Slashdot Mirror
Which Adware and Spyware are the Most Insidious?
the_dreadnought asks: "I was just asked today which adware and spyware are the most insidious by an acquaintance. He asked me if this stuff was really legal, or was it just not important enough for law enforcement to deal with? I know the porn stuff (not from experience,,,ok, from experience) that dials out to foreign countries is one of the more extreme examples, and Gator is well known, but if Slashdot readers could describe what adware and spyware they think is the sneakiest I would appreciate it. Also, any thoughts on whether some of this stuff is even legal, as it is almost certainly not ethical."
Without any doubt in my mind, the most evil form of spyware I am personally aware of is the infamous insidious Gator. Booo, hisss!!!! I am sure there are others, but I'm sure of this: there is a special place in hell for these folks.
Quod scripsi, scripsi.
If somebody leaves a paper bag full of shit on your porch, rings the doorbell and runs away, does it really make any difference whether it's dog shit or cat shit?
Why not?
Because *nix isn't nearly as widely used as a desktop OS as Windows is, and the ones using it are generally more computer-savvy.
Etiquette is etiquette. He kills his mother but he can't wear grey trousers.
Xupiter is a personal demon for me, but Gator is up there as well. Not to mention the uncountable number of little toolbars that install themselves without warning into IE. There was one some time back, I think it was called Bargains or Bargain.com or something like that which was terribly annoying. It was one of those that hijacks your browser and pops up ads whether the page you're on has ads or not.
Personally, I consider spy/adware more annoying than most viruses...
--ShadowKatmandu
"It only takes one true believer to make a thing real..."
Most of the filesharing software people are so eager to defend often install a who's who of spyware/adware today. For an interesting little test, take a clean windows system (no jokes) and install your iMesh kazaa, grokster or any other filesharing program. Then run adaware or spybot against it. You'll see new.net, shop-at-home select agent, gator, and many other nasty little goodies. File-sharing programs running on windows claim to be fighting for user/'fair use' rights, when they are simply fighting for their bottom line as a company. The fun part is that for nearly all of them, if you remove the spyware/adware the programs cease to function. Just my $0.02
owever, this begs the more interesting questions....
"Raises", not "begs".
Anyway, there are a few reasons why there isn't any adware designed specifically to run on popular desktop *n?x systems. For one thing, there's no well-known ActiveX equivalent that lets a script on a visited web page download code and run it with the logged in user's full privileges. But the major difference is that no desktop *n?x system, not even Mac OS X, has nearly as much mindshare in residences as Microsoft Windows, so development efforts directed at Win32 have bigger results than development efforts directed at LSB or Carbon APIs. Businesses don't count because they can more strictly regulate what can be installed on a workstation, possibly through bigger budgets for licensing proprietary HTTP proxy software.
Will I retire or break 10K?
The most insidious are the ones we don't even know about.
This is about the nastiest one I've seen in my consulting work. On its most basic level, it inserts itself into the registry as the default proxy server for IE. Unless you get the registry entry, it'll just keep putting itself back. What gets really bad is that I've seen Netsetter break several computers' TCP/IP stacks entirely. With Netsetter ripped out you get PCs that can dial up, connect, and have complete connectivity except no DNS resolution. And you can't get DNS back without either an in-place reinstall (works for 95/98/ME/XP), or a complete format and reinstall from scratch (NT/2K).
They're on my short list of People Who Need To Be Shot.
Is there *nix spyware?
Why not?
Just give me a minute...
Just kidding. But I haven't seen any spyware for Mac OS and such, either. There's no unix spyware probably because computer savvy induviduals who get freakishly pissed-off by spyware isn't the target demographic these companies are looking for. That and *nix users make up, what, 0.5% of the internet community.
I agree with you on two counts...
1. Last week I used RealOne's "check for updates" feature and it said there was a patch available so I told it to update. The update consisted of a full reinstallation, during which I had to give all of my details again and reset all of my settings and preferences to how they were before. Nice.
2. On my WinXP system, RealOne changes the "start navigation" setting in my sound scheme. (This is the sound that is played when, for example, you open a folder in Explorer. It's usually a click.) Worse, it doesn't just change the current scheme, it changes the *saved* scheme. For some reason it just doesn't want me to have a "start navigation" sound. It wants silence and it does everything it can to get it!
I use RealOne to listen to audio on the BBC's web site, mainly plays and comedy. Last week I contacted Real's customer support and asked (a) why it changes my sound scheme and (b) how can I stop it. Thankfully they wrote back and told me to simply... oh, hang on, no, they just ignored me.
However, I'm going to go out on a moral limb here and say that I don't feel much anger towards Real. But I *do* feel anger towards the BBC because they only make their audio available in a proprietary format which, in practical terms for most users, can only be used with Real's own software. The way I see it, I pay my license fee and I should be able to use the BBC's services without installing a piece of software that I don't like and don't want, made by a company with questionable ethics and poor customer service. The BBC should not be pushing their listeners/viewers towards a company like that.
>At least it's an attractive interface, as opposed to Real's jumble'o'buttons...
LOL!
If you could be told what you can see or read, then it follows that you could be told what to say or think - BoC
Microsoft Windows and that dastardly Messenger service. (enabled by default) that would be the most insidious adware out there.
:)
Much as I hate the Messaging service, calling it adware is like calling your email client adware.
I think we're missing the point when we can just call any application that receives data and presents it to the user adware. Adware is better applied to things *intended* to serve up ads.
Believe it or not, the Messaging service was originally planned to do other things, and in fact, generally is. Just not for 99% of Windows users
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
There won't be much *NIX spyware simply because *NIX users are typically smarter, won't tolerate spy/ad/mal/scum/gator-ware, and are a lot more security conscious than the typical win-drones.
The worst part is, people actually pay money to the scumbags at Real Networks for an 'enhanced' version of the software. These scumbags are, in my opinion, the inventors of spyware. They just didn't make it quite as annoying and virus like as Xupiter or Gator.
Has all the same problems as RealOne, plus the way it gets on your computer is really insidious... it's on there before you even open the box.
Deep Freeze. Once it's installed on a machine, unless they use a boot disk, all changes are transitory. You could even reformat the HD, and it would look like you really did, but after you restart, all changes are gone. You can even define "safe" folders where this doesn't happen, like a shared documents folder.
It's a pain for end users, but if you are already re-imaging daily, it's the same effect without the work.
Contact Me (got tired of viruses emailing me).
There are three ways spyware gets on to someone's computer:
1) You visit a website and it installs as an ActiveX control. However you must grant permission for this to happen. By default, it will ask you on a per control basis. You may change this to always deny or always permit if you wish, but it is up to the user to make the call. MS has done nothing wrong here, they allow you to choose how you want your system security set and what you wish to permit.
2) You install an application that, as part of its install process, installs the spyware. It may or may not inform you of this. This is again, not an issue for MS. If you choose to execute software on your computer there is nothing they could or should do to stop you. It is your computer, after all, and executing software is its purpose. IF a company sneaks in spyware, it is their fault.
3) You voulantarily download and install spyware. YOu'd be amazed how much users think what some of it does is coll and wants to have it. Again, MS is not at fault.
Get off the trendy "Let's blame everything on MS" stick. It isn't there responsbility if others write malicious software and it isn't their responsbility if users install stupid shit on their computers. Linux has no protection against this either. If I send you an app that allows me to control your system, and you install it, Linux will do nothing to stop you. It's not like OSes have a built in evil dector or anything.
there is no need to "detect" unused cycles, all the programmer has to do is set the process to low priority and it will only get run when there is no real work to do...it's that simple.
as for whether or not they actually do this, I dunno, I'm just glad to not have it installed on my computer.
proxy
The problem with most spyware is that if you simply remove it, the software that installed it will also stop working. When the user notices this they will reinstall the software.
You need to find out what the user installed that contained spyware and make sure that software still works or replace it with a non-spyware equivalent. Then make sure the client is happy with the new software, understands why you changed it, and knows why they should NOT reinstall the original software.
455fe10422ca29c4933f95052b792ab2
And dont tell me your mom has some weird prog that macs dont have. That may be a valid excuse for you, but not your mother. She will have a lot less trouble with adware, malware, spyware and the like if you PITCH that PC and get her a nice G4 Imac. She'll love ya. Go ahead, mod this a troll. It's the truth, and you know it.
Windows media player (which is part of WinXP) collects data about what you are listening to and sends it to a MS server. And we don't know what other things are going on under the hood.
Then you don't know how to configure windows. Not only do I browse with IE, my wife and son (9) do so on my workstation as well. My son definitely visits a place or two where adware is pushed and I never have an adware problem. I run AdAware and SpyBot and HijackThis occasionally to verify that things are clean. Every now and then they might turn up something minor (tracking cookies, etc.), but it's pretty rare.
Note... I'm not bashing Moz, Opera etc. As far as I can tell, they're fine browsers. I especially like Moz because CSS2/XHTML behaves the way you expect it to in Moz, which is something I surely can't say for IE.
But the point is, you *can* configure IE even without using third-party monitors and blockers in such a way that this crap doesn't get on your PC. Just because you haven't done it doesn't mean it can't be done..
Also, don't think you're immune just because you don't browse with IE. More adware gets installed by piggybacking on cheap shareware/freeware than just about any other way. So just because you don't use IE doesn't mean you're clean. Riddle me this... If you've never run Adaware/SpyBot/HJT, how do you *know* you don't need some cleanup?. If you are clean, that's fantastic, but reasoning that you don't need it without checking it out is kinda PHB-like.
Can I bum a sig? I left mine at the office.
Speaking of spyware and weather programs, every weather program I have ever seen installs spyware. You might want to doublecheck yours.
Not everything is analogous to cars. Car analogies rarely work.
OTOH, if one distribution or configuration takes over, and becomes popular, you can bet there will be programs there... someone suggested the possibility of adding things to .bashrc or .profile, those are pretty standard tools...
TCP: Why the Internet is full of SYN.