Slashdot Mirror


Spyware Becoming Worst Tech Support Problem

teknurd writes "Wired has an article about the growing problem of computer users having to call tech support to get help removing all of the spyware on their computers. 'The fast-growing phenomenon is already responsible for more than 12 percent of all technical support calls in Dell's consumer hardware division, the biggest category of complaints this year, company representatives said.' Personally, I have had to remove this plague from the computers of several friends and family members."

12 of 814 comments (clear)

  1. Re:Just run Spybot by hattig · · Score: 5, Interesting

    That, and AdAware.

    So that they catch what the other one missed.

    If I was an OEM, I'd get a license from one of the companies to include AdAware/Spybot on the shipped systems and set it to run once a week. That's gotta be worth it to remove 12% of support calls!

  2. What a Crock by Doesn't_Comment_Code · · Score: 5, Interesting

    If I remember correctly from a previous article (3-6 months ago), Dell prohibits its tech support from helping customers remove certain programs that could be considered spyware. They are unable to do so because Dell, and some other suppliers have partnerships with the makers of the borderline spyware.

    What a crock!

    --

    Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
  3. Re:my experience... by grub · · Score: 5, Interesting


    I'm [network/unix/Mac/Novell/some windows] support for a ~200 user research place. Every Friday our Director of Research sends out a "what's up" email talking about various projects, etc. A couple of years ago I was asked to do a weekly thing called "Computer Corner". What I do is have a paragraph with a link to an internal webserver I run with more info.

    I did a spyware article a while back and on the server had some tools for installation complete with how-to's, screenshots, etc. Naturally some people aren't geeks and are a bit leery of anything remotely technical so we always offer to come do the work if needed. That happened only a handful of times.

    If you have a lot of users that approach may be helpful.

    --
    Trolling is a art,
  4. Joe Sixpack and TCO by mrneutron · · Score: 5, Interesting

    Last night I spent 3 hours at a neighbor's house on spyware patrol. He's a fireman who plows my driveway for free (he is Joe Sixpack personified), and I'm his volunteer tech monkey. I cleaned them all out 2 months ago, and now they were in worse shape.

    All 3 of computers were unable to surf the web. Teenage daughters had downloaded Kazaa, weatherbug, morpheus and others. I explained the dangers of spyware (and getting sued by the RIAA, hoping the scare them into ending the spyware party) to them last time, with predictable results. I also advised Dad to lay down the law (I'm not holding my breath).

    The 98SE box (yeah, I know) was completely hosed. Booted up, auto-launched about 8 different programs, auto popups, and would actually blue screen before I could launch a single app. I blew that one away, reinstalled from scratch, and ran Windows update (requiring 5 reboots) for close to 2 hours (ever run windows update after a clean install of 4-year old media? Not fun).

    And he has a hardware firewall and fast cable modem connection: this would have been impossible on dialup (and the clean install would have been compromised within 10 minutes without the firewall).

    After all of this, I had all 3 computers working fine, with up-to-date patches, virus protection, and an Ad Aware icon on the desktop. Also a lecture on the evils of spyware to the assembled daughters.

    I'll be back there in a month or 2, guaranteed. Let's hope for lots of snow next winter.

  5. Is there a real solution? by manavendra · · Score: 5, Interesting

    Spybot removal software is one thing, but is there a real solution to this problem?

    User's will continue installing software they think is cool, or hear about from their friends/colleagues - be it bonzi buddy, kazaa or anything else. Pretty soon they'll start facing problems - the computer would begin to be unresponsive since kazaa is eating all the cpu, searches in google fail because IE is redirected to SearchScout, or whatever else you have/

    Cure is one thing, what's the prevention for all this? And I ask this, not for informed, knowledgeable users, but naive home users who don't know any better?

    No M$ bashing please. I have heard of several tools that keep track of what's installed and the changes to registry, but haven't come across anything will a simple interface and a "knowledge" of most common spyware (possibly updated frequently from a public server). Such a tool would at least make the customer support job easier!

    --
    http://efil.blogspot.com/
    1. Re:Is there a real solution? by david.given · · Score: 5, Interesting
      Cure is one thing, what's the prevention for all this? And I ask this, not for informed, knowledgeable users, but naive home users who don't know any better?

      There isn't one. I'm afraid it's that simple.

      The real villain is the computing model used. Windows (and Unix, and OS X) has a pretty simple security model: programs are either trusted, where they can run and use local resources, or they're not, in which case they can't.

      This means that in order for the user to execute ThisMayBeAGame that it's downloaded from some random web site, the user has to tell the OS to trust ThisMayBeAGame. At which point the user is screwed, because it's got no way of determining what ThisMayBeAGame is actually doing.

      ...and before you jump on me: yes, I know that all the operating systems I'm talking about support fine-grained access control. Unfortunately, it's only in some areas. Linux only supports it in the filesystem. You can restrict a process to be able to touch some files only, but you can't restrict it to being able to open sockets to certain addresses only or to use no more than X mips of CPU time. Window is even worse because most people (myself included) disable file system access control entirely because it's just too inconvenient; the default user can do anything. I don't know about OS X but since it's based on BSD I assume it's like Linux.

      ...and yes, I know that you can get high-security patches for some operating systems that do provide this sort of control, but they're not used.

      What's needed is a radically different computing model. Instead of a brittle system where all running software is trusted and you have prophylactic systems in place to distinguish between trusted software and untrusted software, you need a failsafe system where it simply doesn't matter if you run malicious code because it can't do any harm.

      Managed systems like .NET and Java are a step in the right direction but things need to go much further. Imagine a computing system where your desktop computer simply provides computing resources to a whole ecosystem of interacting software agents. Some of these you put there; some of them arrived as part of other people's documents; some just wandered in off the local network. Some of them may be helpful, some may be malicious. They're all managed by a high-level system that doles out system resources depending on what the user's doing. An agent that's attached to the screen gets more CPU time and real memory than one that's not. An agent that's resident on the machine's local storage gets storage space, an agent that's arrived from the network doesn't. A transient agent can only make network connections to a host if it can present proof that it actually has something to do with that host... and so on.

      Such a system would be far more resilient than the current ones. It would also work rather differently, but that's no bad thing. A lot of security issues would simply go away. Of course, there would be other problems that you wouldn't get with one of today's system --- notably, your software ecosystem would waste lots of resources --- but I think that's eminently affordable.

      Now, I suppose, all I have to do is to go away and write it...

  6. Re:my experience... by jamonterrell · · Score: 4, Interesting

    That's interesting. I usually stick with ad-aware, but decided to evaluate some other products for use at work. Within 2 minutes of installation (The first time I ran IE afterwards), I had a popup from gator come straight up. I'm not saying without a doubt that spywareblaster contains gator from the original source, but the copy I got my hands on snuck gator in. Anyone else seen this? Did you download your copy direct or from a download mirror? (Also interesting to note is that spywareblaster, as of the last version I saw, did not detect gator as spyware.)

    --
    I can count to 1023 on my hands. Ask me about #132.
  7. Re:Just run Spybot by michelg · · Score: 5, Interesting

    I can attest to the fact that some sites that are using those horrible ActiveX install popups are now also including XPI popups as well, at least for firefox in win32.

  8. Odd... money to be made isnt being made? by Serapth · · Score: 5, Interesting

    There is one thing I cant figure out here. Spyware is the next big thing after virii... why havent the big anti virus companies gotten in on the action? I mean, how much more work would it take a McAffe or Symantec to add spyware detection tools and removal software to their current products? If you think about it, the only big thing that distinguishes one AV company from another is there response times to a new virus. Wouldnt this be a very sellable feature?

    On the bright side, the big kids staying out of it, allows little guys the like LavaSoft ( ad-aware ), to carve a niche for themselves. However, in a lavasoft type company gets smart and offers virus removal in their tool aswell... why would you not get the do it all tool, instead of two pieces of software?

    Its always funny watching big commerical companies miss the boat on stuff like this though :)

    Also, I may be wrong, their may be an AntiVirus product out there that deals with SpyWare. If there is, please let me know!

  9. There is a rather simple fix by SilentChris · · Score: 4, Interesting
    Permissions are you friend. We had a spyware/virus situation in our office until we instituted a new policy: no one has install permissions. You want to install stuff, come to us. You can download all the crap you want, you just can't install it. Complaints will get filed in the circular bin.

    We coupled XP permissions, SUS (godsend, that thing) and NAV Corporate. NAV updates everyone's definitions as soon as they come out. SUS sends out updates nightly (usually a few days pass after they're issued by MS so we can test and approve them). Firewall keeps dump RPC requests out.

    Since then: no viruses, no spyware. Time taken to set up all of the pieces: a few days. Money spent: XP licenses came with new machines, NAV cost a couple grand, SUS was free. Time and frustration saved: priceless.

  10. Re:Should be integrated into AV software by abrinton · · Score: 4, Interesting

    Funny, it is integrated into McAfee. I use it in my 100 person company and it works pretty well. The feature is called "Find Unwanted Programs" or something. It's all set up with EPO so I know every desktop has it, and nobody can turn it off. Catches most spyware, and McAfee is good about updating.

    There is one major drawback. McAfee decides what is an "unwanted program" and you can't change it. It stops some tools that I would rather it didn't. However, I've found this trade off to be well worth it as I spend exactly *nill* time cleaning spyware.

    I get calls all the time about the "virus" someone or other just got though.

  11. Does Mike's Ad blocking hosts file cover this? by British · · Score: 4, Interesting

    If a bunch of spyware sites are set to a certain # of hosts, can we just make them resolve to 127.0.0.1 with a nice custom hosts file?

    I know mike's ad blocking hosts file does it for pop-ups, but what about stuff like bonzi buddy?

    If so I'd like to put it on my dad's computer. Problem is, a lot of little rinky-dink apps he downloads have spyware just piggybacking on it. Then again there's a few utilities that take care of that.

    Ahh i can see in a few years we'll have a nice internet that will blindfold themselves to such malicious sites.