DSL anymore. Squid proxy cache is blocking their domain now.
--These Xupiter guys are real bastards. Somebody should sue / stop them!
.
== WolfriderV6 == I'm willing to admit that *I just might* be wrong... Are you??
Why is it we always assume because someone else doesn't understand or "upgrade" they are stupid?
A friend of mine has owned and used computers for about 8 years. However, he doesn't really understand them. The other day he downloaded MS Media Player 9 and it broke one application and a driver (not just changing permissions - for the record). I told him off and said "don't download ANYTHING you don't need - and particularly don't trust anything Microsoft!!".
Please Slashdotters, get off your fscking high horse for a moment. How many of you buy Sony equipment (knowing full well most techos who repair the stuff will say "unless it's Japanese Sony, it's some of the most overpriced garbage you can get!")? Now who is stupid?
AC
I live about 2 hours away from Gyongyos by train...
So how on earth did that manage to code in the seal of the Elder Gods into a URL?
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming
seen jhm
jhm is Sarek, and jhm is on the channel right now!
* JHM wonders why dpkg remembers that particular nick.
dpkg: Sarek? ermm, sure, and I am Khan
-- Seen on #Debian
- this post brought to you by the Automated Last Post Generator...