Slashdot Mirror

← Back to Stories (view on slashdot.org)

Given Up to Spyware?

Posted by CowboyNeal on from the unset-passwords-and-publicly-writable-shares dept.

Khuffie writes "Wired has an interesting article about how some people have given up to spyware, knowing that the software they're installing virtually takes over their internet connection. What's even more ironic is that they claim it's a necessary evil for free software, when things like the Google Toolbar virtually replace Gator, and there are many spyware-free P2P programs available."

9 of 733 comments (clear)

  1. For the uninitiated... by Anonymous Coward · · Score: 5, Informative

    Spybot
    Adaware

    Oh, and Linux.

    1. Re:For the uninitiated... by l810c · · Score: 4, Informative
      I clean up PC's all the time for friends. Got one here just tonight. I charge one 12-pack of beer per 500 infections :)

      Now a couple of things about those programs. I do install each and most importantly Run Them For Each User account on a XP PC. Adaware I believe has a larger database/scope and catches more things. Spybot is able to get things running in memory by running first thing on reboot. One other free tool that I find very useful is this control panel applet that is what msconfig should be.

      There are Many things that these programs do Not catch even when updated. I ran into reaIplay.exe tonight. I had to boot into Safe Mode command line to manually delete it. A couple of weeks ago I had to delete a file from an alternate Windows file Stream. There exists this netherworld of alternate data in XP that is not accessable via any of the regular tolls.

      And the last thing I do is install Firefox and tell them to Use It Damnit or I'm upping the charge to a case per 500 infections.

    2. Re:For the uninitiated... by inquisitor · · Score: 4, Informative

      Basically, that's my disinfection routine for other people's PCs. I don't get spyware infestations either, but that's because I know about Windows Update and antivirus software.

      1. Run AdAware SE, updated to most recent definitions. Detect 400+ hits (my record so far).
      2. Run Spybot S&D, updated to most recent definitions. Detect 100+ hits AdAware missed, and reboot.
      3. Wait 30 minutes whilst Spybot scans again, and turns up a solitary bit of Gator. Go through Spybot's advanced mode settings and clear out their Run tools to dump all sorts of run-on-start crud that Compaq/Packard Bell etc. stuck on there - bloated keyboard-multimedia-button utilities et al.
      4. Run HijackThis! (which isn't really an antispyware tool, just a system startup editing tool with knowledge about really obscure system startup Registry keys and IE settings) and get rid of the really obscure spyware toolbars and other run-on-startup fun that AAW and Spybot missed.
      5. Go through the root, Program Files and Windows directories manually and delete the 10+ dialers and other unwanted crap that's made their way into the system, plus hosts file.

      No-one ever asked for this stuff to be installed on their system (and in case you're wondering why I believe them, take a look at this). I put it down to ActiveX exploits; inevitably, the worst infected systems I see are Win9x/Me systems which haven't ever had a Windows Update run. This routine - plus installing Firefox - usually helps fix their problems, but these shouldn't have happened in the first place. I don't blame Microsoft as much as I blame the prevaling culture that it is better to make more money than it is to have ethics - thus allowing for Gator/Claria, WhenU, 180solutions, all the fake 'anti-spyware' vendors et al. It's amazing that we can allow these people to go on.

  2. It's called apathy by lordkuri · · Score: 5, Informative

    People just don't care... they can't be bothered to think about it. I've talked to so many people, "yeah.. I need to get a new computer, this one's slow" their system gets hosed, they just get a new computer. wtf is with that?

  3. Hidden vs. Visible Costs by Geckoman · · Score: 5, Informative
    It's not really a trade-off between privacy and free software, it's a trade-off between privacy and convenience. Many people have made the value judgment that the time and effort necessary to fight spyware and find non-treacherous alternatives is worth more to them than the privacy they give up.

    The cost of the privacy lost is invisible and (apparently) non-intrusive, while the cost of the time and effort is obvious and immediately quantifiable.

    Think about how many times you've heard someone say things along these lines: "Can you believe I spent 6 hours cleaning spyware off my system and had to reinstall Windows twice? Then I had to find new software with a privacy policy acceptible to me, and it took hours to download and install it all."

    Compare that to how many times you've heard someone say something like: "Wow! I had spyware all over my system. It was tracking my shopping and browsing habits, reporting my computer usage stats to ad agencies, and sending my IP and passwords to a scam company in Russia!"

    The cost former is obvious to even the most ignorant users, while the cost of the latter requires much more insight and knowledge.

  4. Re:next time take a router, by monkeymanatwork · · Score: 5, Informative

    Good idea, but many ISPs (Comcast) don't support routers. I have called Comcast when their crappy connection goes up and down (happens about once per week these days for a whole day). The first thing they ask is if you have a router. If you say yes, they tell you they do not support routers, and refuse to help you any further. I asked them if they sell a router solution, and the answer is "no." Apparently their solution to the problem is for you to use WinXP and enable firewalling, or buy ZoneAlarm (which they also don't sell).

    Comcast is a monopoly where I and many others live. Let's hope the Supremes force them to open their cable lines to competitors. The result of them forcing BellSouth to do so has resulted (finally) in my recent switch to an unlimited local and long distance provider for $45/month.

  5. Spyware in Developing Countries by Anonymous Coward · · Score: 5, Informative

    I just returned from Sierra Leone, likely the poorest country in the world.

    A good internet connection is 8kbs and that's when the power hasn't failed or you have petrol for your generator and the phone system delivers a dial tone.

    Even so, the 8kbps costs $200 a month in a country where an OK wage for a laborer is $2 a day -- when a job can be had at all.

    When time after time I see 30-50 percent of that 8kbs bandwidth wasted by spyware, it really makes me angry.

    Spyware hurts entire developing countries.

  6. Re:Demand spyware scanning in your virus scanner. by deaddeng · · Score: 4, Informative

    It's actually worse than you portray-- the worst spyway is not even a minimally legitimate commercial venture-- it is theft, run by international criminals and organized crime. So-called "legitimate" spyware and adware have conditioned people to think that a windows box encrusted with this shyte is normal.

    The newest stuff is delivered by a trojan downloader, that also installs a keylogger--or several. The browser hijackers they install do one--or several things--to send you to their fake websites so they can steal your credit card, or even your identity:

    -- They take over your HOSTS file so that legitimate urls are translated into THEIR IP addresses, not the real ones.

    -- They add THEIR fake banking, paypal, amazon, etc. sites to your "trusted sites" list.

    -- They may even change your proxy settings to accomplish or reinforce the same thing.

    If you try to clean this crap off with AdAware or Spybot S&D, the trojan downloader--which also disable your AV software and/or Spybot--will NOT detect the trojan downloader, and it will reinstall the malware faster than you can clean it.

    Some of these were spread the old fashioned way-- email attachments. Others used the Windows RPC 445/tpc buffer overflow exploit, or the latest IE IFRAME exploit, or one of the 16 other exploits out there for IE alone that MS has not patched.

    This shit crossed a line about six months ago from being a commercially-oriented nusiance to being outright theft, run by the same criminals that run phishing scams.

    I clean up PCs as a sideline, and the trend is very ominous-- the utility of the PC as a productive tool is threatened, as is the integrity and trust of the Internet.

    Thanks, Microsoft. I'd like to see the Dept. of Homeland security take your ass to court for criminal negligence.

    --
    --- .085 as cool; proving that a little knowledge is dangerous
  7. May be a bit off topic, but... by jaeson · · Score: 5, Informative
    Here is an interesting article

    This is one of my two favorite parts from this article:
    "...a clause inserted by Claria about 3,000 words into a 5,936-word licensing agreement. It reads: 'You agree that you will not use, or encourage others to use, any unauthorized means for the removal of the GAIN Adserver, or any GAIN-supported software from a computer.'"

    Of course the only "supported" way is through Add/Remove Programs, and NOT through the use of Spybot, etc.

    And here is the second tidbit (also from the linked article):
    "Edelman also found that Claria's licensing agreement tries to prohibit users from deploying network monitors to inspect and report transmissions made between their computer, their local network, and the GAIN servers."

    Fucking Asshats.