Slashdot Mirror


The Average PC is Infested with Spyware

WoodenRobot writes "This article claims that Earthlink have discovered that the average user's PC has 28 spyware programs on it. More details can be found on Earthlink's spyware auditing page." Compare to a university study. The FTC is hosting a Spyware Workshop.

18 of 556 comments (clear)

  1. Typical. by GearheadX · · Score: 4, Interesting

    Is anyone really surprised?

    Most people see a certificate pop up, even if security features are turned on, and accept it as a matter of course. Most people don't even comprehend the concept of Spyware, the idea that clicking links in spam is a Bad Idea or that wearing a tinfoil hat won't protect you from the alien mind control rays.

  2. Claims Overhyped? by questionlp · · Score: 4, Interesting

    There is a news bit on Ars Technica that the claims are overhyped and the spyware scanning tool returns a lot of false positives.

  3. Confirms the obvious by lindec · · Score: 5, Interesting

    This confirms what I think most of us have known for a while. The average surfer using Internet Explorer or Kazaa (Overnet as well) is likely to be loaded with spyware. Kazaa alone can be held responsible for almost half of those infections I think. As one of the few knowledgable "computer guys" in my dorm, I spend a lot of time cleaning out mucked up computers. I see on average 10 or 15 nasty spyware programs, but I did see 1,500 programs and ActiveX goodies (I'd say maybe 200 of those were cookie warnings though) in this one computer I cleaned. The was apparently, an avid p0rn viewer with no popup protection or the like. Ugly... very ugly...

  4. Comment removed by account_deleted · · Score: 5, Interesting

    Comment removed based on user account deletion

  5. I don't doubt it by hords · · Score: 3, Interesting

    I don't think I have scanned a machine that didn't have spyware on it lately. I work at an ISP and our customers have so many spyware issues it's pathetic. We have tried to help them out by putting some good information in our newsletters about spyware and how to remove it (spybot/adaware) but it just doesn't seem to matter. People just don't know how to update windows/scan for spyware/viruses. It is pathetic. Windows really needs to be more demanding on the user to run security updates. And people really need to be careful when downloading programs. But, sadly this is very unlikely.

  6. Numbers are not surprising by unfortunateson · · Score: 4, Interesting

    Any given time I run Adaware after a day of surfing, I'll typically have 20+ adware cookies. And that's with IE6 set to ignore 3rd-party cookies. It's not something I fret about, 'cuz I've never gotten anything more serious than the cookies. So probably it isn't an average of 24 cookies and 4 spyware programs per PC, it's probably most people with 30+ cookies, and a few people with 10+ spyware programs.

    Really, I don't consider tracking cookies to be much worse than, say, RFID tags in all my $100 bills or Walmart purchases. It's a public network, people are going to watch.

    That reminds me... time to run Adaware again.

    --
    Design for Use, not Construction!
  7. Re:Lets hear your records... by David+E.+Smith · · Score: 4, Interesting

    Try working for an ISP.

    I do. We're a small shop, we'll fix your PC even if you're the one who f'd it up by installing Kazaa. Our current record, as reported by Ad-Aware 6.181 with a then-current reference file, is 1354. It's on a whiteboard near our workbench. This record has held for over a month now; the previous record was "merely" 950-something.

  8. Re:No problem for me... by mahdi13 · · Score: 3, Interesting

    That brings up a good question...how safe IS Linux from spyware?
    Granted more spyware is written for the Win32 systems, but with the increase usage of Linux and the way tracking cookies work...I wonder if there has really been an in depth look at if and how spyware can infect a system running Linux.

    You know it won't be able install any system services (unless your running as root), but what keeps things from making changes to ~/.Xsession or simular user level logon scripts?

    --
    "Some things have to be believed to be seen." - Ralph Hodgson
  9. Worst I've ever seen Part 1 by IWantMoreSpamPlease · · Score: 5, Interesting

    This was on a university PC, running Windows 98 SE.

    Using Ad-Aware, it found, and I kid you not: 22,485 units of spyware.

    The machine was so infested, it couldn't connect to the Internet (throough the university T-1 lines) because of all the pop-ups, redirects and what not.

    In defense of the machine, 11 users had profiles on it, which under Win98, merely copied everything (spyware and all) to the new user. But it was astounding all the same.

    part Two

    Same university, brand spanking new P4 3.0 Ghz Dell for a big-shot professor.

    8,000 units. The professor would click "yes" to every pop-up that came her way, not knowing/caring/reading, what it did. Then complained why the brand new machine was slow and needed a new one.

    After removing the spyware, and explaining what had occured, she nodded sagely, and went about her business.

    Next day I get a call from her...same issue, tons of popups.

    She hadn't listened after all.

    It's times like these I wish people like that would be given a Mac or BeOS machine.

    --
    So rise up, all ye lost ones, as one, we'll claw the clouds.
  10. Re:Good effort to fight spam and malware by malchus842 · · Score: 5, Interesting

    There's no doubt the survey is accurate - as an independant consultant, I deal with this all the time. I run Ad-Aware on badly behaving Windows boxes and show their 'owners' just what a mess they have. Record so far is 500+ items tagged by AdAware. Unreal.

    This problem is on par with SPAM and viruses, and consumes serious IT cycles to manage. My usual couse of action for any new client is: SOPHOS AntiVirus, pop-up blocker, AdAware, alternative browser (eg Netscape, Firebird), alternative email client (eg. thunderbird). Not to mention religious use of Windows Update, a strong permiter firewall and replacing NT/2000 servers with Linux boxes running SAMBA, themselves fully hardened agaisnt attack. Of course, SpamAssassin is a must on the mail server.

    It's a war. And I fight to win.

  11. Small Issues by fm6 · · Score: 4, Interesting
    You're right, cookies are not spyware. But you'll still get lots of flames from the Cookies-Are-Evil kneejerkers. And all spyware scanners look for cookies from known spyware companies. Stupid, but there you are.

    Plus some spyware scanners flag any kind of push technology as spyware. The theory is that vendors can use push software to force you to download stuff. Well duh -- any network-aware software runs that risk.

    Spyware has gotten so bad I never download closed-source software except from certain extremely reputable sources. And even so (I'm ashamed to admit) there's a bit of spyware that I can't seem to track down. Fortunately it only runs when I reboot (no it's not in any startup lists) and all it does is re-install a program called "readme shim.exe" (yes, that's a blank in the name) which itself is just a stealth spyware downloader. Fortunately, I can simply terminate "readme shim.exe", and not worry about it until I have to reboot (I hibernate when I'm not using the machine). No point in deleting the file -- it'll just come back. Scary that spyware vendors can get that clever!

  12. Re:I just tell my friends one word ... by the+eric+conspiracy · · Score: 4, Interesting

    Ad-Aware

    Ad-Aware is great stuff, however you need to be careful recommending in beacause of the low life scum at Ada-Ware. I had one of my friends install that by mistake.

  13. Re:one solution is... by sampowers · · Score: 5, Interesting

    Something strange I noticed last night looking for lyrics on a popular site, is that I was prompted to install a "Free Access Plugin" firefox extension.

    I tried searching google to find it again, but the only thing I'm finding is a page in german, which I'm not entirely sure is what I'm talking about.

    If I were one of my users, I would have clicked Install, because I'd be jawdroppingly retarded.

    The XPInstall functionality is a tradeoff between security and convenience, but just like IE's install feature, it's going to be abused.

    Hopefully standard unix security stems the tide.

  14. Re:Earthlink? How ironic. by MattyCobb · · Score: 5, Interesting

    I'm not sure about Earthlink, but I worked for BellSouth and our install CD basically included spyware. It didnt have ads or anything like that and its main purpose (which it failed at, miserably) was simply to collect customer settings so that when they messed something up they could simply "revert" to their last known good settings. It collected no marketing or advertising info. At any rate, it was classified as spyware by Ad-Aware. So i suppose it all depends on your definition...

    --

    Matt
    You have 1 Moderator Point! Use it or lose it! Is that a threat? -vapid
  15. Re:Not far from truth by Three+Headed+Man · · Score: 4, Interesting

    I reccommend Firefox to every single person I know. I run Spybot and Adaware pretty regularly, and haven't had a single bad thing turn up since January. Not a single solitary cookie. You can go into the Preferences menu and have it ask you if you want to accept a cookie. I deny cookies unless I know I'm going to need them to log in, like to slashdot. Like this, I've been free for a long time.

    In a related note, a friend who uses AOL and IE, and had the install for only 1 (one) year. After one year of usage, Adaware turned up three thousand things it deemed as "bad."

    --
    I'm probably at the karma cap. Mod up a funny troll instead, it lightens the mood :)
  16. Re:Not far from truth by spike+hay · · Score: 3, Interesting

    I agree with child poster. Just install Firefox. I use it. It uses less ram than IE, blocks popups, has a nifty built in Google search bar, has tabbed browsing (multiple webpages open in single window) and blocks annoying java and activex. Try it. It kicks the ass of IE, even with the Google Toolbar.

    Internet Explorer is a terrible browser. I'm amazed why so many people, even those knowledgeable about computers, use it. Just because it's built it doesn't mean it is better than the competition.

    --
    If you don't understand any of my sayings, come to me in private and I shall take you in my German mouth.
  17. Re:Good effort to fight spam and malware by omicronish · · Score: 4, Interesting

    Not to mention religious use of Windows Update...

    The scary part is that there are IE/Windows exploits for which no patches currently exist, so Windows Update can't possibly protect you in those cases. What's even worse is that those exploits are being used NOW.

    During the time when I naively thought IE would be perfectly safe with all patches, I came across an ad popup that downloaded and ran an executable. Yes, I was fully patched, I even checked afterwards. Turns out the popup got through using an exploit that currently lacks a patch. Luckily, file permissions saved my ass that time, but I'm switching to Firefox to be safe.

  18. average 28? by ende · · Score: 3, Interesting

    I'm a fairly saavy (hate that term) computer user, 20 years experience, professional web developer.. I know what to avoid, I know what to click no on, I have stop-the-pop on my win box.. I still have on average 40 different spyware apps installed on my box every week (between spybot and adaware) .. When ever I go over to someones house and run a scan for the first time, there are generally over 400... its getting outrageous.