Slashdot Mirror
Every 5th Call At Dell Is Spyware-Related
prostoalex writes "Financial Express quotes a Dell executive saying that spyware is installed on roughly 90% computers out there. Right now 20% of all Dell phone support calls are spyware-related. University of Washington research this March published a moderate estimate of 5.1% PCs running spyware."
According to Dell, 90% of the computers out there have spyware installed on them... the other 10% are Macs and machines running *NIX. :-P
Or they would if this were really a problem for them. Makes one wonder.
... and that would be limited only to Dell customers under warranty or some sort of service package who actually bother to call for support. I would consider it safe to suspect that the actual percentile of spyware infested PC's to be more on the order of 60-70%.
Remember, people only call when they are aware of a problem.
And even then, most people will "get by" until the problem is so pronounced they are forced to do something about it.
Alright, I'm just some guy who fixes computers for friends occasionally, but I like statistics too. When my friends call me a geek for using Linux, I always retort "Guess when the last time I had a problem with spyware?"
I think Dell is going to do some small case studies of selling the average user a machine loaded with linux and see if it becomes cheaper to support them.
From the article Spyware-related phone calls now make up as much as 20 percent of all help calls, compared with just 1 percent to 2 percent in August, 2003
Is this because users are now more aware of the existance of spyware, rather than the actual 19% increase?
For instance, in 2003, Joe-granpa probably didn't know/care why his modem's blinking non-stop, but he does now.
Rock that crushes, Paper & Scissors that don't matter.
90% may be high. 5.1% is ridiculously low.
90% of Windows machines connected to the Internet is absolutely believable. I don't know anyone who hasn't gotten some. I've never had a virus on any machine, but got spyware on a Windows box by accident when the little "yes/no?" box pops up while I'm typing in a password (hit enter just at the wrong time...)
Actually, Dell will be more than happy to remove spyware for you. I have a friend who ran into this exact situation the other day, but Dell wanted to charge him $40+ to remove it, since this obviously isn't included in the warranty or regular tech support. The solution? I pointed him to http://www.lavasoft.de/ and Ad-aware removed it for free.
Education, not a mythical patch, is the answer. Computer users are too often instructed to select "yes" by default; instead, perhaps we should encourage them to read the prompt with incredulity and then apply their best judgment. There is no patch for complete end-user competence.
Do you like German cars?
Where are the antivirus companies? This shit has gotten to a bigger problem than virii ever were and behaves in much the same way. Still, your fancy $70 "internet security" package won't touch it.
Only in a Slashdot fantasy can a Slackware install turn into several hours of sex . . . . .
1 out of 5 people has no idea how to use their computer.
Most schools don't trust their educated college students with electric cooking elements. Think about it...
I currently work tech support for a small ISP, I'd say those numbers are about right, at least that many of the calls we get here are spyware related, some so severely that we have to refer the customer to their computer manufacturer to reformat and reinstall, or have the customer (assuming they are local) bring it in to our office to have it removed.
Many of the spyware programs out there now infect the system so deeply that none of the removal programs will manage to get rid of it, and some of its now being designed with properties of classic "stealth" viruses - ie, so that theres at least some component (usually a reinfector stub) thats not detectable while the process is running (intercepting system calls, etc so that you can't see it by normal means))
The problem's getting pretty ridiculous, and will only continue to get worse so long as we have browsers that treat web pages as if they were executable files, and users that click buttons on dialogs reflexively without even realizing they are there.
At this point, I spend as much as 10 hours a week just on spyware-related calls. That's insane, even with the peanuts I make working at a mom-n-pop ISP, thats real money. Now, if we can just find a way to bill the scumware companies for our time...
No, it doesn't, its damn funny, because its painfully true.
"that racist outsourcing humor" will stop being funny when it stops being true.
I think it's probably somewhere in between 5% and 90%...
Actually, it could be 5% or 90%. I look after machines in the towns round here for home users and businesses. Over the last few months about 90% of the jobs I have done for home users have been removing spyware or viruses, but only 5% or 10% of jobs for businesses have been spyware related.
OK, not to pick on you--you aren't the only one to post that here--but how the fuck does Linux prevent spyware?
The reason there's not much spyware on Linux is the same reason there isn't much in the way of viruses, worms, and popular commercial software: lack of market share.
Linux has the technological capability to be infected with spyware. I'm sure most, if not all spyware, is voluntarily installed. But the only thing I can think of that might make Linux marginally safer is the lack of an ActiveX browser.
And, yeah, I know that the average Linux user doesn't run as root, unlike on Windows. But you don't need to be root to open a socket and send back statistics on what's in the user's browser history.
I use Linux full-time. I push it when it makes sense, and even put plenty of spare hours back into my favorite distribution. But every once in a while, when I decide to revisit Slashdot, I'm just embarassed by the blind fanboy-ism. It's annoying. Get a fucking life.
because you can't pawn your tough cases onto Microsoft. A typical OEM support call follows 3 stages: 1) clean boot 2) run Adaware 3) sorry, run your restore CDs or call Microsoft. Plus, there are _tons_ of tricks to getting free tech support from Microsoft, and many OEM techs are happy to let you know what to say/do.
Oh, and if your customers buy new hardware and it doesn't work, you can't pawn them off on the manufacturer (no Linux support, you see). Yeah, hardware Dell didn't sell you isn't supported. Try telling that to the average jerk who just bought a $30 dollar digital Camera. He's not gonna care if you support it or not, and he's just gonna get pissed and buy a Windows PC next time.
You're underestimating the value that $50 bucks buys an OEM.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
But avoiding spyware on the whole is very simple, and comes down to a few simple steps, based on prevention is better than cure, i.e. it's better not to get something bad at all, than to get something bad and then have to get rid of it.
Make sure their computers are behind some kind of hardware or software firewall which blocks all incoming TCP connection requests. Yes, there is more to it, but this one step is a huge improvement on not having a firewall.
Install another browser such as Mozilla Firefox, and show them how to use it. Only use Internet Explorer for specific sites that you trust, if it has to be used at all. Remember that many users need Flash and Java, so consider installing these as well to stop them going back to IE as soon as they hit a site requiring one or the other.
Spend a few minutes educating your users about malicious software. Explain that a computer simply follows instructions with little concept of good or bad, and that it only takes a double click on one file containing such instructions (eg a .exe file) to contaminate the system.
Yes, there's more: software updates, strong passwords, encryption, using more secure software and all the rest of it. Unfortunately most of our users aren't interested in becoming computer security experts. If you can get those three above points hammered in, and let them know that that there is more to securing their computer, you're making a big step in the right direction.
Although rare, Gazillo said it wasn't the first time he has investigated a fire caused by a lizard and a heat lamp.
I know you're being funny. But in reality, the reason college students aren't allowed to cook is A: Hot plates present a ceartin risk regardless of their operator (my george foreman grill just electrocuted me about an hour ago). And B: Support overpriced college meal plans!
Religion is a gateway psychosis. -- Dave Foley
When I was a Dell tech, we had to refer to spyware as "third-party software" and we were not authorized to recommend tools for removal. Of course, I would just tell them to run spybot and pray for rain, but if a supervisor would have caught me doing that I'd've likely been fired.
What the hell do they expect to happen, when they won't let the techs solve the problem?
REM Old programmers don't die. They just GOSUB without RETURN.
Yeah, I agree. I get paid pretty well lately doing simple routine jobs such as removing spyware. To me, spyware is the new "killer app". I just hope more and more of it gets made. I'm definitly pro-spyware. Also, I bring joy to peoples faces when I remove it for them. So in conclusion, spyware makes people happy and should be promoted by a citizens government. We should also rename it from spyware to joyware.
"If you are a dreamer, a wisher, a liar, A hope-er, a pray-er, a magic bean buyer
And besides, there is some truth to it. The problem is we in India, though are tought english from the first grade, rarely use it in everyday converstaion , so our conversation skills are limited.
We can't create simple short meaningful sentences. We use words like "basically", "actually", "technically" etc. ad nauseam and all at wrong places.
If we really want to keep these "outsourced" jobs we need to buckle up and improve our skills , rather than accuse Americans of being racist.
From my prespective we should rather do RnD stuff, for our own benefits rather than pacify some pissed of customer 7 seas across, who can barely figure out what we are speaking.
for the last time people, I am "frodo from middle eaRTH", not "middle eaST".
the dell tech support job isn't much different than mine...helping random people with whatever problem they start crying about at 2 AM. not a fun job. makes me want to punch spyware-makers in the face, and kick myself for not thinking of this (obviously) profitable business. as for statistics... 5% of slashdot readers have spyware on their computer. 90% of soccer moms have spyware on their computer. 20% of spyware cases are so severe that they require a call to technical support. 75% of these calls are resolved in under 30 minutes. 80% of all statistics are false. enough of all this "no one wants to spy on my *nix system" crap". we know. give it up. fact is: my mom knows how to use windows, and will never, ever change her OS. i don't think i'll be that keen on massive computer change when i'm that old. Lets all take a minute to wish the young men and women at dell good luck as they try to get the computer-illiterate people in the world to remove spyware. http://www.deadtroll.com/index2.html?/video/hellde skcable.html
william.
I'd venture to say that most non-tech savvy computers have some sort of spyware/adware installed. Why do these people get it?
1) They accidently click on something they didn't mean to, because of a popup. It goes downhill from there, since many spyware programs act like virii and have some friends join the fray.
2) Users that hit porn sites. These are the black hole of spyware, and while I've told them "stop looking at the porn and you wont get this crap", and they say they don't, yet I see their Internet Explorer history and its just filled with porn urls.
While my parents are largely #1, I've switched them to firefox and its gone down dramatically. I still catch them using IE for things like OWA and a few other IE-sites (and they will re-use the browser window to do other things).
I simply got tired of deal with them calling me about "CoolWebSearch" and tons of other junk that pisses me off.
I use Internet Explorer *and* firefox to browse the web, and I never get *any* spyware - I just know what to look out for. I'd say at least 80% of the people out there don't.
It also helps if you surf the web as a non-priveldged account - those are, for the most part, invulnerable to spyware. Just as none of you would use any web browser on linux as root -
agressiv
A worm outbreak today is an acute disorder -- the bulk of the damage is done in one day, even a handful of hours or minutes. Even though recovering a business or department from it can take longer, the outbreak itself burns through the vulnerable population pretty quickly, and starves itself. Spyware, because it's rooted in long-standing bad security practices both by Microsoft and by Windows users, is a chronic disorder -- it doesn't just shut you down for a day or so; it degrades your online life over a long, nasty time.
To extend the analogy perhaps too far: A flash worm is like Ebola: it kills its victims quickly and messily and leaves a disgusting corpse. Everyone knows when it's in town because of the gory sacks of flesh lying around the streets. Spyware is like cirrhosis of the liver. It comes from doing something bad over a long period of time. It doesn't spread to others materially, though long-term excessive drinking (which causes it) can "spread" memetically in a population, as do bad Windows security practices. And, eventually, it causes the affected organ to be overwhelmed and just shut down.
The spyware situation today is one created by a nexus of influences:
The first two are well-known and I will not address them further. The latter are not.
What I call contract date-rape is the evil represented by so-called "end-user license agreements" and other documents which purport to represent agreements between software publishers and computer owners. The unethical business practice of software publishers is as follows: The computer owner buys a piece of software and installs it, only to find that it is designed so that it cannot be run without "accepting" an "agreement" which waives the owner's rights -- such as resale rights, rights to a refund for defective merchandise, or even free-speech rights. Then, when the software does something harmful and the owner seeks recourse, he is told that he "consented" to whatever harm was done, simply by the act of using what he purchased.
It is contract date-rape which puts the lie to that old FUD about open-source software: "But whom do you sue when it breaks and doesn't get fixed?" The owner of a computer using proprietary software under a Microsoft-style EULA does not have any enforceable rights against the publisher. Windows does break in many ways that Microsoft doesn't fix, but nobody is suing Microsoft for it. Why? Whether the EULA is in fact legally binding or not, both Microsoft and computer owners regard it as leaving Microsoft with no obligations.
(Of course, software was not always sold on "as-is" terms that were intended in law for used and defective products. Nor was it sold on terms that used copyright law as a cudgel with which to deprive users of rights such as fair comment and resale. Contract date-rape is not an endemic problem of proprietary software; it is one that proprietary software publishers have chosen for themselves.)
And it is the methodical use of contract date-rape which leads to the situation we have with spyware today. Spyware gets into a computer owner's property unannounced, alongside some piece of (presumably) desired software. It is a Trojan horse in the original sense -- sooner or later, it bursts open and out pour the soldiers of the enemy, who go about merrily burning w
The reason there's not much spyware on Linux is the same reason there isn't much in the way of viruses, worms, and popular commercial software: lack of market share.
c hes-linux is installed on PCs sold in department store, then maybe linux will become as vulnerable as windows.
This is the old "Windows-gets-attacked-because-it's-popular" myth.
So Apache gets attacked more than IIS?
When always-run-as-root-and-never-install-security-pat
You make the mistake of thinking you can educate the fundamental stupidity out of people. You can't.
The spyware situation today is one created by a nexus of influences:
I can't argue with 3) or 4). But as for 1) [and it touches a little on 2)], we've been running Windows NT & Windows 2000 for more than five years now, and we've NEVER had a SINGLE piece of spyware installed on any of our systems. [Never had a virus or a worm either, although I hope I didn't just jinx myself by saying that.]
You know why? BECAUSE NONE OF OUR END-USERS LOG ON AS ADMINISTRATORS!!! That's it - it's that simple. They don't have Administrative rights, and they can't install spyware [or viruses, or worms]. [Of course, yours truly installs the latest security patches as soon as they appear, and has always had all of his users behind a fire wall, but that's not the important point here.]
If you surf the web as an Administrator [Root] on OSX, or if you surf the web as an Administrator [Root] on Linux, you're every bit as prone to this stuff as any Microsoft user surfing the web as an Administrator [or you would be, if those operating systems had large enough market share for the spyware people to be bothered with writing spyware for them].
Well, nice to see it coming around to byte you, eh, Dell?
The World Wide Web is dying. Soon, we shall have only the Internet.
I tried to set my friends up that way. It isn't hard, XP comes with that ability, even in the home version. Setting up is easy enough. Making it work is another matter though. Nearly half of the programs my friends want to run do not work correctly without administrator rights. This includes software for XP from Microsoft!
In the end I gave up, ideally they wouldn't use the administrator account except when needed, but practically their computer didn't work without it. Switching users takes time and is a pain. Not hard, and it doesn't take long, but annoying enough that I can't call it a solution.
Remember this is a home environment, not a work environment. They don't have someone checking out software from various competitors to see if it meets requirements. If Best Buy sells it they buy it, and expect it to work. (note that you can almost never return software after finding out that it doesn't work without administrator rights)
Spare us your righteous indignation. Please. Many people who speak english non-natively speak with incorrect grammar.
Do you deny this?
Is it racist?
Just because he made a reference to outsourcing doesn't mean it was racist. You can hear whatever you want if you are listening for it, but there was nothing inherently racist about that. For all you know, he prefers broken english.
I used to bulls-eye womp-rats in my pants
It's the users! Nobody cares or knows why their comp is running slowly ect.
I just recently formatted my sister's comp, and installed the "bare bones" (drivers, dx9, ect) and let her re-install her apps herself. Some of the programs she likes to use has spyware in it (but an option not to install it), and she completely and utterly installed it anyway!,
I blame the "Next Next Next" Policy that makes people think that it's only installing the program they want.
I know many people who replace their computers every two years "because the old one got really slow". These people aren't searching for large prime numbers, finding pi to the 50,000th digit, or running nuclear blast simulations - they are checking email, surfing the web, and burning CDs. What drives this pointless upgrade cycle?
You guessed it: Spyware.
Why would Dell want to fix the problems? Their solution often times is to tell the hapless user that their machine is toast, and that they should buy a new one.
-ted
Once installed an extension can do anything the user can do. Normally that might be to stick a button onto the browser, but there's nothing to stop the extension searching your drive and uploading data, acting as spyware or installing a root kit etc.
Just like ActiveX, XPI files are meant to be signed so you can establish trust. But no one digitally signs their Firefox extensions! Therefore users are 'trained' to install untrusted XPI extensions. Untrusted means you have no idea who wrote it, or if it's been tampered with.
Firefox 1.0pr1 has introduced a small band-aid. Now have to indicate you 'trust' a site before you can install an XPI from it. It's better than nothing but it still won't authenticate or repudiate the XPI as being from that site - someone could have replaced the genuine XPI with a malicious one, or intercepted the entire site entirely.
The XPI model either needs to enforce certs and give contributors a way to get them conveniently and cheaply. Or it should move over to PGP signatures and a web of trust model. In some ways the latter is more beneficial since people don't have to fork out ludicrous sums to Verisign to authenticate that they wrote the extension.
In any case, I'm just indicating that a naive user could install something on Linux that they would later regret.
"This just goes to show what security folks who have to deal with ordinary, average users have been saying for quite some time now: spyware is the #1 security problem for the ordinary Windows user today. Break-ins, worms, and viruses are all nasty problems indeed, but they do not cause the level of sheer aggravation and suffering that spyware does."
/. article claiming 1 out 5 children were solicitated in various forms on the internet last year, but I'm pretty sure I wasn't able to get throught to her about the dangers of the predatory social engineering that can take place through the internet these days. Spyware has the potential to pose a much bigger risk than most people believe because it opens the door to rootkits, social engineering, etc. when it is allowed to run amok in this manner.
I absolutely agree with you that spyware is without doubt the most grevious problem afflicting home Windows user today. However, it is not only the shear numbers of spyware and lack of unified solution to these problems that makes spyware the critical problem it is, but the threat and damage that can be caused by spyware, in my opinion far exceeds what I would consider aggrevation.
Although I am a fulltime workstation administrator for a tech company and often times pick up home user workstation support on the side and they are almost always problems related to spyware. I recently agreed to work on a women's computer that was no longer able to connect to the internet as well as set up a home wireless network for her. She told me that it was "her daughters toy and as long as she can get connected to the internet and chat at night it keeps her daughter out of her hair" they both remain happy. The daughter is 13 years old and has taken to chatting with her friends at night, passing around links to salacious little horoscope programs, gossip programs, ad nauseum . . . After two hours of working on the computer I had removed over 500 instances of spyware (files, reg keys, programs, etc NOT INCLUDING COOKIES!). My obvious diagnosis was that Windows XP home needed to be reloaded but for now she could get back on the internet. When I returned a week later after recovery disks had been obtained there was even more spyware than before & a mysterious bridged internet connection that I assumed was being used to turn the machine into a slave for God knows what. Additionally, I found approx. 5000 illegal song downloads (automatic prison time there), limewire and kazaa and an AIM add-on that was keeping documented records of all IM conversations. I quickly learned that this could not possibly have been the daughters choice as the one converstation I opened while investigating revealed explicit discussion of sexual activities. To me, the potential for abuse in this case goes far beyond the loss of data, or even identity theft. A hacker with access to this machine would be able to know all of this girls personal information, name, address, appearance, school schedule and what place her volleyball team achieved at districts. Needless to say, I did my very best to try to educate this women about the dangers of these surfing habits even referencing the recent
Generally a very good post, and I aggree that the cult of the EULA should die. And that blaming the _victims_ instead of the criminals is a sick joke already. But I do have a couple of minor objections:
/. Sad.
"The spyware is there on that disk because Microsoft security is bad, yes."
Actually, no. Yes, I know, it's slashdot. Daring say that there's something (e.g., AIDS or world hunger) which MS isn't to blame for, is bad for your karma. Blaming MS for _anything_ rakes in the big karma points on
Now Microsoft _does_ have plenty of faults. E.g., worms and viruses, those you can safely blame on Microsoft security. Better coding at MS could have avoided all the buffer overflow exploits, and better design could have foreseen some of the other exploits just waiting to happen.
But spyware? Gimme a break. Spyware is installed by tricking the user. It comes standard with a nice installer and an EULA.
Even on Unix, what do you tell users? Think. "Only log in as root to install programs or other admin tasks." Well, bingo, then they could install spyware just as well on Unix.
Try to picture an alternate universe where the Unix fragmentation never happened, and Microsoft never happened, so all computers run Unix. Now picture Joe Average, on his shiny new Unix home computer. Let's also imagine that enough sense has been hammered into Joe, that he doesn't run root while reading emails and chatting on IRC. (Ok, big stretch of imagination there;)
Now he's just downloaded this useful little movie ripper app, which incidentally comes bundled with Gator. It's right in the EULA too. And the install program tells Joe "sorry, you need to log in or su as root to install this program."
Take your best guess at what will Joe do next. Well, I'll tell you. He obediently switches user to root to install it. Congrats, you just got trojaned on Unix.
"It is a Trojan horse in the original sense - sooner or later, it bursts open and out pour the soldiers of the enemy, who go about merrily burning women and raping houses."
It's a Trojan in the computer sense as well.
Back in the day when BackOrifice was all the fashion, the way to get it was also bundled with some little useful app. When some script kiddie wanted to get you BOed, he'd send you or put up for download some little exe (a utility or game) wrapped in a nasty program that also installed the Trojan on your computer.
And you know, everyone called it a Trojan.
When did it become acceptable and not a Trojan? Since when do we even need euphemisms like "spyware" instead of "trojan"?
A polar bear is a cartesian bear after a coordinate transform.
> On a whim, I tried to drag the .app bundle into the user's home directory,
.config files in the user's home directory. This is quite enough ... ...
> which worked. However, thanks to the structure of OS X, the worst that any
> known exploit can do is wipe that directory and that's it.
On most systems, wiping out the user's home directory is actually *worse* than
merely destroying system files. System files can be restored from the restore
CD, but only a small percentage of users really back up their home directories,
where all their important data lives.
Additionally, there are more things an app can do with normal-user permissions
than just delete files. An app running from inside a user's home directory
can do any of the following:
* modify
to get it run unobtrusively in the background whenever the user logs in.
* read the user's files, looking for things like email addresses, credit
card numbers, passwords,
* contact a remote system (e.g., to send it the harvested email addresses,
or to obtain instructions about what IP address to DDOS, or whatever).
* send email (e.g. to propagate itself). Bear in mind that it can read
the user's files, so it would be possible (though I don't know of a case
of malware doing this) to construct *replies* to messages the user has
received, quoting something the recipient said, and responding to the
effect of, "Yeah, I see what you mean, have a look at this." with a URI.
The URI could contain an obscured string that the server could decipher
into keywords from the quoted portion, which could be used in constructing
the phony description of what the trojan is good for. Sure, 90% of the
time this wouldn't make sense and the user would be like, "Huh? Why do
I need that?", but think about the other 10% of the time.
* pop up advertisements. Although this would be likely to get the thing
noticed and removed.
* play jokes on the user, such as renaming files, changing the filetype
and creator codes on files, altering configuration and preferences files
(e.g., to "reconfigure" the AutoCorrect feature of a word processor),
kicking in the screensaver at odd times, taking a screenshot of the
user's desktop and setting it as the wallpaper, moving icons around,
Granted, all of this relies on convincing the user to install it. So, it
relies on having clueless users. OSes with no significant percentage of
clueless users are in no great danger here, but any OS with large market
share is going to have some clueless users.
Are *nix-based systems inherently more secure than Windows? Yes. Are they
inherently immune to attacks that exploit the human factor? Hah hah. No.
Cut that out, or I will ship you to Norilsk in a box.