Spyware on One in Twenty Computers?
SpaceDonkey writes "New Scientist reports that researchers at the University of Washington carried out a scan of the campus network for signs of spyware. They found spyware lurking on more than one in 20 machines and also discovered a serious vulnerability in two of the four spyware programs they looked for."
I'm sorry, but that number is way too low.... I'm in a bit of a hospital/nursing town, and I'd say that at least half of the nurses-in-training I know have experimented with Kazaa and other music piracy services, and are usually loaded down with 5 to 10 bad (at least gator-level) spyware installs.
The only thing that has infected that "community" around here worse would be smoking habits.
I routinely see over 10% of windows users show up with spyware on my anti-spyware page, and that's just what can be detected with a simple javascript utility over the web, so the actual total must be even higher than that.
The party of stupid and the party of evil get together and do something both stupid and evil, then call it bipartisan.
I cannot believe how many new programs are coming with spyware now. Worst yet, the spywares are not just cookie trackers, but keyloggers and much worse. Even some games install a scanner to scan your hd for any "virtual drives" and will not load the game if any are detected.
"Jeremy, you need to get to an internet cafe and cut and paste some appropriate sentiments about me from the world wide
Here's a quick test. Ask the user if they've ever heard of SpyBot or AdAware. If the answer is unsatisfactory, they've got spyware. That includes your mom.
5% is WAY low. Even I got infected (an app on tucows was listed as freeware, but turned out to be ad/spyware), even if you don't coun't cookies and GUIDs..
Did I mention that AOL Instant Messenger now comes with spyware? That re-installs itself? And adds "free.aol.com" to IE's "trusted zone" so new stuff installs *without a prompt or warning*.
SCO employee? Check out the bounty
That may be a little on the high side but, 1 in 20 is way too low. Spyware is as out of control as spam is but, most people aren't aware of it, as they are with spam, so it doesn't get as much mention.
I have always thought of spyware as a virus. Perhaps not as destructive but, a virus none the less. Thus, I have always felt that the commercial anti-virus companies should make their software to detect and remove spyware just as they do viruses. As yet they do not but, there is a major need for it.
Now, many people will start rattling off the plethora of spyware detectors and adware look alikes but, the fact is that none of these programs is capable of detecting all of the various spyware in the wild. Additionally, since they are all small companies or free projects they aren't and will not be able to keep up with the flood of new spyware as it comes out. Only the major players like the present anti-virus companies will be able to do it effectively with frequent updates to catch the latest bugs.
Of course, the immediate solution is to not use Windows but, that is not going to happen and even if it did, there would be spyware for Mac and Linux after a while. It's getting to the point that the little voice in my head keeps screaming at me to block off all port 80 traffic.
10% seems very low, since your script can only diagnose users who allow ActiveX and scripting from the public internet I'd expect 50%+ of such users to be infected.
[Set Cain on fire and steal his lute.]
Something too many seem to find too easy to forget: there's a big world out there outside that Microsoft window...
A. Most Unix systems won't get infected and cannot be infected. Not only is it more difficult, the spyware perps write this stuff specifically for Windows.
B. There would seem to be an assumption here that 'all computers (in the world) run Microsoft Windows'.
C. Ad-aware does as well as an automated tool can do (hopefully), but it cannot kill the latest spyware variant, the automatic cloning program. These programs are scheduled to make multiple copies of themselves with different names and be deposited in different directories and then look out for each other. Should any one of them disappear, the others will quickly clone and replace the missing file and launch it again. Further, they incessantly monitor Windows Registry activity, and as soon as their 'autostart' (in one of the 'Run' keys) is removed, they will immediately replace it. As Ad-aware cannot deal with spyware that fights back like this, Ad-aware cannot defeat them.
D. A better estimate is not that one in ten Microsoft Windows computers is infected, but that a greater number are infected perhaps tens of times with thirty - forty spyware programs all competing for CPU. We recently had a customer completely oblivious to the issue until his XP idled at 100% CPU - that's how bad it becomes, through Windows being so easily exploitable, and through the average Windows Joe being so clueless.