Slashdot Mirror
New Tricks from Browser Hijackers?
Fortunato_NC asks: "I'm the IT manager for a small business that delivers its service via a browser-based application, and we take around two dozen to three dozen tech support calls from users each day. Many have something to do with pop-up ads making using our product nearly impossible, which is odd, since we don't have any advertising on our website. Of course, it's spyware causing the pop-ups, and we recommend using a product like Ad-aware to take care of the issue. However, not everyone gets the message.
Today I was on a client's computer using WebEx helping them remove yet another 'browser helper'. The uninstaller for this program consisted of running no fewer than four separate programs, each of which forced closed the Internet Explorer windows, killing the WebEx session, and making it very difficult to service an already upset client ('What do you mean I have to join the meeting AGAIN?'). It seems as if this product anticipated the need to have someone remotely help the user remove it and went out of its way to make that task nearly impossible. Has anyone else on Slashdott encountered spyware or malware specifically designed to make life miserable for *remote* support techs? What other nasty tactics are spyware authors using that you've noticed?"
Tell your users to use a decent browser instead of IE (Firefox, Mozilla, Opera, whatever). Let them handle their spyware infestations themselves.
1. make your browser application fully standard compliant
2. tell users with problems that the problem they are experiencing is beyond your control and has to do with IE and Windows sucking so bad.
3. Let them know that CERT recommends they use something else than IE like Firefox.
4. tell your clients that with Firefox their unwanted popups will never appear.
Why not stop requiring your clients use IE to get support? That help?
-- 'The' Lord and Master Bitman On High, Master Of All
You think just because you're using a web browser tool, to remotely access a web browser, to remove vermin, is a design decision on the vermin designer's part?
Hate to break it to you, but when you've got a broken arm, you don't usually use that arm to set the bone.
Ever heard of non-browser based remote access? Like VNC, pcAnywhere, NetOP or remotely possible?
It has nothing to do with this vermin's author being clever, you're just using a not very optimal tool for your removal of that vermin.
I've seen windows rebooting as soon as any user logs in (even safe mode). I've seen the media player exploit and Media Player added to HKEY LOCAL MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\RUN. So that the adware reinstalls its self even after running AdAware. I've seen a giant - full screen Active Desktop Ad advertising spyware removal, it even covers the taskbar. I've seen files that cant be deleted from the command line in the recovery console. Windows is the most insecure thing I've ever seen. What I want to know is if someone smarter than me can make a Knoppix like disk, that will read NTFS, run Adaware, CW Shredder, and an online scan like housecall.trendmicro.com and fix all the problems. Barts PE works ok for the purpose, but Knoppix is faster and more flexible.
Doesn't work remotely, but seems to get pretty much all of them.. However, I have seen in the last month one or two running even in safe mode on Win2k. As soon as you reboot back, they re-install about 10 more. Thank god for norton ghost for those nasty ones.
On a side note, is there a huge list of IP's that these spamware come from, or report back to, or whatever? Sure would be handy to ban those IP's at the router..
What are we going to do tonight Brain?
Making sure your web application works in most browsers is ofcourse sound advice but requires you to hire programmers and designers who know their business. You would be suprised to learn how many sites are setup by some frontpage kiddie. Or worse ASP kiddie. Ugh. They wouldn't know about cross-browser capabilitie if you hit them with the IE open-bug log.
And they would be spending all their time telling their client that IE is the default browser and that coding for the others is not worthwhile because if they don't they are out of a job. As to the market share of Mozilla and others. Supermarkets in holland are involved in a prize fight over 0.1% market shares. Denying browsers other then certain IE versions is like turning away full percentages of customers at the door. Doesn't make sense does it to fight for fractions and then refuse them entry.
Frankly there is no solution, if this tech manager has made sure that his web page can be accessed in every browser (if he hasn't he is beyond help anyway). He can't force his clients to switch browser (clients with a clue will have switched by now and no business can survive turning away the clueless braindead zombies that are still on IE), he can't stop spyware, he can't ask his clients to install something like vnc (or ensure that vnc isn't killed by spyware). He is screwed. Maybe he should sue MS for putting him out of business and costing jobs. Closed source IE costing jobs. Oh well, it made me laugh.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
While I don't have any direct evidence of browser hijacking causing this (yet), it would not surprise if the the scumbags of the world are using this approach. In brief, referrer log spamming is causing the spammer's site (typically an adult/porn one) to be listed as the referrer (via HTTP_REFERRER) with the hope that the target web site will publish their web logs and the spammer will benefit with a link and/or more traffic - read more about referrer log spamming here. And these guys are smart enough to have "zombie" PC's do all the work for them, so some sort of browser malware would be one approach they would try.
Hulk SMASH Celiac Disease
Since I'm betting 99% of your users will be using Windows, why not just use netmeeting? Our techs have been using it for quite some time and never have a problem getting rid of spyware with it, since it's not browser based.
I seen this problem before, the trick is hardly unknown. And yet there seems to be very little movement in people switching browsers. Sure a lot of noise is made about it here but just look at the statistics. How much did IE loose in a recent /. story? 1% wasn't it. OH WOOPIE. That was right after one of the biggest security hits in the history of computing (several regular sites being used to steal information and forward it to criminals) that was only stopped because it was to successfull and the receiving server was overloaded.
Of course I don't know if the guy with the problem has an IE only site, I was only speculating, but I have argued this point in the past with customers and employers and it rarely gets across. I found that the only way to reliable create a cross-browser site is if I am the person in control and then to just do it. Don't mention it, it doesn't cost any extra so no need for the customer ever to known his brand new site works with every graphical browser on every OS (well linux windows and OS-X) and can even be used with links. (lynx is harder)
I never ever had a customer or employer ask for cross-browser compitabilty let alone cross-platform.
My answer nowadays when people ask me about obvious MS caused spyware/trojans/virusses/bugs. "I don't know."
I used to recommend firebird or opera. And everytime I get repaid by having them complain to me that site X doesn't work anymore. Worse when I used to remove spyware they complained about their missing desktop toys. I only did that a couple of times. Waste of time.
Fat people don't listen to advice on diets, drunks don't listen to advice on not drinking, windows users don't listen to advice on security. If they did they wouldn't be fat drunk windows users.
BUT you could restore my faith in mankind, well womankind at least. Did your customer switch browser? I bet my cynisism against a shred of hope for the human race she didn't.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Then you're screwed. Get used to it.
The Ludwig von Mises Institute. The reasoning individuals economics
I've actually had some malware that gets into the system like a tick...
Not only is it set in the Hkey\..\run, but I had one that stuck it's html based install into the windows active desktop folder, so once the computer was "clean" it reinstalled itself on reboot...
I've even seen a few where if you try and use AdAware and the first thing you need to do after downloading it onto a new system is to update the REF. file... but adaware said no updates... Finally, I had to use another system to get the updates, put them on a ftp site, and pull the updated REF file from the ftp (or shared drive would work) because the malware blocked the adaware updates!
What I think is funny/sick is that if the author(s) of this crappy malware type software actually spent as much time/effert into a GOOD PRODUCT as they put into making it's removal difficult (my.search, etc...) then they would probably have a great product and people would enjoy using it, and maybe even give them legit business... Not trick people into installing it because it sucks so badly!
Of course the simple answere would be:
boot Dos-format-reinstall (or reimage...)
--- Relax, that mass muderer is just trying to reduce our carbon footprint, one fetus at a time...
I just got finished fixing an employees home computer because WindowsME (ugh..) would show the splash screen and then reboot. Start the computer in safe mode? Nope, it would get to loading the desktop and then blue screen (windows protection error, please blah blah blah). .001 to .exe and rebooted, I re-ran ad-aware and it found an additional ~200 spyware items that it could not find the first time!
Anyways once I got the the pc running I ran Ad-aware and it found ~70 or so items and removed them, however I had to remove one file that Norton Anti-Virus detected, that ad-aware missed, in the windows folder and I noticed an explorer.001 file. I renamed
NOTE: Ad-aware does not check the c:\recycled folder for spyware, however Nortion Anti-virus does...
Chop
Which isn't always a bad thing.
There are customers who make you money, and there are customers who cost you money. It sounds this customer (the client requiring several WebEx sessions) is a money pit.
Now there are several good reasons to take a loss on a particular customer--large clients often grow from small clients, good clients come from referrals made by bad clients treated well, you don't want your support staff bailing on tough calls with the excuse, 'oh, this customer is losing us money' (that's a call for the bean counters, not the support or tech folks).
So, let's presume the company is losing money on such high-maintenance clients. Let's also presume the company is not willing to just let their business go. What do you do?
You do your homework! Boy Scouts' motto, Ounce of prevention, pound of cure, stich in time, and all that. Take a machine off the company network, do a standard client install, dial-up to the internet, and let the ad-ware be your guide. Install whatever it is you keep having to uninstall for your clients. Then document the steps to uninstall.
Rinse and repeat as needed. Go through the permutations of OSs, versions, and browsers to cover 95% of your client base.
Now, you still have clients with ad/spyware issues, and your support staff is still helping them out. For those that don't know but can learn, you put your documented cleaning routines on your web site or at least have a formatted email ready to go when the call comes in.
Those that can't follow the written directions, get the walk-through on the phone, but now 1) you don't sound like you're making up as you go along. Bad clients are more likely to become good clients when you have a solution on hand and ready to go. And 2) you can pass that job down the chain so you lose a little less money on that client.
I'd love to let go of some of our customers, but the nature of our product is facilitating a data exchange between customers, so letting customers go would diminish the value of our product. Plus, the customers who are "trouble" are also the same ones who are likely to have data to report to us.
We have a well developed set of internal procedures, but this particular piece of spy-crud was one we hadn't run across before. I do have a "field guide to American Spyware" that I distribute to all our sales reps and customer service folks, but some calls still end up back in the tech department. We'd rather be writing code than doing tech support, no doubt, but ultimately keeping the customers happy keeps our business growing - and it is growing - we've had record volume the last two months and are on pace to break records again this month.
Blogging Weight Loss, Distance Education, and more at verlin.com
It reminds me of something, but I can't remember what.
I run a computer service, solutions business. Sometimes when a client has a problem such as the one you were talking about, rather than drive the 40 miles to their house I have them install something called TIGHT VNC. it allows complete remote usage of their system without any kind of annoying setup or anything. simple 2 meg file that i have them download from my ftp. the installation is as simple as telling them to click next and then they pick a password and you can go to work. You also don't need the program to access their computer( acts as a java webpage if you use a browser). the only problem you may run into then is a firewall. Even if they have a router, half the time the firewall is not even turned on by default( they are calling you, so i doubt they even know it exists). http://www.tightvnc.com/ is the site where you can get the program and it is open source. hope that helps
Interwise is a much better application than WebEx, and also runs in a seperate window (so that closing of IE won't matter at all)
Check this out. Computercops is a site which can answer most of your questions, plus there are utilities writeen for almost every kind of spyware removal.
Most (all?) of the VNC derivatives inherited the VNC Client "Listen" mode and VNC Server side "Add Client" command. I've used these a couple times when the other person has (or I suspect has!) a NAT to get through.
Assuming that you can configure the forwarding on your personal network correctly (I think listen mode is port 5400, but look it up), you can set your workstation to "Listen" for new VNC connections from your client's computer. Your client initiates the connection from their VNC Server program - right click, yada, enter remote support IP address, yada, yada. This nicely solves most of the common networking/port forwarding issues. It's also a heck of a lot easier than stepping someone through logging into a router and setting up port forwarding. It's a good design choice that VNC uses a single port, or else this wouldn't work very well!
Of course, it's spyware causing the pop-ups, and we recommend using a product like Ad-aware to take care of the issue
Adaware and other canned products will usually work fine for well known problems. For the latest threats you need someone who is skilled enough to research these problems, hunt them down, etc...
we take around two dozen to three dozen tech support calls from users each day. Many have something to do with pop-up ads making using our product nearly impossible
If the client is having a client side problem with popup ads, then why not charge for your service or refuse to troubleshoot the problem? I assume of course that your web server has not been compromised.
A few things to consider are:
1. is the end user using a "power user" or administrator account? If so I would suggest that they set up a regular local/domain user account - this account. The "power user" and administrator accounts give the end user the ability to modify the OS and registry big time. You really cannot blame the "evil empire" if people's pc's are getting hosed because they have administrative rights and are clicking in unsolicited links, OKing every popup window they see without reading them etc...
2. Educate your customers about using the web securely - if needed, contact their IT dept and explain the problem.
3. Most (Windows) people dont patch their machines - educate them about this - while the evil empire is usually slow in issuing patches, old patches are better than none at all.
One last thing - Windows/IE is targeted by crapware writers because of its popularity - this is why you do not see anywhere near as many *nix/mozilla infestations etc... Lately many sites have been advising people to dump ie and use mozilla instead. If mozilla grows in popularity as a result, expect to see malware targeted for this too.
X
Somewhat offtopic, I know, but using ASP has nothing to do with how compatible your site is likely to be.
I've been using ASP, PHP and Perl for the past few years on various projects, and recently won a UK accessibility Best Practise award for a huge ASP project - my point being that ASP and compatibility are not mutually exclusive! In fact, you find many more "web kiddies" using PHP than ASP, which requires small enterprise-level systems to do anything useful with, realistically.
Now the very interesting thing about the accessibility award is this:
I didn't do anything hugely complex to make it cross-browser and W3C compliant - I simply followed guidelines. This says to me that if I'm supposedly one of the top cross-browser, accessible developers in the UK right now, the majority of web-shops obviously don't know shit, and *that's* the problem.
Also, frequently, developers know full well how to make a site compatible with all browsers, but when they ask for an extra week to fix CSS, layout etc, the client tells them that the non-IE market is unimportant. A bad idea, since on a large site even 1% can be thousands of potential customers, but hey, that's middle management for you.
cleaning up the neightbor's PC - again.
The 50th bottle this year. I've also earned 10K$ in fees.
Thanks to the hijackers. They provide me with income and booze. What more can one want ?
What's actually worrying me a lot more than spyware hijacks are active scripting tricks.
We've encountered a lot of these recently, using compromised IIS5.0 pages (innocuous sites)--you can read a high-level overview here.
People are hijacking sites and leaving them as-is, but appending malicious scripts. The sites are innocuous enough for average users to access regularly, but they take advantage of various IE exploits, such as Download.Ject and friends.
The MS patches for ADODB stuff aren't too widely used in a lot of outfits as they can break lots of bits and bobs of the help "system" in Outlook and other vaguely browser-related toys. I'm currently doing some security work for a large corporation, and am having a demon of a time just trying to figure out with application testing people which MS patches do exactly what, what they break, etc. Ah the joys of using high quality commercial software backed by a reputable vendor.
It's not just IE either; there've been a number of browser vulnerabilities released recently, albeit more to do with spoofing or redirects than actual remote code exploits. For Joe Average, though, the result will be nearly as serious (for example, if cnn.com prompts him to click 'yes' on a popup he may do it, when he would not for a random porno site.)
To be fair to Microsoft, their local security guys are being extremely cooperative and helpful just trying to sort out the mess.
Cole's Law: Thinly sliced cabbage
There is always someone out there sadly bored enough to make everyday user's lives miserably. In this new generation of computers and ability to browse many fold faster than 10 years ago a responsibility is needed on one or both parties to keep things running somewhat smooth. Malware/Spyware/Adware/Trojans/Scripts and anything else that can cause grief in ordinary user's experience is more often cause by the ignorance of PC operator. 85% of all computer users in the world now just want the thing to work. Very few take the time to actually figure out what is going on and much less want to learn how to fix. I myself working with computers for 10 years now have spent the most recent 2 years dealing with customers who just freeze when something happens that is out of the ordinary and don't know what to do when that change comes around. A few things to take into consideration for every user; experienced or not: 1.) Yes MSIE is probably the most common used browser application and many dislike it because of its deep roots to Microsoft but it really is not a bad program as long as you know how to tame it and take care of it. Locking the browser down by denying third-party applications, fully disabling all Java, ActiveX, and other scripts, clearing out the internet cache, and simply just saying no to mysterious confirmation windows will keep MSIE running in 'tip-top' shape. 2.) Removers and cleaners. They are definitely a must have. And since those people who make Malware give it to you for free so are the cleaners that remove them one way or the other. Spybot Search & Destroy (Spybot 1.3) one of the foremost leading pieces of software I personally use and trust dearly to help keep my machine and all my customer's clean. It now comes with a full wizard to aid anyone in using it. Ad-Aware 6.0 Pro is in my opinion right behind Spybot 1.3 with its less malicious approach and easier on the eyes GUI. This application working hand-in-hand with Spybot 1.3 is bound to remove up 95% of all common occurrences of Malware/Spyware and the likes. HijackThis (use at your own risk and not for the everyday user). If you are an Administrator and want to educate your employees get used to this program as it can if you aren't careful removed some much needed lines of registry code. This application looks in several different location in the registry to report the lines there. The most used part of this is to narrow down what is or isn't starting up that shouldn't be. This is a grown up version of Mircrosoft's MSconfig that is excluded in Windows2000 for some funny reason. For Die-Hard Microsoft users (i.e. those who don't use Linux nor want to know how but aren't in the know of all this) try using the new release of Service Pack 2 RC2. Granted it isn't a supported release but it does have its benefits. I have tested it out and like it just enough to promote it to you. It does some wonderful things in rewriting code to lock down MSIE and give you no choice outside of an annoying warning that you system could be vulnerable and activate your firewall and automatic updates. Now the last and final thing is to keep your machine up-to-date no matter the case. As much as this sounds like I use Windows more than other Operating system the one thing I have learned from Linux is that an non-up-to-date machine is an unhappy machine. This means schedule Automatic Updates to handle the downloading and installation of hotfixes. All-in-all with time and practice this can become second nature. It has for me because it is my job and I enjoy doing it. There is always something more to learn and I would like to hear if any of you have more to offer. And I know many of you would rather people just give up and use another browser but I believe that more would like it to work than find a work-around.
In fact, we're specifically prohibited from even suggesting to users that they use an alternative browser because it'd be a bigger support hassle for the desktop support group.
Several points.
First, you are wise to standardize on a browser to help reduce support costs, supporting IE+Mozilla/Firefox will cost more than supporting IE, on the surface. But wait - there's more!
While it costs more for support techs to be trained in both browsers, what if the Mozilla/Firefox users put in fewer trouble ticket calls for support?
It might just be that the cost of supporting IE+Mozilla/Firefox could be less than supporting IE!
Which then leads naturally one to consider whether moving all users to Mozilla/Firefox might lead to even greater savings.
Especially if you consider long term savings from internal web site developers creating content that is more W3C standard and less specific to IE version du jour on Windows OS du jour, things which will surely change.
OK, so don't suggest to users they use a different browser. Instead, do what you're supposed to do: evaluate Mozilla/Firefox in your testbed development department and see for yourself, before you even consider deploying it, whether it makes sense from a business perspective. And ask yourself what the true overall costs are of IE in terms of spyware, adware, security lapses if proprietary information about your business were to leak out, and how much downtime and loss of productivity users have to endure if they have to turn off Javascript, etc.
Then, when you know the answers for your business, do a roll-out and tell people not to use anything but Mozilla/Firefox!
BTW, in my environment it turned out that Mozilla/Firefox supported a lot more web applications than most people expected. Sites would say they needed IE, but it turned out that Moz worked fine. In fact, one of the few web applications that broke under Moz/Firefox was one that relied upon a broken old DOM model for Javascript that origined back in the old Netscrape 3 days.
"Provided by the management for your protection."
Someone needs to create a one click install via a popup for Firefox, then you just put that popup on your site and wait until they inadvertently fix themselves.
Brilliant idea.
To quote something I wrote nearer the time on a different forum
Just that I seen to many frontpage/asp sites that where so badly made by kids (people younger then me) that I tend to generalize and put all asp people in the same basket. Not right but it saves time. There are plenty of wrong PHP sites as well but at least PHP doesn't have extensions built into it that are windows only.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Everyone has spyware, and it shouldn't be your personal problem to get rid of it all.
Or, if it is, you tell your clients that you'll get rid of their spyware -- but you do it your way. That is, they pay you, mail in their computer, you send it back with a new hard drive with Linux installed and all their documents/programs copied over. You also send back their original hard drive in case they don't like it.
You also send them enough manuals that it's unlikely that they will ever have spyware installed again, even Linux spyware (does such a thing exist?), because they will be using the package manager to do all software installs.
That way, it's more likely that the customer will be happier in the long run, you will gain money from them rather than lose it, and you will never have to directly fix spyware issues again.
BTW, a "well developed set of internal procedures" should include a procedure for stuff you've never seen before. That's why antivirus software is, for the most part, much worse security than installing something like Linux, with no firewall or antivirus.
Don't thank God, thank a doctor!
Tell them "it sounds like your hard drive crashed". Then they will go out and buy a new computer, and that will keep them too busy to call you.
but if you can get an alternative browser to work well with your products, couldn't you then wrap it up in another ball of wax, call it the enhanced security version, and swap your company's logo for the alternative browser icon? As much as this is a pain in the ass for sellers, it's way more of a hassle for users. It's a selling opportunity as much as it is a business obstical. Then you guys will have something really special the competition doesn't.
yet down at the bottom, it shows CPU usage at 17-82% up and down, over the course of a few momments whereas last week, this was not the case, cpu usage matched the opposite of idle processes..
there is something here, that is hiding from task manager, and at least according to my firewall, it's not trying to connect to the internet at all..
I thought it was a malformed svchost-having found some weird versions, but I have not found it yet...
coincidentally, can anyone tell me, when sun java is installed, does that 15 meg download really expand to 106 or so megs?
I removed all my java listings, and reinstalled, it came back that large....
I will tell you all something I discovered that I found amazing, zonelabs in/out red/green traffic meter shows no activity for a windows media player stream inbound to my machine.. why is that?
every day http://en.wikipedia.org/wiki/Special:Random
as much as this sounds like flamebait... it's not.
it's not the spywares fault your webex session was getting closed. I've used this program many times before and it sucks that you have to keep IE open to use it. But it's not the spyware coding that leads to your problems... it's IE! First is the argument that IE just plain sucks. Well, it does. But more then that, if you unload a module you, most of the time, have to restart IE to get around the fact that you can't unload modules from IE easily.
If you are looking for something that works exactly like WebEx, but doesn't need to keep it's IE client open, check out GoToMeeting, from Citrix Online (I dont' work for them, I swear...). I switched a while back and couldn't be happier.
And that turns out to be the Homeland Defence Office.
they're the ones who suggested that people (read: the government) start moving away from IE. The fact that it'll cut down on the most onerous of the support hogs is only a bonus.
(honest!)
Even better yet, you could point out that all of these support calls are an example of why Motherland Defence is suggesting a move away from IE. These nasty spyware progs might just as easily be snooping government passwords, etc., but there's no time to check them all for that.
Free Software: Like love, it grows best when given away.
One of the nastier ones I've dealt with lodged itself as a subkey in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify. Of course you couldn't delete the file because it was in use. You couldn't kill it because it was a DLL loaded by the winlogon process, which you can't kill. Attempting to remove it from the registry just triggered it to put it right back.
Ended up booting to recovery console and deleting the file there so it wouldn't load, then was able to remove the entry from the registry.
A quick Google search reveals it as "Look2Me". More info here.
Give me my freedom, and I'll take care of my own security, thank you.
... and comparisons, it is important to identify both the browser and the underlying OS it's stuck to. IMO, and I've said it many times lately, having a windows port of mozilla is pure-D *nutz*. They should cease and desist and let windows and explorer users finish the crash and burn completely. There is no sense, logic or profit into supporting and propping up a company with 60 billion in the bank and a corporate mindset that starts with F-U and goes nastier from there to the consumer. There are going to be more and more problems with this well meaning but misguided enabler crutch effort that the windows port represents until some huge show stopper bug/glitch/worm/back door whatever occurs, and mozilla, and therefore open source in general, gets tainted very badly. Then people might understand this in a long term strategic manner. they are confusing a short term tactic with long term strategic thinking, in fact, just plain ignoring long term strategic thinking.
/.
When the homeland security guys recommended switching browsers lately, they would have been *forced*, repeat forced, to not only recommend switching browsers, but torecommend switching the entire operating system if the moz and firebird ports hadn't of existed for windows. It would have been clear there was no rational alternative *but* to switch. Instead, nope, friendly mozilla pulls microsofts chestnuts out of the fire,and microsoft laughs at them all the way to the bank. And MS will keep doing this as long as it takes,as long as they get this hard work given to them, because they are getting a billion dollars worth of free quality programming. It's like Yugo getting free Ferrari engines when their's barely run, oOF COURSE yugo would take them--but it will never make a yugo a real ferrari, something else will keep breaking on it,over and over again, won't it? So what's the point again?
To a lot of people, advocating that folks on windows just "switch browsers" and that will cure almost all their windows ills, is a mantra, it's "believed in" almost like a cult belief. They see it as a long term move to somehow magically "wean" people away from propietary and towards open source. I disagree, completely. I think this is an incorrect assessment, on several levels. At best, it is a sop and a mild convenience, a temporary and leaky bandaid, at worst, it will be a disaster. It will make microsoft insecurities and inadequacies "stick" to open source (it's already started to happen last week) as more and more the underlying wrongness of windows is forced into acceptance even by the open source people, and mozilla team and developers are being used-played for suckers to be frank- by microsoft to attempt to fix microsofts unfixable problems. It's like hitting yourself with a hammer because it feels so good when you stop..then advocating other people do it, too...
I know this won't be popular, but I'm going to keep saying once in awhile, because it needs to be said. Open source should be for open source. Quality should stick to quality. freedom should stick to freedom. You don't send foreign aid to a nation that despises you, and advocates dictaroship. To get even older and more to the point,you can-not make a silk purse out of a sows ear, no matter how leet of a tailor you think you are.
Above is just rhetorical, but I think it's important to say it out loud here on
Maybe bosses, even the feds, like IE because of lots of payola from ole Bill.
Change will come however. Unless our prez is thinkin of running house to house searches for rogue computers not runnin windows in Chechnya and in the Congo; and unless our prez is thinkin of formin the army up to 37 million troops or so in order to militarily occupy the world, these attacks will continue on IE. IE is just such a big, dumb, arrogant butt suckin target that it cannot fail to attract. The only solution will come through evolution and evilution, a long painful combination of domestic repression, criminalization of non windows users, military trials and worse. Ultimately the pain will be so bad that these forces will eventually lose however. Hopefully before over 150 millions will have to give their lives for copyrights, patents,
ole Bush, ole Bill, and the RIAA and MPAA. Make no mistake, the end of this will be war with China or some country that will not give us the power to prosecute their citizens for being against the
monopolists in this country. The world is now just a little too wealthy for its own good. Read the history of the background of World War One! When the lights start to go out over the whole world, take cover!
You poor soul. ftp & network drives... http://updates.ls-servers.com/reflist.zip The new updates won't work on anything before ver 6.181 but here it is. The updates link used to be really hard to find, but now it's under the downloads section. The same thing happend to my comp a while back, it kept saying it had the latest update, even when i knew it didn't. Sooo.. downloaded the zip & away i went.
[Fuck Beta]
o0t!
- It inserts sponsored links into Google search results
- It blocks all major anti-spyware sites by adding entries to the hosts file. This was especially bad because Ad-Aware, when unable to hit the updates site, just says "Complete" instead of returning an error.
- I'm pretty sure that it was installed via an IE exploit.
In case you see something like this, here's how to get rid of it: