The Battle Against Junk Mail and Spyware

wildfrontiersman writes "A New York Times editorial by Brent Staples, The Battle Against Junk Mail and Spyware on the Web, laments 'The story of technology is the story of noble aspirations overtaken by a hard-core huckster reality. This process is on vivid display in the debate about electronic junk mail, which makes up more than half of all the e-mail that travels on the Internet.' He criticizes the new spam law, the lack of attention to spyware and how it threatens our beloved internet."

Boring.

[I'm+back]

Try this link. However, for what it's worth, the editorial can be summarised to "Congress' new law won't work. Won't somebody think of the children!"

Re:Boring.

Try this link. However, for what it's worth, the editorial can be summarised to "Congress' new law won't work. Won't somebody think of the children!"

Obligatory Google Link

for the tin-foil hat crowd, posted AC to avoid Karma-whoring, here.

Re:Obligatory Google Link

[Durin_Deathless]

For when no google link can be had, use this little javascriptlet, just it to your bookmarks(note that I linked to a document containing the source, just paste it where an URI goes in a bookmark). You usually have to tweak the username and email a little, but that is all. Right now, I am zhfyrw90 on nytimes, but that is only now. I don't even know what the password is....

javascript:function%20getString(len)%7Bvar%20chars =new%20Array('a','b','c','d','e','f','g','h','i',' j','k','l','m','n','o','p','q','r','s','t','u','v' ,'w','x','y','z','A','B','C','D','E','F','G','H',' I','J','K','L','M','N','O','P','Q','R','S','T','U' ,'V','W','X','Y','Z','1','2','3','4','5','6','7',' 8','9','0');var%20str=chars%5BMath.floor(Math.rand om()*52)%5D;for(var%20i=1;i%3Clen;i++)%7Bstr=str+c hars%5BMath.floor(Math.random()*62)%5D%7Dreturn%20 str%7Dfunction%20setFields()%7Bvar%20idx,F=documen t.forms;for(var%20i=0;i%3CF.length;i++)%7Bif(F%5Bi %5D.action.toUpperCase().indexOf('REGI')!=-1)%7Bid x=i;break%7D%7Dvar%20login=getString(Math.floor(Ma th.random()*8)+6);var%20passw=getString(8);var%20e mail=getString(Math.floor(Math.random()*4)+12)+'@' +getString(Math.floor(Math.random()*5)+4)+'.com';d ocument.forms%5Bidx%5D.login.value=login;document. forms%5Bidx%5D.passwd1.value=passw;document.forms% 5Bidx%5D.passwd2.value=passw;document.forms%5Bidx% 5D.email.value=email;document.forms%5Bidx%5D.gende r_check%5B0%5D.checked=true;document.forms%5Bidx%5 D.zip.value='99999';document.forms%5Bidx%5D.birth_ year.value=Math.floor(Math.random()*50)+30;documen t.forms%5Bidx%5D.country.options%5BMath.floor(Math .random()*200)+1%5D.selected=true;document.forms%5 Bidx%5D.income_select.options%5BMath.floor(Math.ra ndom()*10)+1%5D.selected=true;document.forms%5Bidx %5D.industry_select.options%5BMath.floor(Math.rand om()*36)+1%5D.selected=true;document.forms%5Bidx%5 D.title_select.options%5BMath.floor(Math.random()* 36)+1%5D.selected=true;document.forms%5Bidx%5D.fun ction_select.options%5BMath.floor(Math.random()*16 )+1%5D.selected=true;document.forms%5Bidx%5D.paper _select.options%5BMath.floor(Math.random()*4)+1%5D .selected=true%7DsetFields();void(null)

Brent Staples the author

[BigHungryJoe]

Is this the black activist Brent Staples? The guy who wrote "Parallel Time"? If it is, then he seems to really be branching out in terms of subject matter. He's not a regular for the NYT, is he?

Re:Brent Staples the author

[Lshmael]

as this biography (warning, embedded Quicktime!) points out:

Brent Staples is an editorial writer for The New York Times. He holds a PhD in psychology from The University of Chicago. His memoir, Parallel Time: Growing up in Black and White, was the winner of the Anisfield Wolff Book Award, previously won by such writers as James Baldwin, Ralph Ellison and Zora Neale Hurston.

Re:I pity no one

[jawtheshark]

You shouldn't pity clueful users that get spyware. You should however help correctly. That is protect them from their own cluenessless.

Typically, this is install adaware to get rid of the junk, and then patch their goddamned systems. Install Mozilla, set it default give it an IE skin, block popups and remove iexplore.exe from their system. Set firewall (of your choice), add an AV ( http://www.grisoft.com for a free as in beer one) and explain the basics. Scare the crap out of them by exaggerating a bit what spyware really does.

I found that this works. People where I pass rarely get viruses and spyware. I have whole bunch of clueless people that I help. Yes, here at home with 4 clueless users, I standardized how they get on the internet (OpenBSD filters the crap) and I have yet to see them get infected with spyware and viruses.

Help the clueless... those who should have a clue get no pity. However, I never encountered anyone with a clue that doesn't know the above.

Re:Spyware a necessary evil for some

[Zocalo]

Care to justify that stance?

I can think of one, just ONE example where this is the case. The Google Toolbar. It's an incredibly useful thing if you can use it (only works with IE5.5 or better) but it does contain one optional feature what might be classed as "Spyware". Specifically, in return for providing Google with some details of your browsing habits you gain access to some PageRank related features. Google does however provide extensive clickthroughs and documentation that detail just what this entails, which is more than most of the crap out there with a penchant to phone home.

Re:Spyware is getting really bad

[Tenebrious1]

At least the latest Norton Antivirus scans some of it and so does Network Associate's antivirus. I wish Trend Micro's would do it too, it probably will soon...

Trend Micro's OfficeScan already detects spyware and spyware based javascript, it's been doing it for at least a year now. Unfortunately, it can't always kill the spyware; my logs show it quarrantining the spyware only to have the spyware reinstall itself and repeating this process each morning several times, but the spyware is winning out.

Help us identify spam sources

[bigberk]

If you know what you're doing with email, and use a statistical filter such as spamprobe (or SA/other bayesian) from procmail, consider joining the community wpbl experiment. This is essentially an IP blocklist built automatically, in real-time, from many statistical filters (no manual user action ). IPs from mail are automatically extracted, classified as spam or good by your bayesian filter, then reported to the central server 24 hours a day. This is not like spamcop.

Re:Help us identify spam sources

[bigberk]

I like this approach, and will likely participate, but I do wonder how the project can avoid malicious data poisoning using zombie submitters and forged examples.

Data contributors are tightly controlled. All contributors are screened, and authentication is involved in any data injection into the database. There is no anonymous data submission, ever. Also, the database requires reports of IPs sending non-spam making it easier to locate abusers of the system (who deviate seriously from the norms). Yes, a contributor could forge data. But since all 'reports' are tagged with a user account, users abusing the system can be immediately removed.

Re:Safeguards

[jawtheshark]

Yes, you are right. Let's take the example of Kazaa. Well, that is part of my explanations about spyware... Use freebies and you're screwed. I explain them my philosophy of a stable computer: identify the needs, install what you need, and keep it that way. If you need anything else, ask me, I'll tell you if you can install it safely.
Yes, this gives me a lot of emails, but it takes 10 minutes to give them a good alternative or give them the "OK".

For Kazaa, I say "No" and point them to Gnucleus. Yes, there is less choice, but if they just want the latest Britney Spears Album it will do. Usually I point them to Opensource Projects that are safe to my knowledge.

IE theme for Moz

[bstadil]

here

My simple solution to spam

[KalvinB]

Spammers need images to get past word filters and to make an ad "stand out." Images can't be sent with the e-mail so src tags are used. href tags are also used for links they expect people to click on. "http://" is a unique identifier that absolutly cannot be obfuscated or it will not work. You can add a lot of junk before an @ symbol but eventually the real link must be there. Simply block that link and poof, no more spam from spammers advertising using that domain. You can block countless spammers by blocking a single 100% unique URL that no legitimate e-mail will ever contain.

The full write up of my take on what I see as horribly flawed ways to combat spam and source code for the custom programs I use to strip links out of e-mails.

I have an example of spam posted there where everything is just a mess in the e-mail. The headers are forged, the text is all obfuscated. But there, clear as day is an "HTTP://"

Poof, killed the spam domain. And there's no way to circumvent my method except by not having links of any form in the e-mail. If you put a link in a spam, I will find it and I will block it.

Ben

Re:Irony

its Omniture doing the tracking who are the same company that was tracking the Verisign mess, the tracking is as comprehensive as it gets, they capture everything (as dataminers do) Omniture are not a multi million dollar company for nothing

in Firebired WindowsXP it sends

http://nytimesglobal.112.2o7.net/b/ss/nytimesglo ba l/1/G.5-PD-R/s87373707397408?[AQB]&ndh=1&t=4/0/200 4%201%3A32%3A2%200%200&pid=http%3A//www.nytimes.co m/&oid=http%3A//www.nytimes.com/2004/01/04/politic s/04BUDG.html%3Fhp&ot=A&g=http%3A//www.nytimes.com /2004/01/04/politics/04BUDG.html%3Fhp&r=http%3A//w ww.nytimes.com/&s=1600x1200&c=32&j=1.3&v=N&k=Y&bw= 1166&bh=876&p=QuickTime%20Plug-in%206.5%3BMozilla% 20Default%20Plug-in%3BShockwave%20Flash%3BMicrosof t%AE%20DRM%3BWindows%20Media%20Player%20Plug-in%20 Dynamic%20Link%20Library%3B&[AQE]

in MSIE6 windowsXP looking at the code it sends a whole lot more (scary amount 1k+ ) but i havent got a sniffer on this machine to see the request

Re:I pity no one

[trauma]

I'm with segment above, I've never used any browser beside IE since it surpassed Netscape Navigator in features years ago, and I also have never ever picked up spyware from surfing. (I have installed freeware utilities that came with spyware, which is promptly caught and cleaned by Ad-Aware or Spybot or Hijack This!.) And I have not entirely disabled VBScript or Javascript.

While IE does install with some less-than-prudent default settings, it's a simple matter to change them. Stating that the solution is to not use IE is just more typical slashdot reactionary (possibly ignorant) FUD. Surreptitiously changing browsers on clients' machines and then covering your tracks with a skin is an asinine and presumptuous non-solution.

Not only am I not clueless, I am fully clued enough to actually know how to use the software instead of replacing it with something I can handle.

Spybot Search & Destroy

[SethJohnson]

Since I haven't seen anyone else mention this tool, I thought I'd bring it up.

Spybot Search & Destroy is a massively effective tool at cleaning a Malware-infected PC of every adware / spyware crap known. It will kill homepage redirects. It even blocks future installation of known malware. Check it out.

It's free as in beer.

Re: Oh yeah, spyware is OUT OF CONTROL!

[King_TJ]

I can personally attest to this. I've been doing on-site PC service for a local company for the last couple months, and our #1 call by far is for problems that end up being spyware/ad-ware related.

In my experience, SpyBot works extremely well, but it has a few quirks in its interface that lead people to not get everything cleaned up that it can clean up.

Most importantly, when it finds spyware it tells you requires a reboot to remove, you'll notice that it rescans everything during the system restart. The thing is, though, it isn't *removing* everything during this stage. It's only setting itself up so it *can* remove what it finds successfully, if you click to "fix problems" on its console window after everything finishes and the Windows desktop comes back up!

Also, I'm seeing more and more virii/trojan horse type infections that are smart enough to kill processes of any known virus scanner. These wouldn't have the chance to infect a PC in the first place if people kept their virus scanner running and updated, but many people don't. Then when someone like myself comes in and tries putting an updated one on the PC, the install won't even complete successfully. (This also manifests itself as a scanner that shows itself as "disabled" in the system tray, but which won't ever stay enabled when you try to toggle it back on.)

I'm at a loss as to why Symantec, McAfee, AVG, and the other popular scanners don't allow doing a "reboot and scan/remove virii before system startup", so the virus code can't get a jump on the scanner??

Free Spyware & Keylogger Detection (For Window

[s-orbital]

I am a full time Linux user, however I am always drafted to work on my families trashed Windows computers. Anyway after a long hard search I found good freeware solutions for detecting & removing Keyloggers and Spyware.

These are also good if you want to safely use a strange machine. These are the programs:

SpyBot S&D safer-networking.org
Pest Scan pestscan.org

Keylogger Hunter http://www.styopkin.com/keylogger_hunter.html

Spyware is worse than spam

[HangingChad]

Okay, it's pretty close. I work in one office that has all XP workstations. It's a guarantee that every time in there I'm going to spend the first 20 minutes running Spybot Search & Destroy and cutting out a huge list of spyware infesting those machines. I'll go back a week later, it's all back in there again. Not in my house.

Just got done switching the wife's machine over to Xandros 2.0. She doesn't play games but she can do everything else. Check her mail, keep a calendar, set reminders, surf, chat, play music, DVD's or movies. And all that right out of the box. I did zero configuration. Zero. Just plugged in one disc, answered a few questions and away it goes. It detected the network card, found the network and Internet connections, configured the three-button mouse properly, detected all my hardware, let me configure a network printer, set up users and set the administrator password. Not just as easy as Windows, it was easier. And it comes bundled with Cross0ver so I was able to get Photoshop working in no time. What a nice distro.

Yeah, yeah I know it's paint-by-numbers Linux, but it sure made my life easier. The wife can get around with it, even for burning CD's and she thought having Photoshop back was totally cool. It's a lot more intuitive for Windows users than SUSE. No more worries about the virus-of-the-day and cleaning off spyware crap.

Windows is crapware. The longer I use Linux, the more I despise Windows. It's...dirty.

Re:Safeguards

[mikeswi]

Push ads? Push them where? You need an application to show an ad, unless you invade an existing application the way true spyware does. If Logitech applications are forcing you to look at ads, that's a problem with Logitech, not Backweb.

I'm sitting here trying to figure out what might have confused you. It really was pretty clear what I said.

To repeat, Logitech and several other companies use Backweb technology to display advertisements instead of using it it for its intended purpose (software updates, corporate communications, etc).

Yes, Logitech is the one misusing it. What's your point? It is being misused and needs to be removed. The software is displaying advertisements to someone who may or may not have been informed of the fact that it was going to do that (depends on who is bundling it). People want the ads to stop, so the software is targeted. That is the purpose of the software.