Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spyware on One in Twenty Computers?

Posted by michael on from the PEBKAC dept.

SpaceDonkey writes "New Scientist reports that researchers at the University of Washington carried out a scan of the campus network for signs of spyware. They found spyware lurking on more than one in 20 machines and also discovered a serious vulnerability in two of the four spyware programs they looked for."

13 of 400 comments (clear)

  1. Spyware flaw by guacamolefoo · · Score: 5, Funny

    The flaw that they detected was undoubtedly that the spyware could be detected. Duh.

    --
    Lots of petrified grits
    1. Re:Spyware flaw by gid13 · · Score: 5, Insightful

      Funny, but makes you wonder how much was there that they didn't detect. And as much as I love Spybot S&D and to a lesser extent Ad-Aware, I wonder how much they miss.

    2. Re:Spyware flaw by OECD · · Score: 5, Funny

      It's not exactly a representative group, is it?

      New Scientist reports that researchers at the University of Washington carried out a scan of the campus network...

      The same researchers noted that 90% of all computers have an inordinate number of "Phish" MP3s.

      --
      One man's -1 Flamebait is another man's +5 Funny.
    3. Re:Spyware flaw by rixstep · · Score: 5, Interesting

      Something too many seem to find too easy to forget: there's a big world out there outside that Microsoft window...

      A. Most Unix systems won't get infected and cannot be infected. Not only is it more difficult, the spyware perps write this stuff specifically for Windows.

      B. There would seem to be an assumption here that 'all computers (in the world) run Microsoft Windows'.

      C. Ad-aware does as well as an automated tool can do (hopefully), but it cannot kill the latest spyware variant, the automatic cloning program. These programs are scheduled to make multiple copies of themselves with different names and be deposited in different directories and then look out for each other. Should any one of them disappear, the others will quickly clone and replace the missing file and launch it again. Further, they incessantly monitor Windows Registry activity, and as soon as their 'autostart' (in one of the 'Run' keys) is removed, they will immediately replace it. As Ad-aware cannot deal with spyware that fights back like this, Ad-aware cannot defeat them.

      D. A better estimate is not that one in ten Microsoft Windows computers is infected, but that a greater number are infected perhaps tens of times with thirty - forty spyware programs all competing for CPU. We recently had a customer completely oblivious to the issue until his XP idled at 100% CPU - that's how bad it becomes, through Windows being so easily exploitable, and through the average Windows Joe being so clueless.

  2. Type by GabeK · · Score: 5, Funny

    Isn't that supposed to be 1 in 20 WITHOUT spyware?

    --

    [sig] 10 + 10 = 100 [/sig]
    1. Re:Type by spikev · · Score: 5, Funny

      Yeah, because it's about 1 in 20 that don't run windows.

  3. Ad-Aware by amembleton · · Score: 5, Informative

    Download yourself a free copy of Ad-Aware from here. I ran it on my computer the other day and it found 22 infected files, that it cleaned up for me :)

    1. Re:Ad-Aware by amembleton · · Score: 5, Funny

      Not sure if this is the norm, but a fresh XP SP1 install followed by installing Spybot S&D from CD normally yields at least 10 problems. This is before the computer has been online.

      What do they count as spyware?

      Windows XP

  4. That seems like a low percentage by Lotek · · Score: 5, Informative

    I'm a tech for a medium sized publishing company, and I find that the first thing I do when I get complaints of slowness and random unexplained crashes is to run spybot. In roughly half of the systems I check, I can find some kind of spyware.

    1. Re:That seems like a low percentage by wfberg · · Score: 5, Interesting

      Here's a quick test. Ask the user if they've ever heard of SpyBot or AdAware. If the answer is unsatisfactory, they've got spyware. That includes your mom.

      5% is WAY low. Even I got infected (an app on tucows was listed as freeware, but turned out to be ad/spyware), even if you don't coun't cookies and GUIDs..

      Did I mention that AOL Instant Messenger now comes with spyware? That re-installs itself? And adds "free.aol.com" to IE's "trusted zone" so new stuff installs *without a prompt or warning*.

      --
      SCO employee? Check out the bounty
  5. And this just in by ferralis · · Score: 5, Funny

    In a totally unrelated story, it appears that at least 4 out of every 50 computer users surveyed have had an encounter with "spam" emails in the last two years.

    Stay tuned for the next ground-breaking story about the near 100% mortality rate suffered by humans and animals exposed to di-hydrogen monoxide!

    --
    Any generalization is a stupid one.
  6. Spyware? You mean data collection? by Anonymous Coward · · Score: 5, Funny

    Cookies are spyware.

    Dont accept cookies. Ever.

    That is all.

  7. Effective combination... by Fez · · Score: 5, Informative
    I work at a computer repair shop, and nearly every single computer I work on has some degree of spyware. The best combination of tactics to kill spyware that I've found is as follows (All in Safe Mode, of course):

    There's not a lot to be missed after that. Process Explorer is also good for finding processes running that might not be of obvious origin.