Slashdot Mirror
Microsoft's AntiSpyware Disabled by Spyware
Ruke writes "A trojan has targeted Microsoft's AntiSpyware program, deleting all files within the C:\Program Files\AntiSpyware folder, as well as logging keystrokes at several online banking sites." The good news is that it's a Trojan, so one still has to bother with running an attached file.
The news itself might be interest, but in the realm of well written articles this will not make the list. A choice nugget from TFA:
<<< The password stealing Troj/BankAsh-A Trojan, discovered yesterday, is a spyware. It keeps a track of user activities on the computer. It spies on you. >>>
Er, didn't we cover the spying part two sentences ago? Is A spyware? A spyware what?
<<< The Trojan also removes important entries of the antispyware in the registry and thus literal kills the antispyware. >>>
Literal? Come on - this reads worse than half of the AC posts in YRO. I hate playing the grammar nazi, but this was painful to read...
"As the intrepid kobold companion continues his journey, he begins to wonder... if priests raises dead, why anybody die?
Preview here
Rock that crushes, Paper & Scissors that don't matter.
Not that that has ever prevented Slashdot from reporting things like these as "vulnerabilities".
Am I the only one who was humming the "Trojan Man" theme song while I read this?
They could have taken a working product, repackage it, only to have it compromised less than a month after their re-release.
Wait, nevermind.
How long till the Slashbots come out in droves proclaiming M$ sucks and their spyware removal sucks and they should all go to hell because a trojan(more like a crappy little batch file) is able to disable their program. Nevermind the fact that with the way this program works it would be just as effective on AdAware or SpyBot...and nevermind the fact that before running this trojan the MS spyware program TELLS YOU NOT TO!!
Please do not let scientific accuracy interfere with the intended humourous/interesting/insightful value of this comment
Viruses shut down norton antivirus.
I mean really, who didn't see this coming?
ItWasFree.com - Take the mystery
It's a bit early to point the finger.
Indy Media Watch-Proctologist of the Internet
For all its security efforts, Microsoft continues to let users run as administrator by default, which is downright irresponsible. I just spent an evening cleaning an acquaintance's computer of a persistent, multiple spyware infection because of this policy of Microsoft. Needless to say I created separate restricted user accounts for all members in the household, but the Microsoft installer should have done this from the beginning! You cannot expect regular users to do anything except go with the default.
I also installed Firefox, and set all of the Internet Exploder security settings on "High" on all accounts except the administrator one (so that Windows Update can be run).
When Microsoft released their Antispyware, everyone said, "Oh, well, Microsoft didn't do anything, they just bought the software from Giant.". Now that there's a problem, "Whoa, Microsoft's software really sucks. It's sure is all their fault."
Pick a side, people.
Windows runs in root. That means that by default all user accounts are created will full administrative access.
OSX and Linux (and nearly every other OS under the sun) creates user accounts with limited rights. That means things cannot happen without your specific permission.
In Suse 9.2, for example, when I need to do something like that requires root access, I'm asked to supply a password.
A similar thing happens in OSX. When you install software you're asked for a password.
Accordingly, by default Windows is less secure as programs can install and system settings can change behind your back and without your permission.
I admit that Windows gets a lot of attacks because it's a big target. However, everyone has to realise that a lot of the attacks occur simply because Windows is insecure by default.
If someone says he and his monkey have nothing to hide, they almost certainly do.
"you have to consciously or unconsciously run the EXE to install the server side on your computer"
Damnit. I always knew my sleepwalking would get me in trouble some day...
SIERRA TANGO FOXTROT UNIFORM
The parent was moderated "Troll"?
Obviously it touched a nerve for somebody.
The bottom line is that currently spyware is only a problem on Windows. Thus, running any viable alternative to Windows is the most effective way of avoiding spyware at the moment.
Running a GNU Linux distro, any of the BSDs, or Macos X are all viable options, and arguably the most efficient solution to the problem of spyware.
Granted, many might find these options unsuitable for a variety of reasons. However, labeling that suggestion a Troll does not make it untrue. Wasting time and CPU to either spyware or anti-spyware software both seem objectionable. Systems which provide desired functionality, and do not require additional effort to continue functioning normally are a sensible choice for many.
I think this is very ease to solve in its preferences.
:)
A simple role selection box.
Make it default to current "careful" practice.
Allow the option to change to tolerate all known valid adware, but remove trojans, this leaves the mild things on for kids with desktops and novelty crap.
Possibly a stronger option for workplaces etc which basically deletes anything even remotely compromising.
Have the strongest option locking the machine to the working set of executables at installation time.
Windows is with us, running as admin is unfortunate, but a great many people worldwide do, we can't change that, so lets protect them as much as possible
Let the user decide.
liqbase