Slashdot Mirror
The Spyware Inferno
An anonymous reader writes "Ever thought there should be a scale for quantifying the evil Spyware does? In an editorial article at news.com.com, a Silicon Valley Venture Capitalist uses the levels of hell in Dante's Inferno to do just that. The article also goes into depth on how vendors, and Claria in particular, make money - of particular interest, 31% of Claria's revenue came through Overture. This may explain why Yahoo took so long to list Claria as Adware in its anti-spyware toolbar."
(mods, this is a bit of an aside, but ontopic/relevant given the author's use of dante's levels of hell in his ranking system. consider it a footnote)
I stongly recommend reading N. Tosche's "in the hand of dante" as a circuitous but gratifying way to learn about the author and the divine comedy.
plus it's a terrific read.
La via sola al paradiso incommincia nel inferno
I am a windows developer of a small program with about 4000 users. Without spyware I would not be in business, since most people crack my s/w and dont pay after the trial.
Thanks to spyware, I am still make a living.
Seriously, as more places try to "legitimize" their revenue by branching out what they do, it'll take longer for most companies to sit back and say "we can't do this because of your questionable business model."
Yahoo took long enough, but they finally did.
What users need to do is continue to keep writing in and boycotting companies that use spyware affiliated services until they stop supporting them. Overture be damned, it's still ultimately a spyware thing. After all, it's just another way to collect information and track users. When Doubleclick decided to combine all the information... I'm sure you Slashdotters remember the response it got. Privacy is a big issue and until more companies in the playing field like Yahoo get the idea... it's going to continue being a problem.
Spyware is certainly more aggressive at this point, but ever since I installed Adaware and started using more of the extensions available for Mozilla/FireFox, it hasn't been something I've even remotely come across... unless I'm helping to clean up a friend or client's oversaturated box. I'm just wondering at this point why some of these spyware apps haven't been classified as viruses yet... they certainly act in a very similar manner: Installing without knowledge, announcement or permission... phoning home without knowledge, announcement or permission. Spreading without... ah, fook it, you get the idea. I'm just preaching to the chior here. A lot more questions than answers despite knowing exactly what is going on here. This is exactly why we shouldn't be supporting services that are running legitimately despite having that slight (or underhanded) spyware connection.
I mean, really. Load up a PC so full of Adware and Pop-Ups that it's useless, thereby hindering the advertising that they've been paid to deliver.
Talk about killing the messenger.
A few weeks ago I was very busy at night and couldn't get a chance to clean all the spyware off my wife's PC, which had become useless due to all the popups. Know what happened? The PC got TURNED OFF for a few days, thereby NO ads got delivered. I'd like to see what THAT does to their business model....
National governments seem clueless/powerless/apathetic with regard to malware (spyware, phishing, viruses, etc.) The current ad hoc approach - independent semi-commercialized tracking/alert/filtering services don't do a very good job, provide less than 100% coverage (of both PCs and treats), suffer from lack due process (e.g., how does a nonspammer get unblacklisted), and are purely passive (doing nothing to halt spammers, phishers, etc.)
I wonder when the users of the internet will form their own supranational government, with a defense force and coordinated policing actvities. Taxation might be in the form of CPU cycles & bandwidth used by policing actions to DDoS convicted spammers/phishers/spyware providers.
Two wrongs don't make a right, but three lefts do.
Well, I've been watching the spam lately and to my eyes it looks like technology is slowly making spam less profitable. Spam filters are becoming so effective that spammers are being forced to litter their messages with nonsense words and mispellings. These nonsense words and mispellings make the receiver of the spam less likely to purchase anything. And so (hopefully) the cycle will continue.
I always save my last mod point to mod up a good troll. You people are too serious.
it's a work around, and it's not pretty, but black hole the traffic before it hits the segment you have your ids's on (if possible). Example of known spyware destination ips (google): 4.4.23.227 4.8.104.90 4.18.162.102 4.21.117.158 4.36.44.3 4.38.98.140 4.43.44.32 4.43.44.128 4.65.105.109 12.14.172.204 12.29.97.96 12.30.241.70 12.30.241.74 12.30.241.106 12.30.241.242 12.36.78.54 12.37.62.0 12.39.105.80 12.47.196.49 12.98.204.163 12.99.231.36 12.129.72.201 12.129.198.41 12.129.201.99 12.129.204.6 12.129.204.99 12.129.204.107 12.129.204.122 12.129.204.125 12.129.204.158 12.129.204.160 12.129.204.183 12.129.204.197 12.129.204.204 12.129.204.208 12.129.204.219 12.129.205.102 12.129.205.105 12.129.205.120 12.129.205.162 12.129.205.167 12.129.205.171 12.129.205.206 12.129.205.220 12.129.211.125 12.129.225.165 12.129.229.191 12.129.248.48 12.129.248.128 12.130.12.30 12.130.12.106 12.130.91.7 12.145.139.160 12.148.21.23 12.148.209.196 12.153.20.152 12.153.20.157 12.158.80.10 12.168.32.90 12.168.33.58 12.168.33.194 24.1.248.148 24.3.113.25 24.7.145.249 24.27.205.221 24.30.8.185 24.42.211.66 24.57.164.38 24.57.240.53 24.58.172.230 24.71.18.34 24.72.3.189 24.90.4.150 24.90.243.203 24.101.203.184 24.104.40.39 24.104.40.52 24.106.94.101 24.108.132.26 24.125.77.118 24.126.133.124 24.141.149.114 24.151.184.187 24.173.79.235 24.207.243.16 24.218.47.171 24.222.112.75 24.229.80.135 24.235.212.163 24.242.151.203 38.113.1.80 38.113.1.111 38.113.1.151 38.113.1.155 38.113.1.159 38.113.3.122 38.113.193.6 38.113.198.80 38.113.198.132 38.113.198.136 38.113.198.176 38.113.198.235 38.113.199.63 38.113.204.182 38.114.129.148 38.117.144.27 38.117.144.30 38.117.144.50 38.117.144.162 38.117.174.2 38.117.174.20 38.118.144.180 38.119.65.135 38.119.65.137 38.170.72.194 61.8.3.212 61.16.133.250 61.43.30.91 61.78.61.223 61.115.205.23 61.129.67.141 61.129.67.149 61.129.67.151 61.129.69.190 61.135.131.23 61.135.131.31 61.135.131.36 61.135.131.39 61.135.131.42 61.135.131.128 61.135.131.174 61.135.131.237 61.139.65.222 61.145.75.227 61.145.75.233 61.149.2.221 61.152.251.25 61.177.222.222 61.213.156.128 62.13.25.201 62.13.25.209 62.23.124.88 62.23.137.170 62.26.219.11 62.27.21.101 62.27.59.227 62.27.59.245 62.39.85.0 62.39.108.98 62.39.122.20 62.56.244.55 62.57.74.14 62.58.2.5 62.65.34.64 62.65.36.136 62.65.252.93 62.65.252.226 62.69.162.144 62.69.162.171 62.75.193.84 62.93.224.242 62.96.181.197 62.97.109.50 62.101.246.77 62.104.23.56 62.115.254.26 62.118.240.27 62.118.248.72 62.118.251.0 62.119.21.132 62.119.21.135 62.119.21.150 62.119.21.157 62.119.133.10 62.119.133.11 62.121.105.75 62.146.24.251 62.146.222.65 62.148.166.3 62.149.0.12 62.149.0.140 62.149.36.64 62.150.129.118 62.153.59.95 62.160.32.0 62.161.184.96 62.172.199.20 62.178.238.135 62.181.185.37 62.181.185.44 62.189.43.224 62.189.74.144 62.189.244.232 62.193.206.144 62.210.139.48 62.210.164.83 62.212.117.198 62.219.114.145 62.233.196.72 etc. etc. etc.
CINCINNATI BELL IS TEH SUCK.
Why the fuck is Venture Capitalist capitalized? Here's a news item: Boston Student Nurse performs CPR on fellow student, saving his life.
See how stupid it looks?
Do you see the sig? Do you have it in your sights? Why yes, Miss Moneypenny...
I don't say they're delivering ads or sending back personally identifiable info to their manufacturers, but they are using my resources without giving me what I consider to be any perceptible advantage.
/dev/sdwhatever ; chgrp portable /dev/sdwhatever" and adding people to group portable, but on Windows it's not so easy. Not all background tasks are necessarily malicious.
Rio Music Manager has one, too, and the reason we put it there is because there are certain things that Rio Music Manager needs to do (such as send custom USB commands to portables) which can't be done by an unprivileged user under Windows. So at install time -- assuming it's installed by an administrator -- the service gets run with admin privileges, and then later, when unprivileged Rio Music Manager runs, it can send custom USB commands via the service.
On Linux it's probably just "chmod 660
Peter
Why hasn't Apple/Claris sued for the obvious typo-subterfuge intended by Gator's selection of Claris^Ha as it's re-invention name?
Hmmm?
-- @rjamestaylor on Ello
Can anyone say what this qttask.exe actually does? There doesn't seem to be a Mac-side counterpart.
The guy upstairs from me asked me for computer advice, he was looking to get a new machine for college. He claimed that he wasnt very good with computers and just needed it for research / email / writing papers. I suggested a mac.
I have never owned a mac in my life, I have only worked on them from time to time at school, and I'm probably not going to ever own a mac unless i really start making the big bucks and can afford a disposable system, and even then i could probably only justify it for its graphics and video capabilities.
I suggested that he get a mac because I didnt want to be the guy he called when his PC got the latest crapware. I told him that from what ive read (/.) macs are great for people that want simple computers that just work. he got a ipowermacbookintosh. This morning before I left for work he thanked me and said how wonderful it was. I got in around 9 only to find 3 emails from staff infected with the latest purplemonkeytoolbarweathertellingcrap.
Moral for the story: as a geek I can keep my windows box clean, and even not being a mac fan boy i can say that apple is right on when they say "computers for the rest of us".
PS: When macs get 90% market share I'll suggest he gets windows because nobody writes crapware for it. Oh, yeah, this is slash, um, 2005 is going to be the year of linux on the desktop.
--Aard
Im dreaming ofa big bndwdth, That can resist the
If we really want something done, we've got to find ways to make sure these people and/or companies can't make money doing it...
What about something along the lines of feeding fake data back - I remember to have read an article/comment on that, but cannot remember how I found it & not in the mood to look for it again.
The key point is/was to boost processing cost on the noise side.
CC.
TaijiQuan (Huang, 5 loosenings)
Others may have mentioned it, but an anti-spyware toolbar is like an anti-violence machine gun.
Malware companies are not the only ones generating revenue here. There are a lot of Techs out there who are raking in the cash removing all this malware. It would be interesting to see some stats on how much money is spent removing all that crap.
CS: It is all sink or swim...oh and did I mention there are sharks in that water?
Thats fine for a service thats started/stopped like all other services in the services panel.
The parent poster (and me too) are sick of every application in the world thinking it needs to stick another icon in my task bar. Another point of failure to bring down my entire desktop.
If you're starting your process in my task bar, it starts when I log in, and has my priveliges, nothing to do with Administrative stuff.. That would be a service, not a task bar "helper app".
Right now I've got them down there for Quicktime (what the hell do I need that for? What could I possibly need it for? Apple just wants some free advertising space on my screen), the HotSync software for my smartphone is there too. Again, why? Don't need it, just need a service in the background. ATI stuck one there just in case I needed another way to switch desktop resolutions or color depths. I dont.
The only useful ones in my task bar are the volume one (actually, not so useful since my keyboard has volume controls..) and the Cisco VPN one that tells me that I'm currently not connected.
WinZip puts one there, hell everything puts one there. And they don't belong there. The only reason people jam an icon there is the "advertising" value. WinZip wants everybody who sees my screen to know I have WinZip.
I don't need no instructions to know how to rock!!!!
I'm guessing the Malebølge.
I'm serious. I've never really seen much spyware.
True, I'm an IT professional. And on my home computer I use Linux almost exclusively.
And at work: nothing. Nada. Those few who have Internet access it's closely monitored & filtered, incoming email is thoroughly scanned and systems are locked down. And I see no spyware.
Last time I booted Windows at home (just a NAT'ing firwall as protection), it was Win2K and I did see a premium dialler try and install. Seems to me that the malware vendors are yearning for the Bad Old Days of Windows '9x, complete with 9 levels of DLL hell and drivers written by barbary apes. So they're using whatever they can to bring those days back.
Things like that remind me why I stopped working with Windows.
Because Apple "eats their own dog food"?
None of this crap targets Macs, or Mac browsers, so it's entirely possible that they haven't even noticed how much of a problem it is, or ever heard of the company.
The only reason I ever notice spyware is when I have to clean it out of yet another luser's system.
Spyware Schmyware. I use Firefox on OS X.
Problem solved.
Well I admit I was being a wanker, but we didn't exactly invent multitasking so much later, it was being done in the age of DOS too. In fact a lot of the stuff that DOS does is a Unix ripoff, like redirection and pipes, and many of the commands. Of course it doesn't do it as well as Unix, but who expects it to? We certainly have brought Multitasking more to the consumer level, though. However, the first Amiga was released in 1985 and I should not need to tell you that its multitasking abilities are not equalled by any version of Windows until Windows 95. (Its other abilities are still not equalled by Windows in some ways, and far surpassed in others, but we won't go there.)
Also, GEOS was released for the C= 64 in 1986 and had pretty credible multitasking abilities, at least the equal (heh) of Windows 3.0, which didn't come out until 1990 - interestingly the same time at which GEOS came out for the PC. It's quite a shame that Windows triumphed over the far-technically-superior GEOS... Your numbers are spot on if you only consider PCs though, since QDOS is from 1980. If that's what you meant, ignore my sideways rant.
DOS sucked, though it is okay for doing one thing at a time. TSRs regularly stepped on one another and in general were a big pain in the ass. As much as you could get done with MARK and REL back in the day, I'm glad that time is over.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
This needs to be modded up. Big time. I run Weatherbug. It's ad supported and I know it installs the My Search toolbar as well. It also does not mind at all if you go into Add/Remove and remove it. Weatherbug continues to function after that. It tells you right upfront what it's installing and does not sneak it in. Claria probably doesn't do this sometimes.
One way we have prevented our Mom and Dad's from installing this stuff it to give them explicit instructions...now mom, everyday, you use this limited account and when you need to install something, either call me or use this Administrator sign on but DO NOT use this signon for anything but installing applications. Do not browse with it. This seemed to cure my little bro in law from having to go help his mom get rid of a virus or spyware. He also has scanners for virus and spyware installed as well and since he has to go pick his son up there every once in a while, he will do a sweep which is short instead of 3-4 hours removing spyware and viruses. Until most users adapt a UNIX like way of using their Windows machines, they will not be able to combat crap like Claria. If it starts to not work, then Claria will ahve to find another way to stay in business. Being vigilant in this battle will help us win...but being stupid and clicking OK whenever you see it WITHOUT READING THE BOX will kill you.
Gorkman
AIM is advertising-supported software because it displays its ads in the AIM window.
Kazaa is adware because it displays its ads while you use Internet Explorer. Pop-up adware often makes it difficult for users to tell what application the ads sponsor, which IMO is the point at which it becomes evil. I don't know whether Kazaa's ads say "This ad is shown using Claria technology to sponsor your use of Kazaa. To stop seeing these ads, uninstall Kazaa". I'm not going to install Kazaa to find out.
The shareholder is always right.
Good point. I recently bought an LCD monitor with a single dead pixel.
The vendor tried to argue that "X number of dead pixels is normal" and I said, "Well, that's not mentioned in any of your advertisements nor in any of the contracts I have signed with you."
End result is that I got a new monitor.
Which is nice... but did you get an Ipod...?
Did your friends...?
The secret of success is honesty and fair dealing. If you can fake those, you've got it made. (Marx)
First let me explain what I do for a living. I am a computer technician for a Networking company that handles law firms, doctor offices and such. Each of these places will have anywhere from 5 to 100 computers in their office. I would say I am forced to clean machines of spyware, malware, adware and viruses about 90% of my work orders. I have become proficient in doing so with all the practice I've had. These office employees of my clients just download everything they see. They answer yes to every question that get asked on a website. They do not read it and wouldn't understand it if they did. I am talking about EULA agreements of course. The legalese subtly hides the subject of the agreement that even the lawyers at these law firms cannot decipher it. I've done some testing on how easy it is to get infected with spyware and viruses without the consumer's awareness. I connected a freshly installed Windows XP machine to a broadband connection with no firewall in place and no spyware or virus detection programs in place. I surfed well known websites that millions of people search everyday for about five minutes. I then installed Spybot 1.3, Adaware 6.0 and Hijackthis onto the machine. In those five minutes of unprotected internet browsing the computer had over five different spyware programs installed including: VX2 Better Internet, a CoolWebSearch varient, New.net varient and some a couple of tracking cookies. This was five minutes of browsing mind you and I got three of the worse programs in their genre. I have recently found out that New.net actually has bundle parterships with several big companys including Earthlink, Net Zero and Juno. New.net has actually threatened or sued spyware removal companys like Spybot and Adaware. Spybot backed down from them and removed any New.net detection from their program. Lavasoft who makes Adaware is fightning back in court against New.net. New.net claims these companys are giving a bad name to their software by saying they are malware programs that collect data or supply ads to the end-user. New.net says it does not do that but I know first hand they are lying. I had a machine that was infected with New.net that caused AD popups, totally screwed the clients network connections. And these companys are legal businesses!! All I know is the government needs to step in and regulate these companys. The invasion of privacy they do on our computers is no different from a voyeur peeping in your house window or somebody tapping your phone or reading your mail without your knowledge. And yes Microsoft operating systems are the easy targets because a good portion of the world and mostly home users use Microsoft OS's. Mac and Linux people think they are safe but that will change. The more people use those machines the more spyware and viruses will surface. There already is some spyware programs for the Macintosh and a couple of viruses. The best thing for the home user to do is takes steps in protecting your computer. Use a good firewall, Keep your Windows updated, Use a different browser (I use Firefox) than Internet Explorer. Have a good antivirus program installed and updated everyday. New viruses are discovered nearly everyday. Use programs like Spybot, Ad-aware and Spyblaster( (protects against bad Active X downloads.) Take the time to actually learn to use these programs fully. Spybot has some extra tools that are great. HijackThis is great but you need to know what you are looking at. If you see a EULA agreement pop-up on your screen take the time to read it and also look up the company or software you are trying to install on Google.com and do some research on what people say about their programs. Pestpatrol.com is also a great site for learning about these malicous programs. The spyware developers are getting smarter as well. There are some spyware programs that run in the background but do not show a process in Taskmanager. Some variants regenerate themselves even after removal (usually by some leftover registry entries called "tricklers" or install programs that are hiding in your Te
For airline and train travels and such, those agreements are typically made between some sort of organization representing those selling travels and some goverment or consumer organization. It is standard agreements that would apply to everyone selling airline travels for example and thus an individual airline can't add extra parts (like we don't do engine maintenance so tough luck if we crash).
As for software, I can see the "two separate" contracts, and of course that is not a problem, the problem is that it is a contract forced onto you AFTER you allready bought the software. If the contracts (both between shop and software compnay) were done befre the purchase, it would be another matter, now it is done after you allready bought and own a copy of the software and at that point, someone else can't force you to agree to a contract just because you want to use what you bought.
Having the contracts agreed at time of purchase is not a problöem or uncommon. When you buy a cell phone, it is not uncommon that the deal is sponsored by a company that handle the phone calls. So you also sign up with them for a year or something. However, those deals are always done, signed, agreed and so on in the shop before you buy the phone. You never see someone selling you a phone for $1 and thwn when you get home and try to use it, you are shown a contract that you can only use it when calling through company X and at specific costs and so on.
That is how software sales should be set up IF there is a need for additional contracts as part of the sale. It is worth mentioning that a huge part of many EULA are actually not needed at all since it is allready part of laws (for example copyright laws). Other parts are unenforcable anyway (depending on country and laws). The actual additional agreement is usually not that much and almpst always restrictions on what the buyer can do.
the amount of friends and families' pcs i see nowdays with spyware,adware and stuff on them is unfunny. They are going to have to start cracking down on this with law penalties like can spam (oh wait, that did nothing)
Business Voyeur