Slashdot Mirror
Spyware Masquerading as Spyware Removal Software
Cocooner writes "News.com is reporting that some of the anti-spyware/adware software out there is doing more harm than good by acting as double agents. One example is a software package named SpyBan (google cache since the original site has been removed), which happened to be hosted by download.com, accused of installing Look2Me, which monitors and reports web surfing habits. SpyBan was downloaded over 44000 times before it was pulled. How 'low' can they go?"
I wonder if I can get a patent on "Invention that does completely the opposite of what it claims to do"
How 'low' can they go?
All the way to hell, I really hope.
As low as a worm?
"There is no teacher but the enemy."-Mazer Rackham
..anti-spyware spys you!
p2p spyware removal suite.
in using Spybot. It doesn't install spyware... or does it.
Evolution or ID?
Does SpyBot S & D fall into this category?
How about an anti-virus software that sends itself to all your friends and then erases all data from your hard disk?
So was it on Download.com after they started charging for hosting? Was this shareware or freeware? Geek minds want to know!
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
How low ? Don't go there ...
/. adverts...) On a commercial site, you've got about a 25% chance (empirical estimate) of getting a popup saying that XXX has been blocked...
I've got Spybot on my Windows box at work, and the number of times it triggers is just amazing (yes, even on
Simon
Physicists get Hadrons!
If you run a Windows system then I heartily recommend Spybot Seek & Destroy to keep it clean and immunized. Support the author too, donate a few bucks for good work.
not related in any way, just a satisfied user
Trolling is a art,
The problem here was this program claimed to be so amazingly user friendly that it was hard for anyone to turn down. I know a couple people that swore by it due to its ease of use. Granted that other solutions out there aren't difficult to use either, but we are talking about the masses of non-techies out there.
They should try to spend their time on programs that are more usefull, like those thingies that prevent your IP adress from being visible on the net, or keep your computer clock accurate....
10 ?"Hello World" life was simple then
Worst thing is that they have started advertising on TV as a virus removal/firewall package.
One user on my network install it, basically shut down all network connections. And loaded the computer full of crap.
Also known as eAnthology.
It is the people that would download and install these items that are the ones that would have originally downloaded the spyware.
I have a client that has to have me clean his computer every 3 months of spyware since he and his children click on the banners on websites.
It is time that websites stop showing banner ads for these types of websites. Afterall, if the uneducated people on the web only make it to portals and news sites, then it is unlikely they are going to find the spyware.
I fear that the best solution is integrating process management/API hooking into the OS to stop the ability to monitor computers.
BTW, Researching companies should take blame for helping buy the information the spyware companies produce. If there is no market, I am sure they would stop developing the software for their own entertainment.
Spybot
Ad-Aware
There are others, but these pretty much have it covered i think.
This is my Sig, this is my Gun. One is for Slashdot and one is for Fun.
is there spyware for any other systems than winblows? Or is that just anther reason win blows?
Evolution or ID?
This could be a little off topic, but I don't really think so.
.NET as a wrapper around the Win32 API, but rather the Win32 API emulation layer is built on top of .NET. Then, all of this will disappear. You could set a default that any random app, not explicitly OK'd by the Admin wouldnt even be able to make a network connection.
Granted, this spyware crap is nasty, but lets look ahead to an optimistic future, where windows no longer sports
Just dreaming I guess
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
The person or people who provide these products are claiming they do one thing but in actuality do another.
Sue their asses into oblivion for false advertising, deceptive trade practices and any other related matters.
You as an individual could also sue them on the same grounds.
I am not a big fan of suing for the sake of suing but this stupidity and outright fraudulent practices must be crushed by all means necessary.
IANAL but I do have a legal background (and I slept at a Best Western once).
Again, just my 0.02$
DrkBr
IMHO all spyware should be treated as a virus. It has all of the same symptoms, if not more than a regular run of the mill virus. It tries to infect people by tricking them, sneaks onto a box unknowingly and sends unauthorized data. When people start thinking of spyware as a virus, it will be treated as such.
Stay tuned for new sig...
I spend a large portion of my day using Altiris's Notification Server product to identify and remove spyware on computers at work. Believe me, this isn't new and there are *lots* of "spyware removal" apps that come bundled with spyware of their own--I see this crap every day.
Since we're on the topic of spyware and spyware removal, I'm currently using Ad-Aware as my mal-ware removal program of choice, but I don't want to keep all of my eggs in one basket. Who can recommend some other good ones?
Th
How 'low' can they go?
I don't know, but the limbo hurts my back, so let's hope it does theirs as well.
If not, someone kick them in the crotch while under the pole.
Aych tea tea pea colon slash slash slash dot dot org slash
It doesn't matter how low they go... this piece of software works wonders.
:o)
It also helps if you "look before you leap" too, but I guess that's a trait which is uncommon for the majority of Windows users
I've noticed that everyone who is for abortion has already been born - Ronald Reagan
Step 1: Format Hard Drive
Step 2: Turn Computer off
Step 3: Never use Computer Again
-Certified TechnoWeinie
... that people realize that there no free lunches and stop falling for such freebies that claim to be knights in shining armor!
But really... its the lowest form of indecency that some of these anti-spyware guys are perpetrating!
In other news...Bonzi Buddy claims to be your buddy, when he's not your buddy at all!
Insensitive clod.
Program authors who set up this kind of trojan horse (think about it, it is like a trojan horse), should be publicly flogged and hung from the gallows at dawn.
I have lost hours cleaning up spyware messes. It would totally piss me off to have the tool I use be spyware-infested. That's akin to using a vaccine that is full of contaminants.
Be excellent to each other. And... PARTY ON, DUDES!
Avantslash - View Slashdot cleanly on your mobile phone.
...you must not be using IE.
This has been happening for a while now and is pretty obvious if you're forced to use IE for any extended period of time.
There will be a popup or two with the not-so-subtle title 'SPYWARE DETECTED!' and enough flashing colors to make any experienced sufer wary. Spyware works best against the inexperienced, is this a surprise to anyone?
- Dan
I seriously wonder what other kind unknown spyware that are used to monitor us? I can even imagine information being collected and stored locally on the computer by various programs and that this information is later picked up and shared through a spyware program. Then spyware programs really only need to submit the information that has already been collected.
I think there is some really nice irony here. I'll get a good laugh out of it. What it really comes down to, to me, is that users blindly install things (ha, even anti-spyware/adware) and don't listen to what people say about it.
"Gator cursors?! Rad. I love little annoying cursors." Install spyware.
If people would be more informed about their computing habits, spyware would be avoided, as would viruses.
Adware, on the other hand, may have some legitamate uses. For example, Opera had a free version of it's browser that shows ads. AIM shows ads. Even Slashdot shows ads.
But if you don't like it, don't run it. Research is the key. It's time we stop letting people use computers until they understand HOW to use them.
Has anyone any statistics on the cost to end users of spyware/trojans as compared to viruses? Yesterday I cleaned-up a Windows PC that was being used by a visitor to the company, ad-aware found something like 10 different trojans and spywares on it. Nothing worked anymore: MSIE always went to some advertising site, Mozilla died (was killed, actually), installing ad-aware took ages because one of the trojans was deliberately killing the install program...
My solution was to wipe the PC and stick on Xandros. But this is not feasible for everyone. So how much time and money do spywares actually cost, and is there no way these creeps can be persecuted for theft of computing resources or interference in operations? I know that the EU cybercrime laws prohibit at least some aspects of spyware (such as interference in normal system operations and interception of private communications).
Ceci n'est pas une signature
This is similar to credit card scam that Bruce Schneier pointed out in his latest cryptogram. Fooling people into eating poison wrapped up as a remedy. Bastards.
New Credit Card Scam
This one is clever.
You receive a telephone call from someone purporting to be from your credit card company. They claim to be from something like the security and fraud department, and question you about a fake purchase for some amount close to $500.
When you say that the purchase wasn't yours, they tell you that they're tracking the fraudsters and that you will receive a credit. They tell you that the fraudsters are making fake purchases on cards for amounts just under $500, and that they're on the case.
They know your account number. They know your name and address. They continue to spin the story, and eventually get you to reveal the three extra numbers on the back of your card.
That's all they need. They then start charging your card for amounts just under $500. When you get your bill, you're unlikely to call the credit card company because you already know that they're on the case and that you'll receive a credit.
It's a really clever social engineering attack. They have to hit a lot of cards fast and then disappear, because otherwise they can be tracked, but I bet they've made a lot of money so far.
Free XBox, PS2
Is that so difficult for people? Man, if that is, why are they even using computers?
How 'low' can they go?"
Death row? What a brother know.
Once again back is the incredible, the rhyme animal. D! Public Enemy #1!
(Sorry, it's like a reflex these days)
That's like having a downloaded porn with pictures of women wearing thick clothes.
This is a very common practice. Check any one of the spyware/adware database sites out there to see.
e xe" and many of them would...
Many of the anti-popup programs you see will block all popups except their own. Sort of a form of extortion if you ask me (advertisers must pay up or their popups will be blocked).
Spyware/adware that is installed without full notice of what it is should be illegal and treated just like a virus, because that's what it is.
Of course, with my users I could send them all a message with attachments like "format_c_drive.exe" and "click_here_to_infect_your_computer_with_a_virus.
My Anti-spyware software ;)
Last.fm - join the social music revolution
"How 'low' can they go?"
As low as they need to in order to make a buck.
Does this really suprise anyone? We've continuously seen spammers/telemarketers/advertisers/etc. sink lower and lower over the years as their tactics are countered. First there was telemarketing then the Telezapper gave us all a little hope that the incessant calls would stop. Then the telemarkters came up with a new tool that beat the telezapper. We responded with the Do Not Call Registry and now the telemarketers are suing on the basis of free speech. They will stop at nothing, not even the breaking the law, to make money.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.
and I'll say it again, Ad-Aware (www.lavasoftusa.com) is the only spyware removal program that's worth a damn.
Some of the others that I have seen/tried, are too zealous and end up removing bits that are *required* by proper programs, and end up wrecking things.
Ad-Aware, good as gold.
In addition, IIRC they offer a corporate-based version, much like Norton-Antivirus corporate, and that's a slick idea.
So rise up, all ye lost ones, as one, we'll claw the clouds.
Adware allows companies to get paid for software that wouldn't be written, as it would make no money if made commercial.
Plus, what do you have to hide? Its just marketing stuff, making products better, and isn't that the American way?
Sitting at a coworker's PC trying to figure out what was wrong with it for her, had an installer popup out of nowhere when no web browser was open offering to install a Spyware removal tool for me. One Ad-Aware update and scan later and her system was behaving fine. Don't remember the name of the program... May of been SpyBan...
Funnily enough as this article popped up I was on the phone w/ another coworker who had installed SpyHunter on a suggestion from an office mate... Problem was it started giving weird errors and she claims it kept reinstalling itself when she's remove it from Add/Remove Programs. She deleted the folder it belonged in and that seems to have eliminated it finally, but I had to clear a registry entry on her PC for her that was trying to start it...
Funny thing was whatever genius wrote the software didn't enclose the path to the program in quotes, so it was trying to run C:\Program... That's really the kinda programmer I want mucking about deleting 'Spyware' off my PC.
Thank God for Lavasoft...
Maxim: People cannot follow directions.
Increases in truth directly with the length of time spent explaining them
From their website:
"About SpyBan
SpyBan is a cutting edge software, which is able to detect and remove all popular forms of spyware programs including Trojans, system monitors, keyloggers and adware. You don't need to be a computer expert, or spend a lot of time learning how to use it. SpyBan is one of the most user friendly spyware protecting programs available on the market today and it is 100% FREE!"
Technology
SpyBan has very advanced algorithms, which not only can detect primitive and old spyware, but can detect new generation applications as well. SpyBan loads every time you start your Windows and appears on your taskbar next to clock. If you point your courser to the SpyBan icon and click on it, SpyBan will appear. If you click on "Scan Now" icon, SpyBan will immediately start scanning your computer's hard drive for existing spyware all available local disks.
The descriptions themselves reek of spyware.
[alk]
Maybe Dell was smarter than we gave them credit for a few months ago when they refused to recommend any one spyware removal product. Just imagine if they had and it turned out to be this debacle. Ouch. The PR would be horrid.
This is the same stuff that makes people open random attachments without looking at them because the "from" is someone they know, or support@microsoft.com or whatever. Somehow they managed to get it past whatever filters there are at download.com (no idea if they do any checking at all) and got their program there, and people were now running it randomly without checking what it really does because it came from somewhere they trust.
It kind of sucks that you can't trust download.com, but being paranoid always pays off for computer security. Download.com does not create the programs it hosts, so it's up to the user to check if what they're downloading is really what it claims to be.
---- Take the Space Quiz!
Ok, well WHOIS tells us that www.spyban.net was registered to NicTech Networks, Inc. Which is a 'desktop media' corporation based in Minneapolis, Minnesota. Site has a similar design to www.spyban.net, and they claim to 'offer highly-targeted online advertising solutions' with 'a reach of over ten million monthly Internet users'. Sounds right, and they are a domestic US company. I'm presuming something like SpyBan must break one or two laws? (At the very least deceptive advertising?)
I particularly like this bit of their page:
Need SpyBan?: Your computer and your privacy are at risk if you: - surf the internet more than 1 hour a week - share your computer with another person - make purchases online - use file-sha
hmm, that's me! sign me up! classic scamster stuff, sad that it got 44,000+ people.
This is my Sig, this is my Gun. One is for Slashdot and one is for Fun.
Spam advertising anti-spam software
Viruses claiming to be security updates
SCO pretending to be a software company
Remove spyware which log stuff for other businesses while installing your own. Business-wise very good move, granted you have no ethics and are morally bankrupt. Kind of like McAfee AV marking Symantec products are virusses and then installing trail versions of it's own competeting software.
Hate me!
Most spyware is a result of the lax security of IE. Instead of installing anti-spyware programs (many of which are trojan horses for nasty malware), why not try a browser that doesn't allow the spyware on your system in the first place.
Not to mention the oh-so-easily abused rating system, and obvious sponsoring BY spyware programmers...
And with such a reliable sounding name, the average Joe just thinks "hey it's from Download.com how could it possibly be bad? right?"
And the next thing you know, your computer illiterate relative is on the phone with you again griping about how their browser is going places they don't want, they're being spammed to death with ads on their screen, and their computer has slowed to a crawl.
I motion we make spyware programming punishable by slow castration and death under international law...
Machine9dotNet
How do you know they aren't selling that info to these same companies?
'Same speed C but faster'
As low as possible - as long as there is a penny to be made.
I don't know why they just don't remove the ability to spontaniously spawn new windows. Always open a link in the same window. If I want to open it in another I can right click on the hyperlink and choose 'Open in New Window'. Pop up problems solved.
How 'low' can they go?
Oh I dont know, the ninth level of hell?
How 'low' can they go?
I guess they haven't reached the bottom yet. There's still a long way up!
These are marketers. Was that a trick question?
If I were in a room with a lawyer and a marketer, and I only had one bullet... I'd kill myself.
.sigs are for post^Hers.
Yep! I've been praising SpyBot and recommending it to practically everyone running a PC on the Inet for months now. (As I said in a previous /. thread, I work doing on-site PC service, and this program, alone, cures more PC issues I run into than anything else we use.)
I'll tell you another little tip, though. If SpyBot already claims it's cleaned everything up, but your PC is *still* spontaneously generating pop-up ads on the screen, or running abnormally slow (perhaps you still see odd processes listed as running in the process list?), here's the way to fix it.
Run regedit, and search the entire registry for "run once". There are several "run once" registry keys, with plain old "run" keys directly above each of them. (You're mainly interested in what's in the "run" keys, but searching for "run" will find hundreds of things we're not interested in.) If they're starting up some kind of trojan horse or spyware/adware program on your Windows PC (and assuming it's not simply in the "Startup" program group!), they've got to be doing it in one of these "run" keys. Look for sneaky files in there with names like "windowsupdater.exe" (MS doesn't ever run a file by this name to do the real Windows updates), or just gibberish names like 0br003445l.exe and delete them from the "value" line of the "run" key. I've even seen files in there I wasn't sure about, until I looked in the folder under "Program Files" where it was running from; Then I saw a *documentation* file in the program's folder explaining that the utility was "designed to automatically present advertisements to the computer user at random intervals"!
BBC got the news.
This is good to know, but we need a solution. This is going to get worse before it gets better. What existing laws can we sue these people under?
Could some simple law be developed that says software cannot do the opposite of what it says it does. Would this work? Or could we make an anti-spyware law that limits what software is allowed to report on without your consent? (Of course, some of these apps probably tell you that they do this in the EULA, which no one reads, but that is a separate issue)
I've had really good luck with spybot s&d for removing Windows spyware/malware/adware, etc., but though it is freeware,
I'd really like to use and support an Open Source removal tool - I want to see the source, etc. - in my co.'s environment. Is there such an animal?
"The basic tool for the manipulation of reality is the manipulation of words." - PK Dick
I use both of those, plus SpywareBlaster which keeps most of the stuff from being installed in the first place.
GWB claims to be a leader. He has prior art.
No where does it say: "SpyBan has no spyware". Unless it doesn't specifically say it doesn't have spyware, I assume that anything downloaded for free from the Internet actually does have spyware. Three good free programs I've found are: 1. Ad Aware 2. Spybot search and destroy 2. AVG Anti virus free edition
The fact that there are descriptions at all puts it a cut above most spyware. Of course, they would seem less like something nefarious if they they had more than a tenuous grasp of English.
"Now Billy, pay attention! Sigh. You need to learn proper use of subject and predicate, because you'll never amount to anything besides a worthless huckster. What is wrong with the following sentence 'I send you this file in order to have your advice?'"
The ______ Agenda
The article mentions one specific spyware removal program, but I think that there is a lot more of these trojan horse type programs out there. Most of the spyware/adware/malware programs are trojan horses anyway: they promise to do something for the user like show pretty wallpaper or synchronize the Windows time clock, but they have these nasty side effects. The only difference with this program they mention is that it purports to remove spyware when it includes it. I have seen other similar programs on my clients' computers, like one that supposedly checks to make sure that there is no porn on the users' hard disks, but in reality is bundles a bunch of spyware/malware programs with it.
haha! real smart I say!
...got bit by this. She paid something like $30 for a piece of software called spyware nuker. She coplained of pop-ups and general slowness so I took a look around and found out about the questionable activities of this program. Apparently it loads its own pop-ups.
She finally caved in and allowed me to install Linux on her PC, thankfully!
I converted my 70 year old grandmother to Linux last year and she loves it...hopefully my mom will stick with it as I usually have to remove viruses and trojans once every couple months.
======== In the future, everything will be artificial. ========
Speaking of spy/malware. Yesterday, I was cleaning up computers in the office with Adaware and came across 188 instances of spy/malware on one of my co-workers computers. Thats the record. Not bad, cosidering the user of that computer has an IQ level equivalent of a bucket.
I recommend blocking cookies that aren't from the web site you are at. For instance, doubleclick.com cookies given to you at non-doubleclick sites. These tend to turn out to be either ads.* cookies or other spyware cookies. Mozilla Firebird can easily block them in the cookie options.
I download a software package without knowing anything about it and install it. It's a trojan. I get burned.
So then, instead of looking for a package with a background that makes it likely to NOT be a trojan (such as a bunch of people in a well-known company whose reputation would be harmed if they released a trojan), I go looking for ANOTHER package I know nothing about that claims to be good. I install it, it's a trojan. Gee, what a surprise.
Get a clue, idiots, or give up the pretense of intelligence and serve the rest of us like the cattle you are.
I tried to explain to my dad that PrecisionTime on his computer was spyware, and what spyware was, and that I'll uninstall it for him, but he insisted that it was essential software and that he didn't want me to mess it up.
*shrugs* I guess this must be a windows problem.
</OELQ>
Yes Francis, the world has gone crazy.
uh
you can run msconfig and do that, or even better, use the tool that spybot has in its advanced mode.
Girl on Slashdot crys foul on Anonymous Coward. Mods rush to her aid - instant karma!
The spyware removal tools I use regularly are my Mac iBook G4 running OS X.3
But I think you're hot... and you're smart.
A killer combination in a woman.
Will you code my Java?
a Spyware masquerading as a Spyware masquerading as a Spyware removal software, removal software?
Actually, I did the same thing yesterday, I just delete the entire key. Since the key => value pair was added by the spyware itself, there is no adverse side effect from deleting the whole thing. Also, the 'run' directory shouldn't have a billion things in there, because those are all the programs that will try to run when you start up your computer. Consider looking into what it is trying to run and delete appropriately. Of course, be careful.
Please direct all bug reports to
The FAQ from alt.privacy.spyware lists the more popular and trusted anti-spyware/anti-adware tools. Lots of good information and advice in that group.
Yes, I know the programs listed in the faq are a bit windows-centric. But guess which platform most posts on that newsgroup are about.
Check out www.windowsstartup.com for a better front-end than msconfig. It checks with their (user-submitted) database and gives descriptions of the startup processes, when available.
The fact that Ad-Aware have a time travel machine and have sent us a definition list from the 2nd of April 2004 is more than enough for my needs.
Does my bum look big in this?
I *really* hope the less experienced users out there that read this, don't now become afraid of the good spyware removers. Readers here know that spybot and adaware are great, but since all the names of the other malware/trojan apps are so similar, how is joe homeowner supposed to keep them straight?
You'd think if they had to hide it this much they would realize people don't want it.
As for SpyBan - probably a good lawsuit right there for false advertising.
Its a cliche, yet remains a very valid point: Technology is constantly providing people with new and better ways to do things- The character of people, in general, remains unchanged, however.
Great technology can and will be used by a large block of people to create good things, but there will always be that 10 percent of the population that will use it to the detriment of the rest of us. These people do not hesitate to destroy whatever system in which they participate, if destorying that system yields them the short-term benefit they desire. They are, by definition, parasites...not the symbiotes many of them profess to be.
The most successful of these parasites manage to hide pretty well within the system they destroy...the ones that do not are typically stopped, somehow, by the system that they prey on.
Perhaps the system should be a bit more extreme in excising parasites.
Geeks don't get laid because they are completely selfish and anti-social. I'll lay it out:
1.) They're selfish. This means that whatever benefits them, they want. And they will justify it to no end. Example--MP3 downloads magically become a culture movement against the RIAA, not a direct ripping-off of real humans who rented a studio and recorded the music to make a living. People get used to the convenience of MP3 downloading and invest justifications for it so their guilt goes away. This has led to entire subcultures on the net in which warez is okay, mp3s are okay, and hacking is okay.
2.) They think their mindset is a majority mindset somehow more valid than anyone else's. Most normal people who get used to something have no problems with other people doing it differently. Nerds, however, feel whatever they do, everyone else must do the exact same way, or it is no good. Example--XFree86 cut-and-paste. Witness endless Slashdotters write entire essays explaining why the X11 cut-and-paste scheme is somehow better than the cut-and-paste scheme used by 95+ percent of computer users, and if others use Ctrl-C and Ctrl-V, they are using a "braindead" scheme. Yes, someone actually felt strongly enough about a cut-and-paste scheme to label it that. Insane.
3.) They think being an encyclopedia is appealing. This means they don't know any other way to impress someone, so they will throw facts at them. Most normal people relate emotionally to others. But nerds have often spent a lot of time in non-social environments, and so emotions aren't something that are felt, but thought about. So, when they actually become involved in a social environment, they don't know any other way to impress or converse but to exchange random facts and argue about things other people don't care about. Example--most any thread on Slashdot in which an argument takes place. "So-and-so happens this way." "Actually, it happens this way." "But since version 0.11.4p2, it has done this to do this." "Only on the OS X port."
4.) They take the side that best benefits them--hypocrisy at its worst. Nerds will attempt to maintain some sort of moral stance against Microsoft, yet embrace DDOS attacks against spammers and SCO websites. Witness all the Slashdotters posting links to the SCO website with tongue-in-cheek messages to "keep refreshing." These posts get modded up. But then when SCO mentions the attacks in the press, suddenly nobody on Slashdot supports it, because they're above that, right? Another example--IBM, the bastion of corporate greed and evil in the 80s, is suddenly a-okay with nerds because they've gone with Linux after their OS/2 line died out. Anyone who would bother to read up on IBM's corporatehistory would shudder at this.
5.) Of course, this hypocrisy leads into propoganda. Anything Microsoft does is evil and has a self-serving agenda. Anything a Linux company does is great for the community and can be justified. So, if Microsoft's Windows is selling in China, and the Chinese government that silences dissidents happens to be using Windows, Slashdot will report a headline entitled, "Microsoft Violates Human Rights in China." This, of course, ignores the fact that China has its own Linux distribution, and we won't see a "Open Source Violates Human Rights in China" any time soon. And with all these recent KDE 3.2 articles, nobody's mentioning that KDE removed the Taiwan flag just so they could be adopted by the Chinese government. But, like I said--Microsoft is evil, anything Linux is good!
6.) Condescension. This means that if your opinion is different, you will be insulted and downmodded (a true sign of emotional insecurity). If you are new to spending an entire evening just to set up an operating system, and you don't understand the poorly written, 5-year-old HOW-TOs, going into an IRC channel to ask about it will get you "RTFA" and "haha n00bs." If you dare request that someone shape up their godawful GUI software for Linux, you will get people who will
You might want to add this to your arsenal as a quick and easy way to see what can be run on startup.
Autoruns from Sysinternals (freeware)
While what you said was a joke, it made me think of something that might be a good idea.
How about we (geeks, slashdotters, etc) start pattenting all the evil ideas we can come up with? Think if we had the pattents to algorithms used in worms and viruses, or in spyware, etc. Of course, I don't mean we build anything with these evil ideas, but then we could sue the pants off anyone who did.
I know a guy at Microsoft who says they have people to develop worm/virus algorithms just so if someone ever uses it, they can take them down atleast financially, if not legally.
no comment
If you go to SpywareInfo's forums, you can get HijackThis, which lists pretty much everything that ever loads on your system, and the experts there can clean it.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
I know you're not condoning this crap as useful, but just in case you accidentally confuse someone... :P
You're not "thinking like the enemy". It would be actual WORK to remove spyware - not necessarily easy work, either, requiring constant maintenance. I wouldn't trust the software to do ANYTHING but add to your troubles.
Although both packages ARE clean (I use both) there is a potential problem using both at the same time.
Adaware by default "quarantines" any dodgy stuff it finds, rather than immeadiately deleting them. These are stored away so that they dont cause harm. you can delete the quarantined items, or restore them. This just gives a usefull way to undo changes, incase something stops working.
Spybot S&D may find these quarantined objects and flag them as spybots, when in fact they are safely "immobilised" by Adaware.
SO make it a point of deleting the quarantined objects.
Otherwise both programmes are very good.. and i woudl consider donating to the Maker of SpybotS&D, or purchasing the pro version of adaware, just to support them.
Unlike creating normal software, the authors ARE playing a race with the creaters of spyware, and the cash would do a lot of good.
Have a nice day!
These spyware companies need to be stopped....I heard they are harboring terrorists and PROBABLY have some WMD...[any moment now 1000 pound bombs will be hitting Claria HQ]
7.) They actually use numbered-lists, complete with entire paragraphs, to outlay their points. This is an assurance they will never get laid!
C'mon mods, it's a joke, mod it funny... Nice joke/troll btw. Good way of playing on stereotypes. Most of what you say rings slightly true in one way or another... Just enough to get people riled up until they read the last line. *clap*clap*
Maxim: People cannot follow directions.
Increases in truth directly with the length of time spent explaining them
Or with Omniweb 5. The Beta's cookie management has a little button on the status bar that you can click to manage cookies on a per-site basis, on the fly, without having to dig around in preferences. In my case, I have it default to only accept cookies from the site I'm on. I could specialize filtering, though.
and i'll say it agian..
Two spy/mal/adware cleaners: Ad-Aware, Spybot S&D,
And a Good hosts file that will deal with any future incursions: Http://www.2fords.net/rchapin/hosts.zip
Download the zipped file, then do a search for your old hosts file, backup, and replace it.
First rule of holes; When in one, stop digging.
Tamales
Talk about invasion of privacy. To me this just like a cable guy coming into your house to install cable tv/broadband and just happens to drop a couple of hidden cameras in your house as well.
Yes I agree users should be more careful what they install, I ran Spybot on my system just to see, it found a few cookies that was it, but I am very careful of what I install on my system.
Nonetheless it should still be illegal for any software to be installed without the users express consent. And this should be specific, not some read the license agreement loophole. When installing software the installer should plainly and clearly explain what is being installed. Anything installed in addition or code that is beyond the scope of what the software is suppose to do should be illegal.
How are you arriving at the conclusion that the non-free software you're endorsing is much more trustworthy than the non-free software the article mentions?
Digital Citizen
Suppose software has been installed without my consent on my computer, and made itself hard to remove. I could go through the trouble of finding a program to root it out and get rid of it. What if, instead, I installed a program that sent an email at every popup - no, two. It follows the link in the ad, and also sends an email to [normal admin stuff]@advertiser.com. The email says, yo, you just displayed a popup on my computer, you better stop. It employs the latest filter-busters and random stuff so they can't block them, and asks in a nice way that no more popups are displayed on my computer. Five minutes later, it does it again ... and again ... and again ...
The result is, spammers are DOSed in a completely polite and legal way, as are their advertisers. At the same time, the advertisers who pay by click get raped with thousands of computer-generated clicks.
I'm sure there's problems with this -- the biggest one being working out the right email addresses -- but it's an amusing thought.
Wish it was possible to mod a parent article Obvious...
I would be all over this one.
"...Well if we built a large wooden badger..."
He told me about it a while ago, and swore me to secrecy about what they were doing. He hated working for the company, but he was going through a tough time and he needed the job. He eventually found a better programming job elsewhere and moved on.
I think the first question people ask is, "how could someone do something like this?" Well, the short answer is that the people running the company just flat-out didn't care. They wanted to make money and they found the most insiduous way to do it, with no weight on their consciouses. Personally, I think it's pretty sick.
At this office we have several machines with Norton AV pre-installed, what a pain in the ass! I wonder if just letting virii run amock through the office would be less annoying than dealing with Norton's constant nagging for attention. Every-frickin-day at least several times a day a Norton dialog pops up out of nowhere on your screen while you are trying work, simply to remind you of the number of days left in your Norton subscription and do you want to renew now? ... and of course the only two buttons you can click to make the dialog go away are a classic Hobson's choice: "yes, I have my credit ready so please take take more money from me now" or "remind me later, like say in an hour or two when I get even busier" ... then later an complete full-cavity virus scan starts up unannounced no matter how busy your machine is ... and of course the constant demand for you to ineract with Norton
while virus updates are being downloaded and then after updates are downloaded it of course will say "click OK now to reboot" not even giving you the option to reboot later.
Now of course if I'd bother to RTFM and spend my time reconfiguring Norton I suppose I could figure out how to make it less annoying, and then take up more of my time doing the same to every machine in the office... but I was just wondering if the people working for Norton might consider making their products less godamn annoying then the virii they aspire to prevent.
I'm sure you're not morbidly obese. You'd never get through the letterbox.
Shouldn't there be "PROFIT!!!" somewhere?
Saw the google cache - if you actually read their stuff (hint: capitalized "FREE FREE FREE" is usually an indication something's not on the level) it's obvious this was not a great piece of software.
Then again, spyware isn't going to go away just by getting people to stop using it -- it's going to go away when we make it unprofitable by getting laws passed to sue the people buying their advertising.
Thanks for clarifying that...I should have put commercial in there.
And that's not all. Do a 'Google' and look for 'adaware' or 'spybot' and you'll get more than you bargained for. A lot of these cretins are using the same names to link for their spyware.
l er.com
What about these...
www.ada-ware.com
www.stopzilla.com
www.spykil
www.spybot-software.com
Etc...
Who knows which are legit, and which are scams? I'll tell you this though. Those Stop-Sign scumbags should be drawn and quartered. Not only does it introduce new spyware to a user's machine, but until you register it, all it does is FIND the spyware and tell you about it.
Most users think this crapware actually does something in its shareware form because of the sneaky way it's advertised.
"...Well, there's egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam..."
I'm serious here...
A few months ago I worked for a local computer store doing builds and general repairs. 4 out of 5 systems that came through the door had enough spyware to justify my spending time fixing it. Between filling out paperwork, setting up systems on the bench, etc. We're talking a *minimum* of 1/2 hour for the following process:
-Boot. Wait up to 5 minutes for spyware to load.
-Uninstall the obvious spyware, take mental note of the rest
-Reboot to safe mode.
-Install Spybot + updates from cd
-Spybot scan + remove
-Run HijackThis and look through registry keys for IE hijacks spybot didn't catch (becoming more common)
-Reboot and verify system is now running 200% faster with no popups.
-Reset IE security settings
-Install latest Windows updates
Even systems that came in with hardware failures needed spyware cleaning once the parts were replaced.
It's an epidemic and unfortunately I don't see an end. Unlike viruses, there is financial incentive to develop spyware and nobody is being prosecuted for it.
just goes to show that you cant always trust what you read, even if you should be able to. whats next, slashdot is actually running windows 3.1 webservers?
The question isn't an ethical "how low can they go?"
The question is, have they crossed the line into the legal territory where they have manufactured and distributed a defective product, which has done demonstrable and measurable damage? Let there be civil and criminal penalties!
-fb Everything not expressly forbidden is now mandatory.
After getting our email protected with Postfix+Amavisd-new+Clamav+SpamAssassin+F-prot I asked myself: is it possible to get same quality protection for the web-surfing?
And the answer is Yes! It is possible. Now I am using Squid along with Dansguardian and Squidguard. Working together they are catching 99% of all adware/spyware malicious scriptlets. Also they remove annoying banners and give us the required level of the parent control.
Dansguardian integrates with PICS, Platform for Internet Content Selection, which was originally designed to help parents and teachers control what children access on the Internet, but it also facilitates other uses for labels, including code signing and privacy. The PICS platform is one on which other rating services and filtering software have been built.
Unfortunately Squidguard is getting out of its suppot by its original developers. It's getting more and more false-negatives (up-to 30% was complained on getntoo forums), but it's still better to have it.
Now I am bringing same protection to the company network at work and they are happy of that.
My point is to protect your network rather than individual computers. Windows based PC are unsecure per se. Besides it is a hassle to go to each PC and install different types of filtering software (especially when you have to support 3 or more different client OSes, like win98, win2k and MacOS).
Less is more !
I believe your post falls under #3.
IMHO there is no such thing as spyware. Anything that does something it doesnt tell you about and needs another program to remove it is a trojan horse. (also, anything thats used to hide various drugs in various sun-not-shining places is a trojan condom.
This comment does not represent the views or opinions of the user.
Looks like Microsoft beat you to it.
...most of whom are totally oblivious to spyware until I begin my spiel. I support DSL customers for an ISP who shall remain nameless. One of the biggest issues we struggle with on our calls is performance issues when surfing. (Or, in extreme cases, not.)
Customers call up irate because their browsers seem to be slow or they can't pull Web pages at all, and they want to know if the network is having problems. After the obligatory trip to the speed-check site to prove that their DSL connection is running at normal speed, it's time to explain what's going on inside their computers.
I usually prescribe Ad-Aware to my customers, but too many times, they'll mention they're already using something that popped up in an advertisement while they were surfing. It's all I can do to keep from saying, "Think, man, think! Didn't you get the least bit suspicious that someone offered this 'help' to you from out of the blue?"
"How many light bulbs does it take to change a person?" --BMcC-->
You know, something like:
Go to a website where the source code is kept.
Note that the source code has been up for a while and there are message boards for the users to post comments. Or maybe mailing lists.
Talk to some of the more experienced users and see if they have had a look at the code. Or maybe just used it for a while and have an opinion on it.
Decide which of those users to trust.
Download the source code.
Build the executable.
Log in as a specially priveledged user
Start up a tracking program that watches everything that's being installed.
Install the software.
If it doesn't do what you want--or if it do what you doesn't want ;) use the same tracking program to remove exactly what you just installed.
Hmmm...If only there were such an OS.
I bet people that used it wouldn't have any spyware.
"Reality is that which, when you stop believing in it, it doesn't go away." - Philip K. Dick
Seriously, with the reputation that the AV companies have for removing viruses and worms from computers, it sounds like detection and removal of spyware should be right up their alley!
Wh47 d1d j00 541, 31337 15n't t3h r0xor5 ne m0r3???
Is anyone thinking this is a nice LOTR lead-in? Everyone trying to take it's rightful place as the ONE SpyWare.
One SpyWare to Rule them All!
This is hilarious.
My post is being modded as Off-topic, but this one is +5 Insightful.
Never mind that it all just illustrates my third point...relax, guys. My post was obviously tongue-in-cheek.
No, I don't see a difference between the words "geek" and "nerd." To arbritrarily decide there is a difference seems way too anal retentive to me. But that's just me! Sheesh.
You want 'Autoruns', available from the nice folks at Sysinternals. Google on 'Autoruns' takes you to the right place.
Tells you all (non-services) that start up 'automatically'.
Also good are Mike Lin's Startup Control Panel and StartupMonitor,
I'm the urban spaceman babe, but here comes the twist... I don't exist
This is the same but the house will be left standing. Basicly why are they not in jail it is fraud I can get jailed for makeing a fake bomb because it looks like a bomb. This does not really make any difference this was a con job they were making money by fraud so they should be in jail
Spybot truely is a godsend. I just spent about an hour cleaning up a user's laptop. He was complaining about pop-ups that were constantly appearing. I installed Spybot and ran a scan, it found 197 bots. Everything from porn to student loans. If anyone out there uses a Windows box, I highly recommend installing Spybot S&D.
Ashcroft has this, Ashcroft has that...it took congress and various state governments to bring much of what you claim to fruition. Don't focus on Ashcroft. If you hate him, hate him only for what he's done. There are more individuals involved in what you claim than you would have us believe, and those include your elected officials. Don't like 'em? Vote 'em out next time.
Also, according to the 60 Minutes II report, Canadian intelligence officials knew and approved of Arar's deportation to Syria. So, all they had was a foreign national that they didn't want, BUT when they asked Canadian officials if they wanted him back the Canadian officials said "naaah, send him back to Syria, we don't want him." Now who's at fault in this case? The worst part is that Arar's American lawyers are using him as a puppet in a case he has no chance to win in order to propagate their political cause when in reality Arar should be suing the Canadian government.
At least your reporters don't get their homes raided for reporting the news. I don't know of a single case where a US reporter has had their source of information seized by the police and potentially face criminal charges for what they said.
funny thing is spybot had the same type of thing in advanced mode.. under tools -> startup
im looking at starting a little operation this summer of removing spyware from peoples winblows comps. looking to charge around 50-60 per machine depending on the infection level. but i think theres enough potential here to scare normal people up enough to shelling out money, just as everyone did a few years ago when viruses were the big scare and they all went out and bought nortan. personally i think enough fear could be drummed up about spyware pretty fast via a few 30 second commercials on local tv, to generate a nice chunk of change.
Before this most virus writers wrote viruses just for kicks. Now there's a financial incentive to do their thing.
Here's a great link link to illustate how bad it's gotten and one person's fight against it. Hats off to merijn for writing cwshredder.
OSS has many fine points, no doubt, but making the user automatically clued is not one of them.
Try to remember what spyware does. It does _not_ come via a buffer overflow export, but by social engineering. It is installed by the user. It does that by pretending to be something else. (E.g., see the thread we're in.)
Let's use the Clueless family as a hypothetical example. They're the average family, with a home in the suburbs, 2.2 children and _zero_ clue about computers. They're not going to look into the source code, nor compile anything themselves. They wouldn't even know where to start. Anything that does end up installed on their computer, had a nice installer.
Basically: the average kind of people who end up with 10 pieces of spyware and 3 dialers.
The same Joe Clueless who now installs some dialer plugin (because some porn site told him that he needs it to access the site), will just as cheerfully install a new "plugin" or driver in Linux.
Even if someone clued him not to run as root for web browsing, he _will_ su as root if needed to install that great plugin.
The same Jane Clueless who now installs some stupid password reminder (with key logger and backdoor port and all, presumably to make sure someone else remembers your passwords too;) in Windows, will just as cheerfully install the Linux version of it. Going root and even replacing system libraries if needed.
And little Jim Clueless, the lamer kiddie who installs spyware and trojans disguised as Counter-Strike cheats and aimbots... well, will just as cheerfully install them in Linux. Heck, he'll even replace the kernel if those nice l33t h4x0rz on the warez site tell him "we needed to change the kernel itself to keep the game from detecting the cheat. Now when the game asks for that file, we intercept the call and say it doesn't exist."
For _you_, ok, that would probably raise a few questions. The kernel is a very critical program, and _you_ know that very well. But little Jimmy doesn't. The only thing that will go through his cheating retard brain is "kewl!!! now I can get a bigger score and not get caught!!!"
A polar bear is a cartesian bear after a coordinate transform.
Your comments are obvious exagerrations....
600 years of jurisprudence??? You might want to recheck your American history.
Furthermore, I lived in California when CA defied federal law and approved marijuana for medical treatment (not just for the terminally ill, dufus!)
Did you forget that federal law preceded and superceded this state law?
Check your facts before you post such politically motivated and ignorant drivel.
As an aside (and IMHO and the opinion of mental health experts)...suicide is a mental illness necessitating mental health treatment, not death.
The other way popups continue is by replacing part of Winsock. A winsock fixer will clean it.
Have you read my journal today?
Take them to court over misrepresentation of their product... Misleading advertising.. There is alot of ground work laid out allready To prevent this type of "Marketing".. I highly doubt any phrase in the EULA will hold water better than a piece of tissue paper. Its still a form of advertising when you call something Spyware removal and it is actually spyware.
Who needs WiFi when we can have Packet Over Sheep! http://datacomm.org/PoS-InternetDraft.txt
These are excellent programs; I was just about to recommend them myself before seeing your response =D
Please consider making an automatic monthly recurring donation to the EFF
they've got to be doing it in one of these "run" keys
/run explorer.exe), less well-documented Registry keys such as "ShellServiceObjectDelayLoad" (try typing that 3 times really fast!), etc.
Alas, at one time this was true. Even that became passe for malware makers, so they've been stuffing them pretty much anywhere an executable can be executed from, even semi-undocumented ones. These days you can also expect them in your win.ini/system.ini (load= or run= lines), taking over filename extensions (e.g. clicking on a text file loads the spyware, which then loads notepad.exe), replacing your shell= lines (e.g. shell=spyware.exe
The equally-crafty non-EXE pests might also show up in IE's Browser Helper Object list, or insert themselves into your Winsock stack as Layered Service Providers. (These generate some, er, "fun" when you go to remove them.)
Caveat Emptor is not a business model.
Actually, doesn't SpyBot already do this (assuming you have the latest updates applied to it)? I know I've noticed when I've run it lately and it starts fixing problems, it says something on the screen for a second about updating networking components.