Every 5th Call At Dell Is Spyware-Related
prostoalex writes "Financial Express quotes a Dell executive saying that spyware is installed on roughly 90% computers out there. Right now 20% of all Dell phone support calls are spyware-related. University of Washington research this March published a moderate estimate of 5.1% PCs running spyware."
Techs should feel lucky there's yet another thing out there creating a job market for them, whether they're still based in the USA, or shipped off to another country. You know, I thought Dell had the worst Dell tech support for sure, but I had to call Dlink last week to clarify on something, and I got into an argument from India about what was written on the configuration page of a cheap office router. It's up in the air -- The Dell tech couldn't read, and the Dlink tech said what I was reading was not possible. Hrm.
slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
The antivirus companies claim that removing spyware will get them sued, becuase they'll be committing libel by lumping it in with viruses. In reality, they just want to create a separate product, which is just a virus scanner with a different set of signatures, and charge each user a second time.
I wonder if this policy is still in effect ("Dell To Techs: Don't Help Customers Remove Spyware").
By the way, I love the "Your browser has blocked a popup" image over the article text. Really helps in the journalistic integrity department.
See this forum discussion on BroadbandReports. On my office Dell Dimension 8250, its support program (support.exe) phones home. I consider this a spyware.
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
I have been using DOS then Windows since 1984 and have never had spyware or a virus either. In fact I don't even run checkers constantly, just every few weeks to double check. (And for the record I have been doing Linux since late 1991 and not had anything there either).
If you are prepared to put the time and effort into it, it is all pretty easy. You don't blindly run or view stuff from other sources, you don't steal software (if you don't have the originals then you have no idea what you are actually getting), you pay attention to the dialog boxes that various programs display etc. Heck I even read the contents of those dialog boxes with legal agreements in them before clicking Ok or Cancel. Most people just don't do that, and as a result their computers end up with more "helpful" software than they otherwise anticipated.
To say that Linux by design is invulnerable is nonsense. It doesn't take too much to infect an individual user (remember they aren't reading those dialog boxes either). And notice how on many Linuxen, when you try to run an admin tool on your ordinary user desktop, prompt for your (sudo) or the root password and which then leaves a key icon in your panel. That is one thing that can be abused to go from ordinary user to root. In many cases a piece of malware could probably just prompt and the average user would type in the necessary password.
Quite frankly I don't know the answer. Signing stuff doesn't work. User education is futile - why should someone have to know about the internals of their computer, operating system, access and authorisation models? It probably comes down the programmers and user interface. Every time the software has to ask a question, it is being stupid. We need to continually work on the software meeting the user's goals without needing to be babysat, and especially without them having to make these decisions all the time.
I work at my school (Cornell Univ.) in the Information Technologies department taking calls and basically doing technical support for folks who don't know anything about computers. Our ratio of spyware questions to any other questions is definitely at LEAST 4:1. It gets real old, real fast. Thing is, we're not allowed to give advice on what spyware removal tools to use, which makes it that much harder. The problem never gets fixed, and we just get more and more repeat calls.
It's pretty bad if your grandmother downloads and installs some screensaver with this shit on it, but HP should not be doing this to its customers. Having to deal with a recovery CD is bad enough, without having to clean out the extra "value added" shit (aka sweetheart deals that make them mo money). HP is stabbing their customers in the back.
(Unrelated to this, kinda, but when I was ordering this recovery CD from the HP drone on the phone, I asked him the price.
He said "between $20 and $40."
So I said, "Can you be more specific?"
He said, "I'll need the model number first."
So I gave it to him and said "So what's the price?"
"Between $20 and $40, depending on the model number."
"I just gave you the model number! What's the price?"
"You need to order it first."
"Tell me the price first."
"You need to order it before I can tell you the price."
"You mean you can't, or won't, tell me the price?"
"Just order it, and if you don't like the price, I'll cancel the order."
"Fine. Whatever."
I ended up ordering it anyway, but I have never seen such a stupid system where you can't know the price until you order.)
They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
I actually made a good amount of money from removing spyware from people's computers. Since I have a full time job and really did not need the money I did at some point give it up. It was the same group of people that were getting infected over and over again. For some reason I could never educate them on how it got on there.
Gator used to be one of the worst ones.
Joel Johnson
I find it ironic that half of the stuff that Dell ships on their prebuilt computers makes computers run ust as slow as a lot of spyware. I know that when clients of mine buy a new Dell computer, they're disappointed at how slow it runs. Reformatting the HD always makes the computer run 10 times+ faster.
My SigOther works at a Dell corporate call center & she tells me most of the calls lately are for WinXP SP2.
Jaysyn
There is a war going on for your mind.
There's someone who does an organized scan of my ISP's IP space every morning at 8:42 and 9:42 EDT. When I have two DHCP IPs, both get hit with an average of eight bots each trying ports 5554, 1023, 9898 and 445. The IPs it comes from are usually Korean or Japanese. When I listen at the ports, they try various exploits on bots which do listen on those ports to download their own bot software.
I suspect that "8:42 Zombie Charlie" scans a lot more than my ISP's space. So it looks like someone is running a very organized and *punctual* effort to harvest a whole lot of botted machines for unknown purposes. Joy. (Actually, it's kind of fun. I wrote a sound effects program from my firewall, and I drink my coffee listening to the chorus of sounds as the ports are checked. Too bad I can't arrange to be checked a little earlier in the morning.)
One line blog. I hear that they're called Twitters now.
If I had read your claim about most 'slow' computers being crippled by spyware half a year ago, I'd have thought you were overly cynical or exaggerating.
This is, however, exactly what happened to my wife's computer. While we're a Mac household, her employer lent her a computer a few months ago, to be able to use a web app that only works using IE6. Being vaguely aware of all the malware on Windows, I told her not to use the Windows machine for email, assuming web browsing was relatively safe. However, after two months of use, IE was getting so slow it was almost unusable. So I installed AdAware, which removed over assorted 90 thingies (registry keys, processes, DLL's, whatever - I didn't bother to check). The perfomance improvement was quite shocking.
"Money is a sign of poverty." - Iain Banks
> I think it's probably somewhere in between 5% and 90%...
...) and in
Yes, but do you know *why* the one number is low, and *why* the other is high?
I don't know why the university's number is low. I'd have to know more about
how they reached it.
I do know why Dell's number is so high: they're basing it on support calls.
Sure, if 20% of the calls are spyware-related, and given the nature of spyware
such that many people don't realise they have it installed, probably 80-90% of
the people who call have spyware. It does not, however, follow that 90% of
*computers* have spyware.
The support centers for places like Dell get the calls from the people who
do not have a close friend or relative to call. Statistically, as a gross
overgeneralization, these are going to be the people at the bottom of the
barrel, the people least educated about computers and substantially most
likely therefore to have spyware.
I work at a small public library, in a relatively technophobic community,
and my estimate would also be high, for the same reason: I get calls from
people who don't know who else to call. However, I would never have gone
as high as 90%. 80% at the outside maybe, and that's of the people who
call me (or come to the circulation desk and ask for the computer guy).
I therefore surmise that the true number is below 80% -- probably quite a
bit below, because I don't get the calls from the people who are less
likely to have spyware. The people who have close friends or relatives
who grok computers call them first -- but also, the people who have close
friends or relatives to call are less likely to have spyware in the first
place, for several reasons. They're more likely to be more educated, for
starters. My parents at this point would not be likely to get spyware,
especially my mom, because I've been teaching them stuff -- just little
bits and pieces -- for several years. Heck, my mom and dad *both* know
how to copy and paste now; virtually none of the people who call me for
help at the library know how to do that. (Copying and pasting ability is
not in itself related to not getting spyware, but it correlates because
both are representative of general level of computer knowledge.) Why
don't the people who call me at the library know how to copy and paste?
Same reason they don't know how to avoid malware: they've nobody to
teach them. Another reason people with close friends or relatives who
are geeks are less likely to have spyware is because their computer-smart
friend or relative may have installed software on their computer, rather
than leaving them to do it themselves. This is a mitigating influence,
because people who understand computers better choose software better.
People with close friends or relatives who understand computers are vastly
more likely to have protective stuff (ad-aware, ZoneAlarm, an external
firewally between their Windows PC and the cable modem,
addition are vastly more likely to use a browser other than IE and
*overwhelmingly* more likely to use a mailreader other than hotmail or
Outlook Express. Consequently, they're less likely to get spyware in
the first place -- and more likely to have it removed (by said relative
or friend) in short order if they do get it.
Then of course there are the geeks themselves, who are particularly unlikely
to have spyware running on their computer at any given time. The geeks who
use Windows, besides being less likely to get spyware in the first place,
would *notice* it almost right away ("Hey, what's _this_ doing in the task
manager? I don't recognize that...") and then of course you have the geeks
who use another OS altogether; the probability that _they_ would have any
spyware is distinctly underwhelming.
So the question then becomes, what percentage of the population at large
has a computer-smart close friend or relative (close enoug
Cut that out, or I will ship you to Norilsk in a box.
I've been looking into ways to remove the profit incentive from the spyware guys. These morally challenged cruds monitor your web browsing habits and then sell that info. What if that info was full of bad entries? Like increasing the junk to valid signal ratio?
What I envision is a screen saver that we load on all the machines we can get our hands on. This screen saver then contacts these spyware sites and uploads random info. The aggressiveness could be controlled by the user, allowing it not to flood any Internet connection. The screen saver could have spyware lists, just like anti-virus software that could be updated. Imagine having millions of pcs uploading junk to coolwebsearch. How long would you say these guys would stay in business? Would those that are buying this info continue to do so even if it full of garbage?
Obviously this would be OSS, but we could license it in such a way as to allow folks like Dell to preload this and set it as default.
So folks, what do you think? Is this the way to kill these guys or is the recent criminalization enough to stem the tide?
Quit playing Monopoly with Bill.
Linux - of the people, by the people, and for the people.