Slashdot Mirror

← Back to Stories (view on slashdot.org)

World's Most Annoying IE Toolbar

Posted by michael on from the someone-will-surpass-it-soon dept.

nautical9 writes "Following the same devious footsteps of the infamous Bonzi Buddy, Gator, and Comet Cursor "enhancements", Xupiter now has their own self-installing toolbar for IE. There are many claims that if you leave your security preferences at their default level, it will install itself without your express permission. And once on your system, it's gracious enough to reset your homepage to xupiter.com, forward all your searches to their search engine, download and automatically launch applications (like gambling applets), and blocks all attempts to set these back to normal. Removing it isn't trivial either - it automatically checks for updates upon reboot, where it constantly changes the registry settings it uses, making the jobs of spyware removal programs like AdAware or Spybot Search & Destroy much harder. No word yet if it collects and forwards personal data."

2 of 817 comments (clear)

  1. Re:Wrong by rnd() · · Score: 2, Redundant

    You're right... Some trojans do exploit holes in old versions of software. IE is not alone here. The same could be done with some versions of Netscape, GNU/Linux Kernel, IIS, Apache, etc.

    Microsoft has helped the situation by creating the automatic update service. It is a small app that runs every day (roughly the equivalent of code run by a cron job, but handled as a windows service) and checks to see if any security patches have been released. Depending on how you set it up, it can notify you, notify you + download the updates, or do all of the above AND install the updates.

    Two things will make the kinds of exploits being discussed impossible:

    1) Completely bug/exploit free code.
    or
    2) Widespread use of tools such as Automatic updates.

    Redhat and Mandrake both have a service that emails you the latest bugfix/security information. This, combined with MandrakeUpdate and RedHat's equivalent tool, can help a sysadmin keep up with the latest patches with minimal effort. It also lowers the bar for the amount of expertise required to properly keep a system secure.

    --

    Amazing magic tricks

  2. Let's see if I have this straight. by syukton · · Score: 0, Redundant

    It installs without permission.
    It does a lot of things that you don't want it to.
    It checks for updates on reboot.

    I think that anybody that finds this on their system should sue them as a hacker spreading virii personally, because that's what it sounds like they're doing. :(

    --
    Reinvent the wheel only at either a lower cost, greater effectiveness, or your own personal enrichment and satisfaction.