Slashdot Mirror
How Much Harm Can One Web Site Do?
Ben Edelman has written extensively on issues including censorship and spyware. He's got a very interesting piece on his site now about who profits from spyware, and how much spyware can be installed on a Windows XP machine when the user simply visits a single Web site using Internet Explorer.
if you use another browser like Firefox?
Well, if it's Slashdot, it can leave your server a smoldering wreck.
So is that link implying that visiting benedelman.org to read the website can install tons of spyware? Good thing I didn't RTFA.
Never confuse volume with power.
Am I supposed to click that link? Finally, we've found the antidote to slashdotting!
Much, if you count slashdotting as harm :)
how much spyware can be installed on a Windows XP machine when the user simply visits a single Web site using Internet Explorer.
Am I safe if I am on a win2k machine?
There is a spark in every single flame bait point.
I did (for once...) read the article, but didn't download the video my question might be answered in that (although if it is only answered in the video, that's pretty stupid - I'm sure many people can't view it, and it's WMV, so I wouldn't actually want to...) but does he actually say what the website visited was?
I mean, I'm guessing most people would visit a reputable search engine, or the default MSN page when they first installed Windows and opened up IE, instead of what I'm guessing must be a fairly dodgy site in order to install so much spyware.
That's not to discredit what he's done - I'm sure novice users would easily get onto these sort of spyware laden pages by mistake pretty quickly...I'm just interested, that's all.
And get no spyware at all.
And one link to a video of the latest cool tech stuff.
Nuff said.
Certain .cx sites are all the evidence needed. I rest my case.
The difference between spam and poop is that you don't have to dig through septic tanks looking for real food. -- Me
I am just plain sick and tired of web sites installing crap programs like xxxtoolbar, gator, cometsystems and etc..... in the background. I 100 percent understand that advertising pays the bills for many websites, but the end user should have the option of saying yes or no to the installation of these programs as a trade off for viewing the site. If I want to view a site or download something from a site bad enough then I will accept its tracking cookies, but that was my choice. Of course saying that I still hate scumware and block most everything using a combo of both Ad-Aware and Spybot SD. Also 127.0.0.1 can be your friend and an advertisers for :)
News Reporters Make Tasty Polar Bear Treats!
I LOVE the headline
Apparently we're forgetting the word "slashdot" as a verb.
None of this is a surprise to me. I've been dealing with this crap at work for years now. Spyware is teh single biggest headache the ITS department I work for has to deal with. We spend more time cleaning spyware out than viruses. XP Service Pack 2 has helped a lot, and so has encourgaing the use of FireFox, however, at least 55% of our systems still run Windows 2000 and a lot of the resources we need to access online only work in IE.
Boobies never hurt anyone. - Sherry Glaser.
Sounds like a handy excuse to install sexually-explicit desktop icons to me!
"But honey, it's for research... honest!"
From TFA:
... still there and could broke your life!" (s.i.c.)
"warning! you're in danger! all you do with computer is stored forever in your hard disk
Anyone else find the improper spelling of "sic" (used by an editor to mark improper spelling or usage in a quoted piece of text) to be humorous, or is it just me?
if you mean damage as in "the server got slashdotted", of psychological damage as in "someone told me to go to this goatse site" (or tubgirl, lemonparty etc), or FUD as in "this microsoft site says linux TCO is higher"...
Oooooh you mean by spyware. Sorry, I use Safari, and Konqueror or Netscape when I'm on Linux.
Go hug some trees.
Be afraid.
A site that willfully becomes a source of trojans, exploits, and malware deserves to have all it's packets blocked at a high level or black holed.
Why can't this be done?
Just cut them off entirely.
The big players need to get together on this.
This is /. asking, hehehe.
Maybe we should give a survey to all those people whose server was reduced to molten silicon after slashdotting...
Okay, let's see, this guy loads up an OS ("fresh", as he writes) that has been targeted by the net scum since it came out, so we know it's vulnerable to every exploit designed for it. Goes to a troll site for 180 and then complains about how awful it is when during installation/first net logon he should have gone straight into the patching process that would have prevented it (in other words, he had to cancel critical patching out intentionally).
This is akin to throwing matches at a tub of gasoline and writing an expose' when it catches fire. Either this guy had too little to write about, had too much time on his hands, or had to win a bet and is trying to slip this one by someone.
Even he admitted his lousy methodology in his last sentence.
This isn't news. It's just a bone thrown out to keep the resident "gotta flame microsofties" happy with a fix for the day.
It doesn't matter what you wrap your emotions around, Reality is a brick wall specifically designed to scramble eggs
visiting a website leads to:
"System Settings Change. You must restart your computer before the new settings will take effect. Do you want to restart your computer now? Y/N"
Give me one reason I should run IE.
- Just my $0.02, take with a grain of salt, your mileage may vary.
Particularly amusing was that the article mentioned a proposal to bundle spyware into Gnome 2.0. I bet that went over like a strip club in the Vatican.
Unknown host pong.
Ask anyone who's been slashdotted!
I don't know the meaning of the word 'don't' - J
For the most part it is the companies making the spyware that get to sell ads to the people it infects and the website publishers that promote "pay to install" affiliate programs.
I'd like to know if anyone has heard success stories of legal action against these companies. Forget about targeting Microsoft or their browser holes, forget about using the "right" browser. My mom doesn't understand why I make her click on the red globe icon instead of the blue E.
I've heard of spammer suits in small claims court being won thanks to the fax abuse law. Has anything similar been done with spyware? If infection and installation can occur and cripple a machine without user permission...requiring computer tech support (and hourly rates) to repair...how could I go about suing these people for those costs?
-Barkeep, a draft of your most hazardous brew, for the world is slowly stepping into focus, and I don't like what I see.
How much harm can one website do? This is slashdot. We blow up poor people's servers for fun!
This is not a sig.
Answer: only 1
Wherever you place the line in defining a 'compromised system', truth is: once defined, anything that crosses the definition, means breakage, and once broken, a single or a dozen occurences is just more of the same.
As a user, I regard my system to fail when:
- It fails to provide a function I expect it to provide, like when it hangs, or program calculates incorrect results
- Info I expect to remain on my system, leaks out unintentionally
From that view, spyware, worms and vulnerabilities are essentially the same thing, as soon as they cause any of the above. A leak is a leak, and only 1 is enough (erhh, too much). Period.Slashdot Effect. Need I say more?
I'm a leaf on the wind. Watch how I soar.
Everyone has typos...
Just try mistyping any popular website and you'll find yourself into an undefined site.
hotmail.com --> hotmial.com
google.com --> goggle.com
etc...
etc..
etc.
I RTFA, and hidden away deep in the article, we find this gem:
Note that the latest version of Internet Explorer, as patched by Windows XP Service Pack 2, is not vulnerable to the installations shown...
In other words, he's running all this on an unpatched XP machine.
Now, before the Slashdot horde stabs me repeatedly with a big sharp knife for being a Microsoft apologist, consider this situation. I've got an old version of Firefox with a few exploits in it. I report the exploit, and the response I get is that these exploits are already patched. Yet I decide to write a story about the horrific exploits, post it to Slashdot, and stir up a raucus about how bad FireFox's security is.
What I'm proposing is that Slashdot report it's stories with less sensationalism and more professionalism. Put in the story that all this was run on an unpatched machine, and that the said security holes have already been fixed.
Thank you.
Tech, life, family, faith: Give me a visit
...may I point out that it is NOT worksafe? Thanks, Ben! Appreciate that.
Glad I didn't have the boss watch it with me in an attempt to convince her of the need to take better anti-spyware measures.
Really?
It's to .. fortify the OS against spyware and viruses by closing security holes
Sounds just like getting rid of Windows, or at least IE and ActiveX. Every IE / Windows patch just makes things worse.
sulli
RTFJ.
- Part 1
- Part 2
- Part 3
Part 4 is coming Real Soon Now (tm). The ISC handler's diary is required daily reading; always a lot of good stuff to be found. (And every now and then, there's a tale that'll make your blood run cold...)Carousel is a lie!
So change the icon on whatever alternate browser you're using to the blue E, and tell her it's a new version =P
I was not shown licenses or other installation prompts for any of these programs, and I certainly didn't consent to their installation on my PC.
I would love to see somebody slap some criminal charges against the site owner. Hiding behind an obfuscated EULA is bad enough, but installing software without any permission whatsoever has to be illegal, doesn't it?
Simply. It not just defensive its offensive!
Anything from leaving a warning to blasting any software that would try to down load off of that server!
Comment removed based on user account deletion
Thats... wow. Makes me want to go arround to every machine I can get at and install FireFox and delete all the IE shortcuts. Of course, would that make me any better then those web sites?
#include <signature.h>
My mom doesn't understand why I make her click on the red globe icon instead of the blue E.
You can resort to the old standby of car analogies.
The red globe is a nice new car. The blue E looks like a nice new car but there's a bomb under the hood that has a percentage chance of exploding and messing up your computer whenever you use it.
So obviously, use it ONLY if absolutely necessary.
LOL: Just take the RSS feed of the offending website and open all the Live Bookmarks (in IE of course)
From the site:
Note that the latest version of Internet Explorer, as patched by Windows XP Service Pack 2, is not vulnerable to the installations shown in my video and discussed above.
Interesting to note that Windows XP SP2 is immune. Only old Windows versions are vulnerable. I think its pretty pointless to keep pointing out that OUTDATED products have bugs.
if the site contains my credit card number, all my passwords, and nasty pictures of me.
i say a lot of harm
\n.\n
If you don't like, than fix it. Start your own company that knocks the socks off of Microsoft. Geez, enough complaining already.
Comment removed based on user account deletion
Comment removed based on user account deletion
Before you start whining about how the machine was unpatched, and going on about how we're picking on MS, realize that just maybe, Microsoft isn't the target here. If you would read the fucking article, you would see that Ben is attacking propagators of spyware; not MS.
Ok.. so I watched the video and as is usually the case.. he lies... he DID allow it to run.. He GOT an error about scripting being wrong on the site and said "yeah let's let scripting continue to run" rather then saying.. NO NO NO don't run any more... yeah sorry if you're that stupid you deserve what yo u get.
If I leave my door unlocked, I'm an idiot, but if you then walk in and steal my TV while I'm gone and sell it at the local pawnshop you're still just as much a criminal as if you smashed a steel door in with an APC: an unlocked door is not in itself an invitation to enter and make oneself at home. The same principle applies here: the sites and software authors are not the legitimate businesspeople they try to convince everyone they are.
-- Old Man Kensey
Comment removed based on user account deletion
s.i.c
actually refers to"Spelling Is Correct" to show that a spelling error was made within a quote and not introduced by the Author.
Comment removed based on user account deletion
Actually, it's a Latin word meaning "thus" or "so," and is used to indicate that the original material contained the error. It is not an acronym for "spelling is correct."
but then what is the internet for?
I hate using analogies but here it goes:
If I took a SUV which did not have factory installed seat beats, roll bars, skid plates, etc. offroading should I have any right to complain when I an seriously hurt in a preventable accident? Nope...
And don't try to be smart, it doens't look good on ya...
You might not have a problem, but what about your mom? Or your grandma? Or your neighbor next door? Do their computers come pre-configured like this? I doubt it. Do those individuals know how to fix all this? Again, highly doubtful. Most /.'ers don't have to worry about spyware on their personal machines. Most /.'ers don't have to worry about viruses, etc. It's all of the millions of untrained, uninformed computer users that have these problems, not the couple hundred thousand /.ers.
you haven't been working with very many of your friends computers yet. Since I've been taking networking classes I've had the pleasure of working on a number of friends computers (and their friends and families computers). Do you realize how many people a) are afraid to update to sp2 (because of media sensationalism mostly, some because their using pirated copies) b) don't have any idea you *would* need to update (my wife for example).
Its easy to get on some podium and talk about how stupid it is not to UOA (updated often and alway) but the real world doesn't quite work that way. And to top it all off you've get worms that can spread in the time it takes to configure internet conectivity just to download the updates and it starts to dawn on you how much trouble this stuff can be for non "computer people" (honestly, do you know how to slipstream your installation disk or burn copies of updates to manually install?).
There are more unpatched copies out there then you think. And even the ones that do patch often are already infected (if you've ever seriously tried to pull a particularly nasty BHO, you know even a good tech person can have trouble getting a grip on it).
Quack, quack.
actually it is an acromym. It also means "thus" or "so" in latin but in the world of grammer it means "spelling is correct".
This coming from an english major for 3 years before I decided I had more fun fucking with my computer then I did learning grammer, composition, and reading a lot of crappy "classic" literature.
I was thinking, what if you could do something to simulate a spyware install on a computer to the point that they would be fooled in to paying out these per-install fees to websites. If they're paying out a lot of money for installs that will promptly be deleted, then it would hurt these companies financially and also hurt the revenue streams to the websites that use these exploits for financial gain.
-- Knowledge shared is power lost. -- Aleister Crowley
if you've even been tricked into clicking on a goatse link.
Argh! My eyes!
Must . . .
burn
image
out of
mind.
Well, there's spam egg sausage and spam, that's not got much spam in it.
Your are wrong! Who reads Slashdot stories anyway?
Twaintec is a spyware company, and upon viewing their website I read their privacy policy regarding their spyware, and they had an e-mail address to report any malicious sites (installing their spyware without customer consent) to...
My letter (to which I got no reply)
Hello there. As you can see, I have had to take steps to insure my identity remain secret.
Due possibly to an oversight on my part (leaving the security level in the internet zone in IE on Low, then going to an untrusted site), I have been infected with your adware. The uninstall procedure on your website does not work -- your software is not listed in add/remove programs. The twaintec.dll in my windows directory is currently being used, however I have removed all permissions to this file so it will not load after I reboot.
I was infected with this as well as a myriad of other spyware (toolbars, programs, browser hijackers... I didn't bother to make a list but you should see all the pornographic bookmarks I now have, it's very impressive) by simply going to an internet site. I didn't accept any requests, I didn't read any privacy policies, and now I have your program.
While your privacy policy attempts to divert responsibility by claiming not to allow this, your failure to insure in software that this actually happens makes your company morally, if not legally, complicit. In short, you could have written software that did this, but instead you put the onus on others to ensure that your software was installed on end-users' computers responsibly. Not surprisingly, many third parties do not do this, and privacy policy be damned, *you profit from it*. You acknowledge this by putting, in your privacy policy, instructions to contact your legal department if one should find examples of abuse of your software. I believe that a person of moral integrity would take steps to ensure that your software was not abused, and that by not doing so, you lack moral integrity.
But I'm not here to put you down. I would like you to stop distributing the software, shut down your servers, destroy the source, and find another job. A company that can produce this software could, instead, produce something like, say, PestPatrol, that would make peoples' lives better, not worse. But the purpose of this e-mail is not to request that.
What I want from you is simple. I want you to write me back with instructions on unregistering that DLL. I don't know who wrote this program, but this should be a simple task for someone with programming knowledge, such as must have been required to write the program. If you can do this for me, your moral obligation to me may be considered fulfilled. There is still the greater issue of this software, but one that I'll let you deal with on your own time. If you reply to help me fix what your software has broken, I will forgive you.
If you promise to take steps to ensure that your software is not abused or that you do not profit from it if it is (charitable donations?), I will applaud you.
But I will never trust you.
David
---
Protect yourself from spam,
use http://sneakemail.com
I reciently installed a new win2K system and installed the latest service pack 4.
e rn.iscx y.yoie xe
mirc.exen -Anon.Germ s32.llax e
zema
I also killed all the services. and it never ran a web browser. Just mysql. I didn't have any antivirus software on it.
So after placing it on an unfirewalled connection in a locked room, withing 2 hours there were over dozens of virus, worm and spyware installed on the system till it crashed and couldn't even boot. Coming up with 100's of DLL errors!
Again we never open a single web page.
Specificaly some of what was installed was:
alte.exe
beird.exe
c.bat
clonzips.ssc
clsob
cvqaikxt.apk
cult.exe
cygwin1.dll
dgss
dual.exp
emoti.bat
enotxa2.exe
explorx.
ger.exe
gt.x
hosts was altered
knlps.exe
knlps.sys
ksat.bat
medo.dl
nonzipsr.noz
ntcnsl.dll
orrl.exe
Odi
repcale.exe
riqa
scheduler.exe
sysm
svcshost.exe
titlex.exe
w.e
wshield.e
winguard.exe
ymnz.exe
unmt.exe
vnicmon.exe
a qsws directory
zippedsr.piz
I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso
"Note that the latest version of Internet Explorer, as patched by Windows XP Service Pack 2, is not vulnerable to the installations shown in my video and discussed above"
was at the top of the story.I make my face look like this and concerned words come out.
All these people talking about how he's doing this on an unpatched windows install. Complaining he should update.
The story is not about a browser. The story is about the scum companies that make money using exploits to install their crap. If the money trail is followed and the companies profiting from this got their asses handed to them this wouldn't be near as much of a problem.
His example was exactly that, an example of how many nasty things are willing to exploit you, regardless if it succeeds or not.
superman runs linux
We know, we know... going to a nefarious web site WITH AN UNPATCHED WINDOWS BOX results in a ton ot Bad Things happening.
Well known fact, no one in their right mind on either side of things would argue it.
But what happens when you go to that same site and your box is fully-patched? The answer is nothing, unless you've mangled your security settings otherwise. And what if you have a current antivirus program running, which you should? And what if you have some sort of anti-adware program running, which you should? And what if you have some sort of firewall in place, which you should? The answer is LESS THAN NOTHING.
Folks, the above configuration (patched box, antivirus, anti-adware and firewall, all updated automatically) is the configuration everyone, REGARDLESS OF OPERATING SYSTEM, should be using. Doing so makes the Internet about as safe as it possibly can be. Know how many times my system has been infiltrated in any way, shape or form when following this advice? Exactly ZERO times in well over a year. Know how stable my box is? Rock-solid (WinXP, virtually never gets rebooted except for updates, which admittedly is an annoyance but is still my choice).
We all want computer users to be more savy and more knowledgable and we (the technically-savy, especially the Slashdot crowd) tend to slam them when they do stupid things and get burned because of it, yet we're going to use as an example a situation (a completely fresh Windows install) that only a penultimate stupid, naive user would have, to support the opinion that Windows is horrendous?
Stupid article, stupid conclusions, yet typical of the anti-Microsoft crowd.
If a pion (n-) collides with a proton in the woods & noone is there to hear it, does lamdba decay into the source pa
I spent about an hour trying to figure out all the hacks that website was doing but after all was said and done it was frightening the lengths people go to in order to hack your browser, set your home page then get ad impressions and make revenue.... embeded java code with encrypted javascript with encrypted java code which printed out encrypted HTML which when decrypted had the browser load java code that used a browse helper object to set your homepage.
2 years and no mod points. Join reddit. Because openness is good.
I get around that problem by changing the Firefox icon to the IE icon, and making the IE icon something else ( usually labelled "GARBAGE!!! or "DO NOT USE" )
[i]Note that the latest version of Internet Explorer, as patched by Windows XP Service Pack 2, is not vulnerable to the installations shown in my video and discussed above.[/i]
.. :->
Service pack 2 installations not vulnerable. Nothing to see here. If you don't apply the proper patches to your software, expect exploits.
although personally, I prefer Firefox over IE
I am the maverick of Slashdot
how do you make demo/tutorial recordings like this?
sorry in advance if this is a stupid question / common knowledge
It's a quantitative measure of the effect, rather than the qualitative and unsupported statement "obviously if you run an unpatched box you'll get crap installed".
Even when you know something is not optimal, there is worth in having some measure of how bad it is.
I am a Mac fan, but I also have a PC for work. I wouldn't be caught dead using IE on the PC. I use Firefox. But, I propose an alternative... just walk into an Apple store and try out a couple Macs. I think most people are suprised at what they can do, the software available, and the reliability. There are 6 viruses on the Mac in grad total, if you don't count the relatively few Office Macro "viruses."
Sure, some types of exploits are possible on a Mac still, but it's inherantly more secure. It's not security by obscurity, as some might claim. If you like the OS when you try it, you will be relieved to know that Mac users don't spend their days fighting Spyware and Viruses. It's a non-issue for them.
- Jeremy
"Politicians find new names for institutions which under old names have become odious to the people."
I've been using Firefox and Mozilla for close to 2 years, and have yet to run by a site that doesn't work in it that works in IE (except one that I've written with ignorance to HTML standards) so I challange you to name one site that will not display in my firefox.
~Ilyanep
To get message, take amount of carrier pigeons at each stage mod 2. Then decode binary.
Same thing here. Another few things to keep in mind:
:). Windows Update doesn't work or might not work correctly, but you can always disable that later.
:))
Do not use AIM. AIM uses the IE rendering engine for alot of its stuff, even when you turn off the news bar on startup. It's gotten me several tracking cookies.
As tempting as it might seem, DON'T run kazaa. It also uses the IE rendering engine, is itself loaded with spyware, and its trivial to get a virus (running a test, I got that anti-racism ping flood virus, forgot the name, within a few minutes).
If you really DO want to look at pr0n (*grin*), then do it through a CGI Proxy. There are millions available, and a google search for allinurl: nph-proxy.pl will come up with lots of them.
Finally, if you're not the only one using the computer, delete the IE shortcuts and add Firefox icon that says "Internet" or something. Load up IE, stop it before it does anything, then add a bogus proxy (asdf.moo.com or something) so that even if it does run, it doesn't work. The less computer savvy can be told that IE is broken and that FireFox is the better product because it doesn't break or soemthing
-- Chris
(By the way, I dualboot linux and windows, only for the games
from one angelfire website was this:
-- 17 unwanted installed programs
-- 12 virii
-- 168 pieces of spyware
-- 20 trojans
-- 1 broken USB driver
Now I use Mozilla, and haven't had any problems since. That whole mess took 18 hours to repair. And for everyone who is going to say "Just reformat it," reformatting isn't always an option.
My mom doesn't understand why I make her click on the red globe icon instead of the blue E.
:)
You can resort to the old standby of car analogies.
Or you can just point the blue E to the red globe's exe file and she'll never know the difference
-matt
Comment removed based on user account deletion
Before you go off half-cocked accusing other people of going off half-cocked, you might want to RTFA, including all you mods who upped this post to 5. The article is not about Windows or IE or what Microsoft shoulda or coulda or woulda done about any flaws.
The article is about the scumbags that exploit the flaws, and the lengths they'll go to to get their crap onto your PC. It's also about the money trail that can be followed to nail these suckers. The article was trying to demonstrate that there is a way to fight back against behind-your-back-ware, aside from securing the software and making sure your updates are current.
Just because the lock on the door to your house is an old design and can be easily jimmied doesn't mean someone can come in and take your Stuff and justify it by pointing out what a lamer you are for having such an old lock.
Edith Keeler Must Die
When I went to this website:
www.coolsearch.biz
it got me a error message saying that my PC wasn't Win32 compatible (I was running Linux), then when I clicked ok to dismiss the message it tried to download and execute a file called gdnES208.exe using wine! It also tried to install a firefox extension without being requested.
P.S. be warned: this site is dangerous!
try MYIE, if you cannot avoid IE itself, and cant use firefox, then MYIE is the next best alternative that still uses the IE engine, but with a cooler frontend.
Liberty freedom are no1, not dicks in suits.
try saying that in a corp environment where SP2 breaks VPN compatability, disrupts terminal emulation necessary for accounting/ordering purposes and I wont even go into the specialized systems that control our automated warehouses. . .
the history of the world
Spyware is so prevelant because of two reasons:
1. Clever Spyware Crafters
2. Naive End-Users
The Spyware people target the largest marketshare. The "typical" user doesn't know anything about their computer nor *want* to know anything about their computer. They want it to work when they turn it on and forget about it when they turn it off. If it pops up an error message, they treat that like any other pop-up, they select the default button (or the one that says "yes"). This has been proven time and again by entering text on email and im forms stating "do not provide your password, we will *never* ask your password for any reason". What is the first thing they do? They type in their password, credit card, social security number, and automobiles, as if they were entering information for an insurance form...
If Linux were as easy to use as Windows and had as many users, there would be a load of spyware on each of those machines...
wouldn't that be "spelling isn't correct" ?? Honest, I'm curious.
Oh no, you're not getting me to click that link!
(rant mode on)
I agree with the parent post.
As long as the site is using exploits that don't provide any form of warning that site should be removed from the internet. It's the use of exploits that I specifically object to. AFAIK the use of exploits in this manner could be subject to civil penalties, and be prosecuted for breaking into the computer that they used the exploits on.
Running an exploit on a computer that you are not authorized to do so is illegal in many parts of the USA. The only exception to this that I can see is the demonstration of an exploit.
All of this "slippery slope", and censorship talk is just silly. If your already doing something illegal (or if you prefer, ethically wrong) to gain money it's really not censorship, it's something entirely different, and it's a civil matter.
Given that, in order to run a web site or have internet access, the provider usually reuqires you to sign that you won't do anything illegal, I think it's reasonable that they "pull the plug" on something that's either illegal, or borderline illegal. *Especially* if you are only doing it to make money by ripping of poor consumers that don't know and understand what you are doing.
Sounds to me like the con men have found a new home besides the Senior Citizen Centers.
(/rant)
Thanks, I needed that.
And the reward for being a complete fucking scumbag ego-maniac turd is...:::drumroll:::...an editor job at Slashdot!
If you told your insurance company that you left your door unlocked, they won't replace your TV (or your car).
Gotta love those double standards of corporate America...
Of course you can say the door was locked... Chances are no one will come out to look at it. It's easier to say that with the car scenario since a stolen car means no car for evidence.
It's still a crime either way... Just one is more painful than the other.
Many people don't realize that spyware is a serious security threat. With the first cases of burglers using spyware to find out browsing habits and schedules of their victims to sophisticated credit card theft people must realize that spyware has become much more than just annoying.
How can someone more or less intelligent still use Microsoft Windows and Internet Explorer nowadays?
Wouldn't that be "in the world of grammer [sic]"?
The word is spelled 'grammar'. Also, check the MLA Handbook (you do know what that is, Mr. English Major?), and you will see that you are wrong about 'sic' being an acronym.
I suppose it's a good thing you changed majors. Remember that spelling and grammar are helpful in computer languages also.
No, but your explanation is a good mnemonic! :-)
Just as my bot spit out the link to this article via the Slashdot RSS feed, I got the following message:
503 Service Unavailable
The service is not available. Please try again later.
Hey, that's funny; I also like semicolons -- do you use dashes a lot too, and sometimes have trouble choosing between a dash and a semicolon?
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
While so many are quick to point out that he used an unpatched machine, that he should know better, that he's just doing it to be difficult, that he can fix it. He know's he should install SP2, he knows he should have his firewall set up. He knows he should practice safe surfing....but my mom doesn't know this stuff.
For every computer whiz (like most of us that visit /.), there's a thousand users like my mom who know that you turn on the box, move the little mouse around, and she can type emails to the whole family every day. Then she surfs around on the internet, types something in wrong, clicks on the wrong site, and now can't send the emails to the family and can't order my Christmas presents from Amazon.
Spyware is a pain in the ass for us, but its a nightmare for the computer novices!
How infuriating! That is the name of one of my favorite games, "Strange Adventures in Infinite Space" which you can read about here.
You know the Spyware companies are pritty dumb. What they should do when they make the program is remove all the other pieces of spyware so only you adds are beeing seen to the User. You know if they all did this then in Theory you should only have one piece of spyware on your system and most people wouldn't notice.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Easiest troll ever! [sic]
It bothers me that some people still install windows while connected to the internet.
Nothing great was ever achieved without enthusiasm
similar studies on a SP2 patched XP machine with firewall and antivirus running
Share and rate p
I was going to mod you down but then I thought "no wait, it's true!" :) :)
Is just as bad as far as "drive by downloads"
I forgot that reading the article is rare...and reading more than two lines of comment is even more dismal.
I'd like to know about the lawsuits...not how to trick my mom into using a different browser. Typical slashdot answer...fix the symptoms without addressing the problem.
-Barkeep, a draft of your most hazardous brew, for the world is slowly stepping into focus, and I don't like what I see.
I was going to mod you down but then I thought "no wait, it's true!"
Since when has that ever stopped anyone?
"the only real code Firefox can excute"
Firefox does not execute Java, it is treated as a plug in and it is compiled and ran by the Java engine you had to install to run Java code...Sun would sue anyone that produced a browser that could run Java natively without the use of the Sun Java engine. (DUHHHH)
Ok, I am feeling nasty today and very elitist for no reason whatsoever.
Your mom and my mom have the same experience (no jokes!)....but I call that "thinning of the heard". It works like this. Once we get the newbs "off" the internet, the rest of us who know something about computers can get back to work.
Elitist? Yes. Unreasonable? No. I don't think anyone would argue that newbies in and of themselves pose a security risk because they don't even know the most basic concepts when it comes to computers.
It's like saying you are a driver and not knowing what a tire is.
With almost every version of FreeBSD every released there has never been any major security issues.
I still have a 2.1.0 from 1995 up and running with almost no mods from the default install and have never had a breaking , it's in front of a firewall and had hosted several celebrity web sites with a lot of exposure.
I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso
The test is not particularly valid because in the video the person quite clearly clicks "Yes" to running scripts on the page even after there are errors. I have to ask myself what kind of person blindly clicks on yes and I come up with the answer "the person who gets software installed on their machine". Also the machine is not patched, which also makes the test less than meaningful.
The "test" is basically the same as saying "Hi I know that this lock is vulnerable to this method of being opened and I will now prove it is not secure by using an old lock with that vulnerability."
If I was in a really pedantic mood I could use a nice old copy of any other operating system with known and patched security problems and demonstrate how vulnerable they were in the past as well. Lets see, maybe I could make a website dedicated to the old known Irix user able to set root password to nothing exploit.
It's not scientific and it's not clever.
Martin Piper
Owner - ReplicaNet and RNLobby
Comment removed based on user account deletion
The first thing that came to mind was goatse.cx
Howdy folks. Sorry to take so long to respond -- was in airports and planes all afternoon. Day before Thanksgiving...
Browsing to the site I showed in my video is one way to get infected. But that's not the most typical infection method. Instead, other sites can and do point to this site (and other similar sites), typically via IFRAMES. I was recently looking at a post in a web-based threaded messaging site, which used a 1x1 pixel IFRAME (basically, hidden) to reference the site shown in my video. When a user loads the infected post in the threaded messaging site, the user's PC will be infected via the exploits shown (if the user's PC is vulnerable to such exploits), and the user will receive spyware like that shown in the video.
As to video format: I apologize for the WMV format. There's a lot to be said for this format, from the reliable free creator to the wide deployment of the player software (present in all W2K and WXP systems). But clearly it's an imperfect solution, and not great for viewers on other platforms. I'm working on finding a better alternative and/or offering the same content in other formats.
I think the other commenters did a good job of explaining my intentions in making the video. One further point to add: It's surprising, and worth documenting, that big companies (e.g. 180solutions) continue to benefit from installations through security holes. Lest the companies deny this in the future, it's essential to document the wrongdoing clearly, convincingly, and publicly.
Ummm, buy RH Linux, install it at home or office, connect to the internet and in less than an hour, it too will be owned. This happened to a friend who wanted to try Linux. He brought a distro from work to home, tried it on his PC then ran into trouble with "crap". Took the computer to work and did the same thing (don't ask me why) with the same results. It's the lack of a firewall, sufficiently blind IP address that's the risk.
I used Windows Media Encoder. Free from http://www.microsoft.com/windowsmedia .
Jellomizer, some spyware programs actually do exactly what you propose. I've made several videos showing a bundle of programs, installed through an exploit, wherein one program in the bundle deletes the rest. Makes for a great video: First we see new folders created in Program Files (and new files elsewhere too), then we see many of them disappear. Positively spooky!
There are different JVMs (what you call Java engine) out there then Suns. E.g. IBM's JVM and stablevm (or whatever it's called).
In fact, Sun does not produce a 1.4 JVM for Linux/PPC, which is why on my machine Firefox uses IBM's JVM do run Java applets.
how much spyware can be installed on a Windows XP machine when the user simply visits a single Web site using Internet Explorer.
I'm a bit disappointed that he only came up with a site with 16 pieces of spyware. He should have gone right out for 42 pieces or something like a true geek.
You have to convince a qualified examiner that you are capable of operating a car. The same is not true of an internet-connected computer. Would that it were so.
Author, Shell Scripting : Expert Re
From the article:
"So it should be unusually straightforward to track down who's behind the exploits -- just follow the money trail."
So..... just DDoS those folks. $0.07 isn't much when your $100,000 webserver is melting into a pile of slag.
Too many of the details you mention make your report unbelievable.
A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
Get it from http://www.mplayerhq.hu
I reloaded my machine due to a corrupt registry. I didn't feel like downloading the 5-disk or whatever set from M$ to repair it. I just reloaded because it was time anyway. I've been seeing random reboots (which are still happening despite my best troubleshooting; it's too infrequent and random to pinpoint).
After reloading, I was called away to do something else important and didn't get a chance to get anything really set up. It's an RTM Corp XP copy, fresh install with AIM and Yahell Messenger only. As I said before, I had to walk away to do something else and didn't get back to the machine until later.
My ex-girlfriend and I are talking and things are going very well between us. We are in the process of talking about getting back together and all of the things surrounding that. We had a really good talk after spending some quality time shopping, seeing a movie, and eating. We talked in the parking lot of the mall and agreed to talk again as soon as she got back where she's staying and I got back to my place.
I got online at my place and there she was. She told me that she was crying in the car on the way back to where she's staying because of a song she heard.
She sent a link to the lyrics over Yahell and I clicked it. Obviously, it opened in Internet Exploder on an RTM copy of XP with no updates and no protection.
The site came up with the lyrics, but I was rudely interrupted, as I began to read them, by a pop-up window asking if I wanted to try the latest in malware protection. I cliked the "no" button and the window disappeared. It came back a few short moments later... same thing. I clicked "no" and it went away.
Well, we did this little song and dance for about 5 iterations before that window decided to stop popping up. A few seconds later, a different window popped up and (we've all seen this bullshit) it said "You've been infected! Click OK to remove the offender and try out X protection suite!"
I didn't click Yes or No. I clicked the X in the upper-right corner to close the popup.
Open floodgates, she's gonna burst!!!
Icons started popping up in my system tray. My hard drive went nuts. The machine slowed to a crawl, and even the mouse refused to move at times. After about a minute of this, the machine settled down and I started getting popups. Some were ads, others were repeats of the "you've been infected" message. Yeah, you infected me. Of course I'm infected. I'm not going to purchase anything from you as the solution. Heh.
Anyway, I fought the popups for a minute and realized that my machine was not going to be of much use for the time being. I moved to the phone with my sweetie, and returned afterwards to clean up the mess and get the machine back in working order before I went to bed.
I installed Ad-aware SE and updated it. On the first run, 611 count spyware objects.
ONE WEBSITE. The first website I visited, nonetheless.
Since then, I've obviously installed all of the necessary protection and installed Firefox.. but it just goes to show that even a very experienced spyware detection and removal expert can get nailed to that extent by ONE freaking web site.
I went into work the next day and told everyone that our customers are not, in fact, as inept and stupid as we think they are. I never clicked "yes" or "ok" or allowed anything into my machine expressly. I operated in a manner to the contrary. I still got nailed with 611 objects from ONE website.
I would provide the link to the site in question, but I don't have it anymore.
"As tempting as it might seem, DON'T run kazaa. It also uses the IE rendering engine, is itself loaded with spyware, and its trivial to get a virus (running a test, I got that anti-racism ping flood virus, forgot the name, within a few minutes)."
Use Limewire, other than the nag screens asking you to update to Limewire Pro, it is free of spyware\ad-ware\etc AFAIK.
ND
This statement is forty-five characters long.