The Battle Against Junk Mail and Spyware

wildfrontiersman writes "A New York Times editorial by Brent Staples, The Battle Against Junk Mail and Spyware on the Web, laments 'The story of technology is the story of noble aspirations overtaken by a hard-core huckster reality. This process is on vivid display in the debate about electronic junk mail, which makes up more than half of all the e-mail that travels on the Internet.' He criticizes the new spam law, the lack of attention to spyware and how it threatens our beloved internet."

Obligatory Google Link

for the tin-foil hat crowd, posted AC to avoid Karma-whoring, here.

Re:Brent Staples the author

[Lshmael]

as this biography (warning, embedded Quicktime!) points out:

Brent Staples is an editorial writer for The New York Times. He holds a PhD in psychology from The University of Chicago. His memoir, Parallel Time: Growing up in Black and White, was the winner of the Anisfield Wolff Book Award, previously won by such writers as James Baldwin, Ralph Ellison and Zora Neale Hurston.

Re:I pity no one

[jawtheshark]

You shouldn't pity clueful users that get spyware. You should however help correctly. That is protect them from their own cluenessless.

Typically, this is install adaware to get rid of the junk, and then patch their goddamned systems. Install Mozilla, set it default give it an IE skin, block popups and remove iexplore.exe from their system. Set firewall (of your choice), add an AV ( http://www.grisoft.com for a free as in beer one) and explain the basics. Scare the crap out of them by exaggerating a bit what spyware really does.

I found that this works. People where I pass rarely get viruses and spyware. I have whole bunch of clueless people that I help. Yes, here at home with 4 clueless users, I standardized how they get on the internet (OpenBSD filters the crap) and I have yet to see them get infected with spyware and viruses.

Help the clueless... those who should have a clue get no pity. However, I never encountered anyone with a clue that doesn't know the above.

Re:Spyware a necessary evil for some

[Zocalo]

Care to justify that stance?

I can think of one, just ONE example where this is the case. The Google Toolbar. It's an incredibly useful thing if you can use it (only works with IE5.5 or better) but it does contain one optional feature what might be classed as "Spyware". Specifically, in return for providing Google with some details of your browsing habits you gain access to some PageRank related features. Google does however provide extensive clickthroughs and documentation that detail just what this entails, which is more than most of the crap out there with a penchant to phone home.

Help us identify spam sources

[bigberk]

If you know what you're doing with email, and use a statistical filter such as spamprobe (or SA/other bayesian) from procmail, consider joining the community wpbl experiment. This is essentially an IP blocklist built automatically, in real-time, from many statistical filters (no manual user action ). IPs from mail are automatically extracted, classified as spam or good by your bayesian filter, then reported to the central server 24 hours a day. This is not like spamcop.

Re:Safeguards

[jawtheshark]

Yes, you are right. Let's take the example of Kazaa. Well, that is part of my explanations about spyware... Use freebies and you're screwed. I explain them my philosophy of a stable computer: identify the needs, install what you need, and keep it that way. If you need anything else, ask me, I'll tell you if you can install it safely.
Yes, this gives me a lot of emails, but it takes 10 minutes to give them a good alternative or give them the "OK".

For Kazaa, I say "No" and point them to Gnucleus. Yes, there is less choice, but if they just want the latest Britney Spears Album it will do. Usually I point them to Opensource Projects that are safe to my knowledge.

My simple solution to spam

[KalvinB]

Spammers need images to get past word filters and to make an ad "stand out." Images can't be sent with the e-mail so src tags are used. href tags are also used for links they expect people to click on. "http://" is a unique identifier that absolutly cannot be obfuscated or it will not work. You can add a lot of junk before an @ symbol but eventually the real link must be there. Simply block that link and poof, no more spam from spammers advertising using that domain. You can block countless spammers by blocking a single 100% unique URL that no legitimate e-mail will ever contain.

The full write up of my take on what I see as horribly flawed ways to combat spam and source code for the custom programs I use to strip links out of e-mails.

I have an example of spam posted there where everything is just a mess in the e-mail. The headers are forged, the text is all obfuscated. But there, clear as day is an "HTTP://"

Poof, killed the spam domain. And there's no way to circumvent my method except by not having links of any form in the e-mail. If you put a link in a spam, I will find it and I will block it.

Ben

Spybot Search & Destroy

[SethJohnson]

Since I haven't seen anyone else mention this tool, I thought I'd bring it up.

Spybot Search & Destroy is a massively effective tool at cleaning a Malware-infected PC of every adware / spyware crap known. It will kill homepage redirects. It even blocks future installation of known malware. Check it out.

It's free as in beer.

Re: Oh yeah, spyware is OUT OF CONTROL!

[King_TJ]

I can personally attest to this. I've been doing on-site PC service for a local company for the last couple months, and our #1 call by far is for problems that end up being spyware/ad-ware related.

In my experience, SpyBot works extremely well, but it has a few quirks in its interface that lead people to not get everything cleaned up that it can clean up.

Most importantly, when it finds spyware it tells you requires a reboot to remove, you'll notice that it rescans everything during the system restart. The thing is, though, it isn't *removing* everything during this stage. It's only setting itself up so it *can* remove what it finds successfully, if you click to "fix problems" on its console window after everything finishes and the Windows desktop comes back up!

Also, I'm seeing more and more virii/trojan horse type infections that are smart enough to kill processes of any known virus scanner. These wouldn't have the chance to infect a PC in the first place if people kept their virus scanner running and updated, but many people don't. Then when someone like myself comes in and tries putting an updated one on the PC, the install won't even complete successfully. (This also manifests itself as a scanner that shows itself as "disabled" in the system tray, but which won't ever stay enabled when you try to toggle it back on.)

I'm at a loss as to why Symantec, McAfee, AVG, and the other popular scanners don't allow doing a "reboot and scan/remove virii before system startup", so the virus code can't get a jump on the scanner??