Slashdot Mirror
Spyware Removal is Big Business
prostoalex writes "Just when you thought all the software niches were taken, IDC comes out with the report saying $12 million was spent on spyware removal tools in 2003, and $305 million will be spent in 2008. IDC also estimates two-thirds of PC users out there are infected. Large PC vendors are waking up to the spyware threat, having their call centers overwhelmed with spyware-related calls."
It's the best way of getting free beer I've found: fixing spyware related problems for family and friends. While I watch SpyBot and AdAware do their job, I get free beer. There are worse activities ;-)
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
... before the anti-spyware vendors start bundling spyware?
...that the vast majority of this spyware was installed by exploiting vulnerabilities (some overt, some more roundabout) in primarily Internet Explorer.
And once an ordinary user is compromised by one piece of spyware, it's usually a downhill battle.
Imagine how different the situation would be if, for the last several years, there had been real competition on the browser scene. Of course, there may never have been a way to solve the problem with the courts anyway: they DID decide that Microsoft illegally used its monopoly position to bundle IE, but Microsoft knew exactly what it was doing. By the time the slow wheels of justice had turned, Microsoft's browser takeover was virtually complete.
And during this entire time, IE fundamentally was stagnant. There were glaring, egregious security issues, and no new features that had already become pervasive and popular with alternative browsers (popup blocking, tabs, etc., not to mention a lack of horrible inattention to security). I imagine Firefox's recent uptick in usage illustrates, even after all that, just how bad IE sucks. But this will only be good for Microsoft, and for everyone: if Microsoft feels it has competition from things like Mac OS X in OSes and Firefox in browsers, we get developments like SP2. We get a new "commitment" to security. We'll ostensibly get new features in and an attention to security in IE. (Well, we can dream, right?)
I wonder how many dollars have been spent, or how many families have actually bought new computers (yes, it happens), once their PC slows down and/or crashes, hangs, or has other problems, to the point that it's virtually unusable. Yes. People really do this. They don't feel they can or know how to just wipe the machine and reinstall Windows, and even if they did, they don't know how to save everything they want to. So they just buy a new computer.
I travel with a frequently-updated set of tools for exorcising various demons from PC's, and am accustomed to mucking about in the registry, winsock stacks and other oh-so-fun places to finish up the job.
Village idiot in some extremely smart villages.
Googling didn't bring up anything helpful... I can see a couple of possible barriers:
- most developers aren't clicking on email attachments
- it's tedious work; rooting around in Windows Registry and system folders isn't fun
- it'd need to be constantly updated to be effective
It's a tough row to hoe...
The Army reading list
WOuld we pay for a car if every billboard we passed was capable of taking control of the vehicle and making it drive to other billboards? I don't think so. Why then will we pay for windows.
99 bottles of beer in 175 characte
In my opinion, most spyware is easy enough to get rid of using tools like Spybot-S&D, SpySweeper and AdAware. The one category that I've found harder to remove are the ones that embed themselves into the Winsock chain and redirect network features.
I cleaned out one PC last month - it wasn't infected too bad, only several dozen things for the scanners to complain about, and I've dealt with systems that had several hundred! - but even after everything seemed to be gone, its default search URL and things like that kept getting hijacked. I had to grab a tool to fix the Winsock chain; some malware had slipped itself in there and was screwing things up.
Village idiot in some extremely smart villages.
Just think how un-American Apple computer is. Do Macs contribute to the growing anti-spyware business? Hardly at all! Why almost no money is being made removing spyware from Macs. Why hardly anyone has heard of spyware for Macs in the first place. Can you imagine taking bread from the mouths of the little children of anti-spyware software developers? Won't someone please think of the children?
Microsoft is really helping the computer industry lately. First their initial decision to make outlook express execute any script embedded in email by default kick started the mostly dead antivirus industry into the powerhouse it is today. Now their forward looking decisions regarding the security of ActiveX and Internet explorer has created a whole new industry of spyware detection and removal.
Think of the revenue and jobs created by these decisions.
And Unix (Linux, OS X too), with your anti-economy designs like user accounts that cannot write to system areas, web browsers that do not support a web site's ability to covertly install software behind the scenes, and email clients that do not interpret VPscript, you should be ashamed of yourselves. If popularity of these OSes rises too high, it could seriously damage the antivirus and antispyware industries, causeing a loss of revenue and jobs. Congress should really do something about this.
Finkployd
My argument woud be that these authors are invading my privacy when I legitimately get onto the web.
On the other hand, I will shoot myself in the foot by seeing their potential argument too:
They could argue that by visiting specific sites and probably clicking some links, I agree to enjoying all services they offer on these sites including stuff that would be installed on my PC.
Any legal minds here?
I can tell you that spyware removal is about 90% of my consulting (side) business these days. I can usually rake in an extra $300-500 / month thanks to all the spyware problems. I feel bad when I have repeat customers, but I do spend a good amount of time educating the users and immunizing their PCs, but they always find new ways of getting spyware on their computers (it always seems to be the kids and their p2p "needs"...).
:-), I'll be glad to help you anything I can.
Now, as an industry, I don't understand why so much money was spent. There are outstanding tools and tutorials on removing every type of spyware, and every it seems like all the best ones are free.
If you want any pointers or tips on spyware removal, and you don't live in my area
Y'know what sucks? Having to tell your father to be more careful about visiting porn sites.
If microsoft made some changes to windows, this crap would have a harder time getting installed (or at least getting installed unnoticed)
Basicly, anything that wants to change certain things should trigger a "are you sure you want to do this" warning of some kind (with ways to change that warning into a requirement for a password or a total block of the activity). If the activity is blocked, the app requesting it gets an appropriate error (e.g. "you cant open that file" if access to a file is blocked)
The items that should be locked include:
Writing to the "startup" group & other locations where you can have a program start at startup
Writing to
Changing critical windows sockets settings
Changing the HOSTS file
And there may be other things
The idea is that spyware/viruses/trojans/etc that come in totally unannounced would now not be able to do that.
And spyware and such that rides alongside application programs would be easier to spot (so you can choose to use a non-spyware alternative)
Yes the cluless will just click "yes" but at least those who care wont be hit as much.
Anti-virus vendors should start detecting spyware (particularly the kind that installs itself jsut by visiting a webpage or reading an email as opposed to the kind that installs alongside programs like kazza) just like they detect viruses.
After all, spyware shares a fair few characteristics with viruses, worms and trojans.
The big PC OEMs should be doing more to combat spyware.
Myself, I use Mozilla (and keep it up to date with the latest release builds) and I use Norton
Antivirus to keep my system virus free.
I also run Spybot and Ad-Aware regularly.
And I dont install spyware-laden programs like Kazza, Real etc.
I deal with computers at businesses, 10-200 employees in general. Computers that should not be misused, on the desks of people who should know better.
Simply put, if somebody's home PC gets screwed up, it's not worth my time to fix it, since 1) they can't afford it as you've pointed out, and 2) it'll be hosed again next week.
I've gotten to the point where I'm starting to point out to my clients that hey, if they run something other than Windows, this will not happen to them.
Village idiot in some extremely smart villages.
Rather tell my father that than my mother...
(or your mother! HEEHEE!)
I'm thinking about exploring the Spyware Writer Removal Service niche instead...
Yes, it is as bad as these folks make it out to be.
Where I work (state government) I see all kinds of cruft on users machines when I am out and about. Even though it's not a direct part of my job I am in IT and to help things along I go through users machines and remove the nasties. Sadly, I walk by a week or so later and the users machine has the junk on it again.
I recently got permission to do a test with Firefox. I've been using it without issues and my bosses boss just put it on his work system and has the same results. I asked him if I could put Firefox on a users machine, someone who I knew had all kinds of problems with popups/redirects/whatever.
I cleaned her system (I don't even remember how many pieces of spyware she had) and then put Firefox on the machine. I did some basic configuration (block popups, small cache size, etc), copied her bookmarks over and gave her a quick run through on using tabs and how to configure the toolbar. So far I have not heard one bad thing from her about using Firefox or that she had issues with popups/spyware.
Hopefully, by using this person as a real guinea pig (as opposed to myself), someone who is not overly computer literate, we can convince the higher ups to use Firefox for everything except for our SAP requirements (yes, SAP is evil. I'm not the one who chose to spend millions of dollars on a tricked-out spreadsheet).
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
You know what they say about consulting work.
Windows:
Have to pay for anti-virus, have to pay for firewall, have to pay for spyware removal, have to pay for a copy of windows and then you have to pay someone to set it up.
*BSD/Linuxes:
Have to pay for someone to set it up.
Hmm... and the TOC of Linux is higher because...?
Tom
Someday, I'll have a real sig.
Someone please make a live cd that destroys spyware. Even if it just starts a wine session and runs adaware or spybot or whatever.
We did at the office and have seen a serious decline in Spyware related calls. We used to get 10 or more a day for Windows 2000.
I don't have that problem, my father and I share a porn collection :)
I'm trying to improve my English. Please correct me on any spelling/grammar errors in this post.
Well not solution, but it helps on small sites with fast enough workstations with 768+M RAM. Run debian or some other lean, stable linux distro under the hood, run VMware in fullscreen mode on top of it. Use different virtual disk for "Documents and Settings" folder. Install all the proprietary win32 crap you need, backup the virtual system disk and set it up so that it overwrites the system disk on every real boot. If you don't need SMB browsing and printers, you can further protect Windoze by using NAT networking so the virtual machine is not visible on network. You can still use SMB/CIFS disk shares and CUPS printers (2K and XP support CUPS somewhat). Running winblows under VMware is 100 times preferable to wasting perfectly good hardware to a dedicated, "real" installation. And it's cheap, v3->v4 upgrade is currently 99 US$ + VAT. Another plus: as admin, when installing new software, just make a snapshot of the VM state, then install the proprietary crap, and if it breaks anything, just restore snapshot and you timewarp to pre-fuckup state. Excellent!
'Once scientists, even the dim-witted social scientists, get muzzled, the Western Civilization is finished.' - oldhack
Maybe I'll give up and join the Borg.
Never shake hands with a man you meet in a fertility clinic.
What I can't seem to figure out is why Norton and McAfee didn't include spyware detection and removal in their virus detection software from the beginning. I remember specifically reading something on Symantec's site that said something to the effect of "we are not targeting any 'spyware'".
Wouldn't this have saved a lot of problems? How is spyware not considered malicious?
Over and over again, I have to sit at friends' computers and rescue them from the evil clutches of the browser hijackers and such. I think Symantec and McAfee dropped the ball on this one.