Spyware Masquerading as Spyware Removal Software
Cocooner writes "News.com is reporting that some of the anti-spyware/adware software out there is doing more harm than good by acting as double agents. One example is a software package named SpyBan (google cache since the original site has been removed), which happened to be hosted by download.com, accused of installing Look2Me, which monitors and reports web surfing habits. SpyBan was downloaded over 44000 times before it was pulled. How 'low' can they go?"
So was it on Download.com after they started charging for hosting? Was this shareware or freeware? Geek minds want to know!
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
I spend a large portion of my day using Altiris's Notification Server product to identify and remove spyware on computers at work. Believe me, this isn't new and there are *lots* of "spyware removal" apps that come bundled with spyware of their own--I see this crap every day.
Has anyone any statistics on the cost to end users of spyware/trojans as compared to viruses? Yesterday I cleaned-up a Windows PC that was being used by a visitor to the company, ad-aware found something like 10 different trojans and spywares on it. Nothing worked anymore: MSIE always went to some advertising site, Mozilla died (was killed, actually), installing ad-aware took ages because one of the trojans was deliberately killing the install program...
My solution was to wipe the PC and stick on Xandros. But this is not feasible for everyone. So how much time and money do spywares actually cost, and is there no way these creeps can be persecuted for theft of computing resources or interference in operations? I know that the EU cybercrime laws prohibit at least some aspects of spyware (such as interference in normal system operations and interception of private communications).
Ceci n'est pas une signature
although I agree with you on that, there needs to be a ton of changes when it comes to scanning for spyware before I'd recommend any AV app to get rid of spyware.
For example, We're forcing all the students on campus to install F-Secure. At this point I have had 300 of them call or bring in their PC because it keeps telling them their infected with a Virus. What is happening is that it detects one of the spyware files as a virus but leaves the rest of the spyware there. Then the Rest of the spyware happily reinstalles the file that F-secure Deleted, and Repeats the process over and over and over until adaware is run on it.
Until virus scanners get into the act of completely removing a spyware/adware infection (IE Scan the Registry and remove viral entries, Clean all traces of a known Virus, ETC) its not helping out much other then pestering the user until they run spybot on it.
In Soviet Russia, Trojan exploits YOU!
No offense, but I think you've got it all wrong.
Ever wondered why there are laws and courts of law out there? Because the "ha ha, if you're not informed, it sucks to be you" approach just doesn't work.
You're no less than asking that everyone spends inordinate hours of their life doing research about every single piece of software. Maybe for you it's fun. For most of the rest of the world it isn't.
And even if you enjoy that for software... how about imagining a world where some other product might be affected. Would you like to check every single pencil or roll of toilet paper or disposable razor blade for hidden spyware equipment? It's exactly the non-computer equivalent of spyware: something which masquerades as a useful everyday item, but which in reality exists only to rape your privacy.
Would you even have time to do that? Would you enjoy doing that? Would you actually learn everything about mechanical watches just to be able to tell if there's a little extra in your watch? What about your new cell phone? How do you know it's not transmitting a little extra to a third party? Etc.
If you didn't answer a wholehearted "Yes!" to each of the above, well, then you probably get my drift. Just as you probably have better stuff to do than becoming an expert in mechanical watches, other people have better stuff to do than to become an expert in computers.
Either way, multiplied by the number of computer users, the "so get informed" solution would mean tens or hundreds of billions of hours wasted per year. A murderer can be sentenced to death for, basically, shortening someone's life by 20-30 years. This "so inform yourself" solution ammounts in the long run to stealing years off everyone's life.
There has to be a better solution than that.
A polar bear is a cartesian bear after a coordinate transform.