Non-Technical Users Talk Malware

swirsky writes "The Chicago Sun Times is running an article detailing the experiences of non-technical users after they were infected by spyware, malware, and viruses. We cluck our collective tongue and think that we'd never be so stupid, but this is a major problem that plagues personal computing." From the article: "The study found that spyware has disrupted the computer lives of 43 percent of surfers. That means an estimated 59 million people have spyware or adware on their computers, the study found. Adware is defined as tracking programs that come bundled with other software and that users knowingly download, although they don't necessarily want the adware."

Malware == Moolah

[TripMaster+Monkey]

I love malware. Malware removal acounts for probably 65-70% of the bottom line in my business. I'll tell you something else...the $129 average price tag quoted in the article is right on the money.
Personally, I hope nothing is done about the problem. I only wish I could protect my less-technically-inclined family members and friends more effectively, as I don't charge them for removal. :P

Re:Malware == Moolah

[qbasicnewbie]

Although I don't charge for malware removal (on my family's machines), I know a kid not much older than myself (I'm 15, I thin he's 17) that runs a business centered around this sort of thing....He is apparently doing very well... p.s. I must say I have to agree. I love malware as well, but for a different reason...every infection brings my family members that much closer to letting me switch them over to Linux...

Re:Malware == Moolah

[lucabrasi999]

I'll tell you something else...the $129 average price tag quoted in the article is right on the money.

Bah, I could find an overseas resource to do the same thing for $12.

Re:Malware == Moolah

[Leroy_Brown242]

I wonder how big an industry this in in dollars.

Millions, billions?

Re:Malware == Moolah

[MarkByers]

every infection brings my family members that much closer to letting me switch them over to Linux...

But don't try to force them to make the switch, it will just lead to frustration when thing don't work out as expected because they can't play this-or-that game.

Just leave them with their malware problems and let them figure it out for themselves. Drop the odd hint about never having received a virus if you feel like it. Perhaps they'll get a Mac or something. It's a step in the right direction at least.

Re:Malware == Moolah

[ShyGuy91284]

Damn. I was about to say, I'm in the wrong business. Sounds like I could make more as a "Spyware remover" then a "Computer Scientist" at that much money..... And without the years of expensive soul-sucking college....

Re:Malware == Moolah

TripMaster Monkey (862126) has revoked any and all rights to complain or bitch about any issues relating to government, industry and/or economics where the powers that be decided that it was better for their own station to keep the status quo than fix a "societal wide" problem. :-)

Re:Malware == Moolah

[secolactico]

I only wish I could protect my less-technically-inclined family members and friends more effectively, as I don't charge them for removal. :P

Send them my way. I'll charge them. :-)

Re:Malware == Moolah

[Rylz]

Perhaps they'll get a Mac or something. It's a step in the right direction at least.

If by a "step in the right direction," you mean that a switch to Mac will bring them closer to switching to Linux, I'll have to disagree. If they switch to Mac, they'll have much fewer reasons to want to switch OSes again.

But then again, if they decided to move away from Windows, they would probably just come to the grandparent poster and ask him what to do, so he would have the ultimate decision.

Re:Malware == Moolah

[v1]

We must be giving our customers quite a deal - most of our service is covered in 1 hour's time, $80.25 w/tax. I've watched our PC tech clean up computers on several occasions, and it astounds me how much you really need to know to pull that crap out, even with the automated programs. After he runs two or three apps, he opens up folders and goes recursively through them all, and selects what appear to be a random assortment of folders and files and deletes them. "All of this is spyware." These things are named in such a way as to look like they belong, and it's amazing that anyone can remember all the "bad" names from the good. That being said though, the PCs usually spend about 2 hours on the bench, mostly spent scanning while he works on another machine that needs more focus.

I'm the mac tech so I don't see the spyware first-hand but I know it keeps the PC tech pleanty busy. Most entertaining aspect of spyware: when one of the other employees uses the PC tech's PC to web browse, and he comes in to find popups on his own machine. hehe..

Then there are the oh... 1 in 15 customers that can bring in their machine every two weeks to have us remove the spyware, again. Some customers just can't get "don't click the popup's close button" through their head. There ought to be a simple law that states that "any software installer must clearly label the buttons and other control areas in their installer, such that there can be no confusion or deception as to the function of each control, whereas a user could be tricked into allowing the installation without his consent."

Re:Malware == Moolah

Shipping the drive overseas makes up the difference.

Re:Malware == Moolah

[tehshen]

Bah, I could find an overseas resource to do the same thing for $12.

I downloaded a desktop assistant that does the same thing for free!

Re:Malware == Moolah

[Doc+Ruby]

Wouldn't you rather be expanding the productivity of your customers, rather than just keeping them at "square 1"? If all the production lost to malware were spent on promoting better communications, you'd have at least as many customers. And more produced in exchange for your work (rather than just saved from destruction), which means more wealth to share.

"War is good for the economy" is a fallacy that is true only for weapon makers. Everyone else pays the price. Fear is a motivator, but it produces less than it destroys. I guess some firefighters "love fire", but most would rather be barbecueing.

Re:Malware == Moolah

[MynockGuano]

And yet, amazingly, when it comes down to it, I've never once seen a Linux machine infected with malware. Proof is in the pudding, my friend.

Re:Malware == Moolah

[Irish_Samurai]

I don't know about Malware, but http://www.zone-h.org/ has some interesting hack statistics.

Re:Malware == Moolah

I second that...

It makes me look like I'm actually skilled in computing while some hottie's PC has been saved by the almighty geeky guy who has memorized the act of installing nasty-ware removers and run them so it can be done at high speed and blindfolded... Making it look like something impossible to do for anyone with an IQ under 150.

It eats off time I otherwise just would've used doing other annoying computing things like "pretend-programming" (sleeping with open eyes) "fixing the server" (fondling the secretary in the serverroom), brainstorming (using as many as possible buzzwords in the shortest possible time in brainstorm sessions. The one who loses has to actually come up with a sollution.) and innovating. (looking up sample code and editting to make it appear your own, and convince you wrote it, claiming it's the best thing since the other thing you claimed to be the best thing since the the one before.)

I'm posting AC as my gf might eventually read this, and I will have to put up with weird looks when I'm called up rushing out muttering "damn.. the server is down."

Re:Malware == Moolah

[Sylver+Dragon]

I'll tell you something else...the $129 average price tag quoted in the article is right on the money.

Wow, I never quite realized what people are willing to pay for this. Personally, I usually do it for friends and family for the price of a good meal. At work, I support student owned laptops and do this as part of my job. I really need to reconsider going independent.
That said, yes malware is a huge problem, and one of the reasons I am employed. And for all of the preventative measures we take and try to get our friends and family to take, it will continue to be a problem. The reason is that the biggest security hole is the interface between the chair and the keyboard. People are going to download stuff off the internet and run it. Some of it will be good clean fun, some of it will come with a hidden price. And as long as users have admin/root priviledges to thier own machines, they will continue to get nailed.
Even if we get people over to other browsers, other OS's etc., it's not going to go away. Consider the crapware bundled with Kazaa Media Desktop, or the like. During the install, if the user doesn't have root access, pop-up a box which asks for the root password. Sure, anyone with a clue is going to stop and wonder for a moment, why does it need that. The other 90% of computer users are going to just blithely type in the root password. (probably 'rootpassword' or other such sillyness) The program now has the keys to the kingdom and is going to put in all of the crap it wants.
Unless we can actually train all of the users out there not to do this sort of thing, malware is going to be a fact of life on the internet. And considering that people still fall for con-men and pyramid schemes, I don't hold out much hope of this happening.

Re:Malware == Moolah

[MindStalker]

Sorry to respond to a troll. Did want to point out there most of these security holes can be taken care of by recent updates, or even a simple firewall. There is no spyware in the wild for linux though. Yes it certainly is possible though. Read my earlier post for thoughts on this.

Re:Malware == Moolah

you jerk! you're not getting any for another month!
-aforementioned gf

Re:Malware == Moolah

[Demona]

Think that's bad? The place up the street from me charges TWO HUNDRED to reformat your hard drive and reinstall Windows. I could make some serious cash doing that, but I'd have to break all the mirrors in my house so I wouldn't have to look myself in the eye. A thing may be worth whatever someone will pay for it, but that's a steaming pile of bullshit any way you slice it. Of course, they could charge less than half that if they didn't have all that money stolen from them by thugs with badges.

Re:Malware == Moolah

I wonder how big an industry this in in dollars.

"Billions and Billions"

Come on it is funny

Re:Malware == Moolah

[roman_mir]

After he runs two or three apps, he opens up folders and goes recursively through them all, and selects what appear to be a random assortment of folders and files and deletes them. "All of this is spyware." These things are named in such a way as to look like they belong, and it's amazing that anyone can remember all the "bad" names from the good. - not that computer starts after this or anything.... those 'random' directories, you really don't need them.

Re:Malware == Moolah

[lucabrasi999]

It makes me look like I'm actually skilled in computing while some hottie's PC has been saved by the almighty geeky guy

And, if things go right, you'll be showing her your "Oh" face, right?

Re:Malware == Moolah

he opens up folders and goes recursively through them all, and selects what appear to be a random assortment of folders and files and deletes them.

I guess that's one of the differences between the Windows world and the Linux/Unix world... The Unix guy would just write a script (and in this situation end up poorer because he couldn't charge for 2 hours' time, although much richer if he could charge by the incident).

Re:Malware == Moolah

Are you some kind of fucking asshole? I also make heaps of money cleaning this stuff off of low-level users' computers, but I hate the stuff no less. Do you think doctors love cancer? Firefighters love arsonists? Body shops love car wrecks? I hate you, asshole.

Re:Malware == Moolah

[part_of_you]

Well, if you figure that the infected computers are bought and sold in the underground, as "bots", and that there is usually some extortion involved, then that would surely bring the numbers up by 1000%.

Re:Malware == Moolah

[Oniko]

Or the ones that look like actual error messages. Dear god. I have soooo many family members and friends who've panicked at those, especially when they first began appearing. Some of them really do look genuine.

Actually, it was pretty funny one time in my AP psych class. The teacher (who ran a program at our high school for training elementary school teachers in computer use and was married to the comp sci teacher (ie, smart and techno-savvy)) was doing a class demonstration using a psychology website, and one of those popped up. In front of a full classroom, she clicked on it (chorus of "NOOOOOOO"). Easily 30 popups, instantly. 'Twas amusing.

Re:Malware == Moolah

[dlZ]

I can't agree more. At least 75% of my business comes from spyware removal, and we're starting to get a lot of new customers who were sick of other shops just wiping their systems, not evening performing backups properly. The fact that we actually fix the machines, and in a worst case scenerio, create a real backup and then reinstall, brings us a ton of customers.

I luckily don't have to deal with the family removal issues. The one family member that is constantly infecting her machine lives no where near me, and my local family is very knowledgable (only one Windows user, my mom, and she keeps her machine so clean. Uses Firefox, and used Opera before that, with no input from me. Only problem is if she does call me, it means something is really broken and beyond her ability to fix it.)

I'll also agree that figure is pretty spot on for removal costs.

Re:Malware == Moolah

[SpacePunk]

I won't say that I love it, but it certainly has a certain fallout effect that benefits my business.

Re:Malware == Moolah

[QuantumPion]

Malware := Moolah. While this may benefit you directly, it is a common economic misconception that problems cause economic benefit by providing jobs to those who fix those problems. From Walter E. Williams:

A shopkeeper's window is broken by a vandal. A crowd forms, sympathizing with the man, but pretty soon, the people start to suggest the boy wasn't guilty of vandalism; instead, he was a public benefactor, creating economic benefits for everyone in town. After all, fixing the broken window creates employment for the glazier, who will then buy bread and benefit the baker, who will then buy shoes and benefit the cobbler, and so forth. Those are the seen effects of the broken window. What's unseen is what the shopkeeper would have done with the money had the vandal not broken his window. He might have employed the tailor by purchasing a suit. The broken window produced at least two unseen effects. First, it shifted unemployment from the glazier, who now has a job, to the tailor, who doesn't. Second, it reduced the shopkeeper's wealth. Explicitly, had it not been for the vandalism, the shopkeeper would have had a window and a suit; now, he has just a window.

Re:Malware == Moolah

[BHearsum]

For a good, clean Windows install it takes 2 hours including drivers, and updates. And that's when a backup is not necessary. No, not all of this time is actively spent at the machine, but when you're doing 10 of them a day it takes up bench space that could be used to fix other problems.

Most people only come in for a format once. The ones that actually listen to my recommendations don't have a need to come back again.

Re:Malware == Moolah

Some customers just can't get "don't click the popup's close button" through their head.

Does the popup have a form with a "close" button? That's the only thing that makes sense. I was thinking that the popup window's close button (that little 'x' in the top right corner) was triggering an install.

Re:Malware == Moolah

I downloaded a desktop assistant that does the same thing for free!

And I can download Linux for free too. The point is, people get hit with malware because they don't know any better.

Re:Malware == Moolah

[darkonc]

not that computer starts after this or anything... It's probably the only way to keep some users from repeatedly re-infecting themselves. That, or Linux and disposable logins.

Re:Malware == Moolah

[MaGogue]

Bah, I could find an overseas resource to do the same thing for $12.
Yeah, it goes like

SPECIAL OFFER! Virus cleaning service,
we remove all pest inside&outside of Your computer
just for 12$ ! Click here and Order NOW!

A few pages later:
You ordered:
1 Cleaning of viruses 12$
1 Antispyware free
1 Shipping and handling 281$
--
TOTAL 293$


Delivery via Feed-me-express
Expected delivery : 3 business weeks

SpyCrackCo , 23 Buddha street,
Bangalore, India

Re:Malware == Moolah

FYI--You know that you can access computers remotely. You don't necessarily need to ship a computer around the world in order to work on it. It's called "The Internet".

Re:Malware == Moolah

Do what I do, don't charge them, make them feed you. I swear, I eat for free at someone's house atleast once or twice a week, even after I install Firefox on their computers. Lemme tell ya, having technical expertise on computers does not translate to expertise in the kitchen.

I once had an aunt who fed me for an entire week cause I was over at her house every night fixing something.

Re:Malware == Moolah

[Jesus_666]

There ought to be a simple law that states that "any software installer must clearly label the buttons and other control areas in their installer, such that there can be no confusion or deception as to the function of each control, whereas a user could be tricked into allowing the installation without his consent."

We have something like that in Germany... If sonmeone wants to install and run a dialer on your system they have to jump through several hoops - the dialer may not be installed without your consent. That means typing "OK" into a text field. The installer has to provide, in easily readable letters, information about what exactlyyou're going to pay and what exactly you're installing there. And so on.
If the RegTP (the German regulation authority for telecomm and postal stuff) finds out that someone didn't comply with all regulations or even used some kind of technique to automatically enter the "OK" etc. he's getting his licence withdrawn, which means that he doesn't get a single cent anymore and you can get your money refunded if you can prove that he tricked you.

That law was damn necessary - in the German-speaking parts of the internet auto-installing dialers used to be the most common form of malware, except maybe for viral mails.

Re:Malware == Moolah

Never will happen, this is slashdot >:|

Slashdot is the proof that PC-skill isn't going to get you laid with a hottie.

Re:Malware == Moolah

[plover]

I think joining the "Yay spyware! Keep those fixit dollars rolling my way" chorus is pretty much an assurance that you already have no soul to be sucked.

Perhaps the better question is: how long can this gravy train last? Will Windows ever evolve to the point where spyware won't be a problem again?

.
.
.

HAHAHAAHAAHAHAHAHAHA! Sorry, I knew I couldn't type that and keep a straight face till the end. Congratulations and I hope you make lots of money!

Re:Malware == Moolah

[fabu10u$]

There ought to be a simple law that states that "any software installer must clearly label the buttons and other control areas in their installer, such that there can be no confusion or deception as to the function of each control, whereas a user could be tricked into allowing the installation without his consent."

Repeat after me: The law is not the problem. Enforcing the law is the problem.

Re:Malware == Moolah

[plover]

I wish I remember where I saw it, but it was a business card for a spyware removal service called something like "My Cousin Frank". It was marketed to us geeks who are sick of cleaning spyware off our friends' computers.

The idea was that as a geek when you visit someone's house, they'll frequently ask something like, "Oh, John, you're in the computer business so you must know all about this stuff, can you stop the popup ad things on our computer?" With this service, you can lie and say "Well, I don't know much about the popups, but my cousin Frank knows all about them. I'll call him and see if he'll come over and take care of it." You then call My Cousin Frank and pay them something like $100. They send a guy over who pretends to be your cousin, he eats the crappy meatloaf dinner and smiles, looks at their kids' soccer trophies, tells them a few fake stories of your childhood, and then cleans up their PC. If they have any heart, he might walk away with a $20 tip, too.

It's a brilliant marketing concept. I'm thinking of hiring them for future cleanups of my sister-in-law's computer. $100 has got to be cheaper than the f'ing aggravation.

Re:Malware == Moolah

Yup, alot of "mom & pop" smaller shops say that to me in this area as well... BUT, you guys do what you're asked, & you clean it, or grab their data and restore the OS & programs + said backed up data.

(BUT, you don't make it so it prevents it for them, because those same "ignorant innocents" as I call them (not idiots like alot of folks here did, you were "green" once too, you know!) ARE your financial 'bottom-line' keeping you going! I can understand that, but it's ALMOST up there with the older lady who takes her car into the shop, they fix her problem, but... bust another thing or make it so it will shortly, so she HAS TO COME BACK IN & THEY FLEECE HER MORE! Not quite as bad, but it's up there)...

This is for ALL of those folks:

Take 30 minutes and do this, never get infected AGAIN (on Windows no less), ever, & most certainly NOT in 12 minutes time as was said here recently & I posted this for those that have been victims because it works...

Don't get yourselves infected, not again, ever (@ least until nothing NEW that's malicious comes along that beats this list that is, & it's worked for myself & others online for 8 years running now almost in its techniques, which ALL work harmoniously in conjunction simultaneously with one another/concurrently)!

APK Online Security 20-points basic checklist. A combination of things really, layered security is the idea!

DETAILS:

http://www.avatar.demon.nl/APK.html [demon.nl]

SUMMARY:

1.) IP Security Policy in place for adbanner servers blocking OR other "undesirable" IP addresses.

2.) A custom adbanner blocking HOSTS file with 35,000++ entries in it with known banner ad servers in it (which have been shown in some cases even as bearing malicious javascript etc. in them as well as just plain slowing you down as you surf the web by calling out to DNS' servers for URL to IP resolution & loading their remote data).

3.) Tcp/IP filtering @ the IP Stack levels (UDP & TCP) allowing ONLY port 80. Need others? Open then up, this is all I need personally here.

4.) Using up to date AntiVirus & AntiSpyware.

5.) Using .PAC file proxy filters in all web-browsers vs. adbanners & such.

6.) IE Restricted Zones (added to via .reg files which the first body of code in the HOSTS file I use is prepped for the .reg filedata for via a program I built in ObjectPascal delphi console mode ripping away the URL from the 127.0.0.1 loopbacks I equate adbanner servers to, etc. & then insert these here and into IPSecPols also).

7.) Custom adbanner filtering Cascading Style Sheets in webbrowsers when possible (via Opera).

8.) ZoneAlarm Pro or Native Windows Firewall. ZA is the better overall, the Windows one works though.

9.) Disable Java-javascript &/or ActiveX-activescripting in your webbrowsers.

Sorry webmasters, but too many holes popup here and ONLY IE gets that enabled here for Windows Update really only or sites that "demand" I use either.

10.) Making sure the Operating System is up-to-date/fully hotfix or service pack patched.

11.) Disabling uneeded services (especially remote oriented ones, e.g.-> Remote Registry) gaining not only memory & CPU cycles back, but also security:

Microsoft is even into this one now, evidenced by Windows Server 2003 Security Configuration Wizard run by the installation of SP #1 final onto it.

(I've been doing it for YEARS now, better than a decade since Windows NT 3.51 in fact: It WORKS!)

12.) Using restricted Registry &/or FileSystem ACL rights to disks/folders/files + Registry Hives.

13.) Amending secpol.msc & gpedit.msc security polices local to my system for better security.

14.) Using User-Rights & restricting them to my usual logged on user & the system entity SID itself only on most rights, den

Re:Malware == Moolah

[colinrichardday]

Actually, it's due to Bastiat.

Re:Malware == Moolah

Bah, I could find an overseas resource to do the same thing for $12

You can fly someone overseas for less than $12??? Can I get a ticket on the next flight to Japan?

Re:Malware == Moolah

[PhoenixPath]

I've seen many a pop-up where the X button int he upper right was a scripted image. Would really freak me out seeing that on a Mac or Linux desktop though...

Re:Malware == Moolah

I'll tell you something else...the $129 average price tag quoted in the article is right on the money.
Interesting that OS X Tiger happens to sell for $129. Coincidence?

Re:Malware == Moolah

[spectre_240sx]

We used to do that at the shop I work at, but the problem has just gotten too bad. Every computer we try to acually fix when it has a bad infection usually runs over 4 hours and customers just won't pay that. At this point, any computer coming in with spyware is an automatic wipe / reinstall. We're very careful to save data, but it's just not worth it to remove the stuff. It's not easy for us to do it that way, though... I know that it's really frustrating for me to be doing the same routine day in and day out, reinstalling windows on multiple computers.

On the other side of things, we really work hard to educate our customers and make sure they know how the stuff works. We also install antispyware programs on their computers and change their default browser to Firefox. People really seem to appreciate this service, and it keeps them from having to come back repeatedly.

Re:Malware == Moolah

[AuMatar]

A mac would be worse. Unless you also have a mac and know how to use one, you won't be able to do tech support for them again.

While I don't force my parents to move to linux, I am slowly edging them that way. I have told them I will no longer help them with problems due to viruses/spyware if they use IE, but I will if they use Mozilla or Firefox. Problem 1 gone. Soon it will also be office, based on the very true statement "I haven't used Office in 5 years, I don't know where the options are anymore". Of course I will if they move to Open Office. They already use webmail, no need to swap Outlook.

Linux will come after that. The main selling point will be that I can access their computer from home via ssh and x session, and do tech support work from 2000 mles away rather than ust on vacations or by phone.

THey can say no to any step, of course. Its just that when they say no, I'll say "then you need to find someone else to help you". Either they cave or its not my problem.

Re:Malware == Moolah

[dlZ]

We have a routine for getting the machines up and going, but of course it doesn't work for all cases. If it's doing a virus scan for 45 minutes, but we can work on another machine, that doesn't fall into the time worked. But it has gotten a lot worse, and we do a lot more backups and reinstalls now then we did even a few months back.

I do the same with the antispyware programs and Firefox, too! Only one customer so far hasn't liked Firefox, and we've had quite a few calls thanking us when the machines aren't immediatly reinfected. I've found that educating our customers is in everyone's best interests, especially if they come and purchase their next machine from us.

Nice to see another business that feels the same way mine does.

Re:Malware == Moolah

[Penguin+Programmer]

Switching to Linux doesn't need to lead to frustration. While it may sometimes seem that everyone plays games that require Windows, really it's a small percentage of the "family member" population. My slightly-technical younger brother and my very non-technical girlfriend both asked me to switch them over to Linux and are very happy with their Linux-defaulting dual-boot systems. Most of the (usually non-technical) installees at the installfests I've been a part are also happy with their Linux systems.

The "Linux is hostile to new users" argument is no longer as true as it once was. It's a bit different from Windows, but no harder to use.

Re:Malware == Moolah

[LKM]

A mac would be worse. Unless you also have a mac and know how to use one, you won't be able to do tech support for them again.

Yeah, but if they have a Mac, you probably won't have to, either :-)

Seriously, my Mac using friends hardly ever need support, especially compared to Windows using friends. I don't know how normal people cope with Linux, but I suspect it's not a whole lot better than Windows in that regard... As cool as Linux is, it's still not that easy to use, and the last time I used KDE, it had some really weird, uh, "features". Power user stuff might be confusing for normal people, too ("I clicked on this little square thingie in the middle of my, uhm, start bar, and now all my windows are gone! OMG!" "You changed to another virtual desktop, see, that's..." "Virtual desktop? Stop that techno babble! I just want my windows back!").

Re:Malware == Moolah

[AuMatar]

Yeah, instead I'd get "I just clicked on another app- where did my menu go?" "FInder? What the hell is a finder?" "Where's the taskbar?" etc.

Any OS has problems, changing will always have a learning curve. Windows->KDE is probably less than Windows->Mac, because the desktop GUI is more similar. As for not having to- I assume OSX has improved things, but when I ran a lab at school, I had 5 Mac problems for every windows problem. I rebooted the Mac machines far more often. I haven't had a Linux problem in normal use that has required more than a kill -9 in years. This includes installing hardware- I've had more driver problems on my Windows gaming machine than on my Linux box.

Of course I'm a well known Mac hater- the hardware is high quality (overpriced IMHO, but good quality). The OS and GUI has never impressed me. I always found it to be the worst one I've ever used, including Solaris and HP-UX. Too Fisher-Price looking, and too many annoying policy decisions (like having the finder menu instead of a task bar, having 1 global menu, etc). And before you say "you jsut learned Windows first", I didn't- my first computer with a GUI was high school Macs back in 94. I never even saw Windows until I got my first PC in 95 or 96.

Re:Malware == Moolah

[Emetophobe]

I downloaded a desktop assistant that does the same thing for free!

Clippy does spyware removal now??

Re:Malware == Moolah

[LKM]

I always found it to be the worst one I've ever used, including Solaris and HP-UX.

If you think the Mac GUI (even pre Mac OS X) is worse than Solaris, you've got some serious issues :-)

You're very unspecific in your criticism, but just to pick one: The global menu is a huge advantage compared to Windows' window-based menu. First of all, you can easily and consistently have applications without open windows. Second, and more importantly, Fitt's Law applies, making the Mac menu a lot easier and faster to use than the Windows menu, which is way harder to target correctly.

The application menu (I guess that's what you mean by "Finder menu") is gone in Mac OS X, by the way.

Of course, switching always involves learning. However, my girlfriend has switched to a Mac from Windows about three months ago, and it was very easy. I told her how to use the Dock to start applications, and that was basically all she needed to know to get started. Later, she came back to ask about to turn on Trackpad clicking, and that was it. It's not rocket science, really.

Saying that "any OS has problems" is meaningless. Of course every OS has problem. That doesn't mean there's no difference. Every person has money, it's the amount that makes you rich.

Re:Malware == Moolah

[AuMatar]

If you think the Mac GUI (even pre Mac OS X) is worse than Solaris, you've got some serious issues :-)

I had more issues on responsiveness on Solaris than I did Mac, but wrote that off to very old Solaris machines. Other than that, I will give a slight edge in GUI design to Solaris.

The application menu (I guess that's what you mean by "Finder menu") is gone in Mac OS X, by the way.

Ok, good to know. I've used OSX once or twice, but not enough to really catalo the differences. Mainly in an "I want to check my email and all there is nearby is a Mac" type situation.

You're very unspecific in your criticism, but just to pick one: The global menu is a huge advantage compared to Windows' window-based menu. First of all, you can easily and consistently have applications without open windows. Second, and more importantly, Fitt's Law applies, making the Mac menu a lot easier and faster to use than the Windows menu, which is way harder to target correctly.

I'm uspecific because I haven't used Macs in several years, a lot of specifics I can give would be shot down on that basis.

As for this specific, I highly disagree with you

1)I can think of 0 apps that need a menu but not a window
2)The mac solution eliminates a multiple window app from being able to have per window menus.
3)Its confusing to the user when large parts of the GUI disappear like that
4)Its inconvenient when I can't just click directly on the menu of an app when I activate it, but instead nedd to make 2 clicks and a mouse move.
5)Its hard to do tech support when the application needs to be active to have the menu visible.
6)I'm not sure what any reference to Frit's law is supposed to mean here. Disappearing menus is inconvenient and confusing. Period. If you're saying it minimizes movement time of the mouse, the need to activate a second application eats up any saved time and more.

Re:Malware == Moolah

Since when did people care about the 'whole'? people only care about THEIR money.

Re:Malware == Moolah

[Doc+Ruby]

I pointed out the "enlightened self interest" of increasing customer productivity, rather than just helping them stay the same. The real problem is that the poster to whom I replied has little power to stop the malware distribution that infects their customers. But they don't have to "like it", especially when they consider how much better off they'd be if they were busy doing something productive, rather than anticounterproductive.

Re:Malware == Moolah

[LKM]

Other than that, I will give a slight edge in GUI design to Solaris.

I never noticed it even had GUI design. I assumed it was just randomly slapped together. I mean, to this day, I haven't figured out how to start mozilla other than opening the terminal and starting it that way. And don't get me started on how to kill applications! And the dock! Oh my god! The Dock! How many inconsistencies and weird menus can you possibly put into one interface element? A lot, apparently! Solaris is just random nonsense.

1)I can think of 0 apps that need a menu but not a window

Then you're not thinking hard enough. Most apps that don't have documents don't need windows. Except if you're one of the people who need to click on shiny buttons to execute actions.

2)The mac solution eliminates a multiple window app from being able to have per window menus.

A-ha! This is, of course, utterly wrong. Apple's interface guidelines discourage changing menus in open applications, but even Apple's own apps do it: In AppleWorks, for example, you get different menus depending on what window you've selected. The first two or three menus remain the same (File, Edit, ...), but the others change to show the actions applicable to your currently selected window. And it works quite well, too.

Another (in most situation better) way is to enable and disable the functions based on which ones apply to the frontmost window, but having different menus is certainly possible.

3)Its confusing to the user when large parts of the GUI disappear like that

Disappear how? You mean it's confusing if you're in, say, Word, but can't see iTunes' menus? How is that confusing?

4)Its inconvenient when I can't just click directly on the menu of an app when I activate it, but instead nedd to make 2 clicks and a mouse move.

Repeat after me: Clickthrough is bad. Activating windows in Window is often problematic, because you can never be sure when you'll activate some function in addition to activating the window because you just happened to click at some area considered to be part of a button. Bad!

5)Its hard to do tech support when the application needs to be active to have the menu visible.

Huh? Why is that? And how is that different from Windows? If you have Word open, you can't see Excel's menu in Windows, either, because it's below the Word window!

6)I'm not sure what any reference to Frit's law is supposed to mean here.

The size of Apple's menu is infinite. It's easy to hit because you dont' have to aim. Just slam the mouse all the way up and you've hit it. That's Fitt's law: It's easier to hit bigger stuff with the mouse.

Disappearing menus is inconvenient and confusing.

Yeah, well, they disappear on Windows, too. Below other windows. Most people I know run their Windows apps in full-screen mode, anyway, and even if they don't, nodoby has a screen big enough to show all windows besides each other.

Re:Malware == Moolah

[MightyMartian]

I love malware. Malware removal acounts for probably 65-70% of the bottom line in my business. I'll tell you something else...the $129 average price tag quoted in the article is right on the money. Personally, I hope nothing is done about the problem. I only wish I could protect my less-technically-inclined family members and friends more effectively, as I don't charge them for removal. :P

What the hell are you, some sort of Sith Lord? All is proceeding as I have foreseen it. Soon the Rebellion will be undermined by Comet Cursor, and the galaxy shall be mine!

Re:Malware == Moolah

[v1]

The only way to "safely" close a popup is to go to the task bar and close it from the popup menu. "Close" buttons, "Cancel" buttons, "OK" buttons, and sometimes even the little "x" in the upper corner of the window are all javascript buttons. Clicking any of them (or anywhere in the window, really, it's usually just one big "install" button) will trigger an installation of malware.

If the window doesn't have a presense in the menu bar below, (most do, fortunately) you have to force-quit it.

Re:Malware == Moolah

[v1]

true, but unfortunate. Most people and most politicians that run into a law that is not doing its job immediately assume that the law is too weak, and they stiffen it. In reality, the problem is usually a lack of proper enforcement. So what you end up with is a law that is still not being properly enforced, though the terms of the law have become so broad that, should they really WANT to enforce the law, they could arrest half the country and successfully prossecute a quarter.

A bus carrying a load of politicians ran off a cliff. What was the trajedy? There were two empty seats.

Re:Malware == Moolah

Sylver Dragon whines:

Even if we get people over to other browsers, other OS's etc., it's [crapware] not going to go away.

BS.

Put them on Mac OSX, and NONE of this is a problem.

Of course, you may find your life becoming a bit like the Maytag repair person -- not much to do when supporting OSX -- it just WORKS without hiccups or malware.

Niffy

Re:Malware == Moolah

[muhgcee]

The main selling point will be that I can access their computer from home via ssh and x session,

Remote Desktop works quite well.

Re:Malware == Moolah

[bhiestand]

Funny, a website removed mine for me! I visited this website while I was searching for porn, and this popup told me I had spyware on my computer, and I could run their program to clean it! Problem solved! That was really nice of them. I was trying to find their address so I could mail them a thank you card but I couldn't find their address anywhere, and I didn't see a help file when the program installed.

On a small side note, I've been getting a lot of psychic popups since then. They keep asking me if I want a bigger penis and linking me to all sorts of good products to help me out. I'm not sure where they're coming from, but I really appreciate it.

Re:Malware == Moolah

[MaGogue]

While it is certainly possible,
I seriously doubt that you want to do it,
giving the 'cleaning' company
full acces to it, coz they are really going to clean it,
grab the passwords, accounts, etc.
It is called phishing.
Are you seriously considering giving some Indian full remote access to your computer to 'clean' it?

It's not just the non-technical users

[DanielMarkham]

I downloaded my first program with BitTorrent a few weeks ago -- a TV show that my VCR failed to record. While doing that, I accidentally clicked on a certain part of the web page. Bingo slammo, my system was infected with spyware, this nasty Aurora and nail.exe
Being a technical guy, familar with the registry, COM, and how windows works, I went about trying to kill this pesky snake. A few hours later, after saying some words I won't repeat here, I decided to wipe the machine and start over (it was a lighly loaded box, so no major loss)
I could have gotten SoftIce and gone into kernal mode to trap this bastard, but it was way beyond my effort vs. reward tolerence level. Spyware has gotten so complicated and sneaky nowadays: to me it is worse of a threat than virsuses ever were.
Now I run double anti-spyware programs in addition to my A/V and firewall. I think that we technical people are also misunderestimating the danger posed by this junk to our own machines.


Run With the Bulls, Swim With the Sharks

Re:It's not just the non-technical users

[bots]

"...tracking programs that come bundled with other software and that users knowingly download, although they don't necessarily want the adware." Why exactly is that allowed? At least make the bastards advertise it on par with the 'features'. I also find it annoying when custom install options are hidden and set as default to allow the spyware or unwanted email ect (ala the evil realplayer).

Re:It's not just the non-technical users

[guitaristx]

I think that we technical people are also misunderestimating the danger posed by this junk to our own machines.

I think we technical people are "misunderestimating" our own grasp of the English language.

Re:It's not just the non-technical users

[Shurikn]

It can hapen to anyone, but being protected is important... One time i downloaded something from a random torrent site. I knew it was probably virus/spyware packed, but I wan ted to use this as a way to test spywares remover. When I opened it I went from 0 to over 400 spayware (and that's only what AdAware saw). And as many have told before, 1 anti-spaware is not enough, I had to use 4 to get rid of everything XSoft spyware Remover, AdAware, Spybot, Microsoft anti-spyware beta. All of them saw spyware the others didnt see. So now I randomly run them all in cycle to make sure I see everything (but im pretty sure there's some spyware that they dont see anyway).

Re:It's not just the non-technical users

[shish]

I accidentally clicked on a certain part of the web page. Bingo slammo, my system was infected with spyware

How does clicking on a web page bring infection? Surely the browser shouldn't execute anything directly like a spyware installer?

Re:It's not just the non-technical users

[wild_berry]

Quite bizarre. Am I right in thinking that you were visiting this seedy side of the Interweb using Internet Explorer? I'm surprised that you don't have something by the MoFo on your computer to put a gap between the OS and your web browsing for safety's sake (I won't pretend that this will make you immune to catching the STIs of the Internet, but it will help).

I think you underestimate the importance of not using Internet Explorer. Microsoft got out of an Anti-Trust suit by tying the core of the computer to IE, but in doing so made IE insecure as Woody Allen having a paranoid attack while all his friends party in the room next door.

Re:It's not just the non-technical users

[MobyDisk]

I don't get this stuff. I hear this story all the time and I don't believe it. I can't download and execute an EXE file in less than 3 clicks, and that's if I've already done it previously and set it as the default and I use an old version of Internet Explorer.

If you were using Mozilla, you would have had 5 clicks and a double click: Click on the page, then click "Save to Disk" then point to a location, then minimized your browser, then double-clicked the EXE. That's a big accident!

Firefox lets you set a default download location, so that's down to 4 clicks.

Maybe you were using Internet Explorer 6 and had the default operation for EXE files to be to open them. You are down to 3 clicks. You could have clicked the web page, clicked OKAY to the prompt to open the EXE. Then maybe you accidentally clicked OK to the prompt about installing an application from the web that shows in a big warning box telling you about signed and unsigned applications.

Or maybe you were using an old version of Internet Explorer (IE 4? 5?) which doesn't prompt for anything if you have that set as the default. That seems highly unlikely for someone smart enough to know COM and the registry.

Okay, sorry if I am sounding like a jerk. I really just want to know how this can happen!

Re:It's not just the non-technical users

[FLAGGR]

It's called Internet Explorer.

Re:It's not just the non-technical users

spayware

I didn't know software could do that.

Re:It's not just the non-technical users

[Iriel]

I agree whole-heartedly. The sad thing is that I find it easier to get comprehensive and up to date virus definitions, and yet some of the best malware removal tools around with the most recent updates still can't seem to get rid of some of this ad-crap permanently.

Upon getting a new computer, I actually install a firewall and Firefox before any of the mobo and video drivers just in case I have to go online to get the newest drivers. And this is to protect myself from things far worse than sassers and exploits. No no, I'm talking about...gator ::quiver with fear::

Re:It's not just the non-technical users

[l3v1]

Sorry about your "problem" but you were most probably lamely using IE with quite low sec. settings and no good av software. E.g. [I'm not affiliated] avast even proposes to break connection to websites trying to do anything malicious and with Firefox you really can't have a without-click-automatic .exe execution, unless you really really desire it. Simple precautions, especially since you say you know what you're doing [generally, in this case obviously not].

Re:It's not just the non-technical users

[MynockGuano]

...insecure as Woody Allen having a paranoid attack while all his friends party in the room next door.

I'll take Insanely Obscure Analogies for $400, Alex.

Re:It's not just the non-technical users

[malcomvetter]

You're not going to want to hear this, but anyway ...

You could have *_avoided_* all of that if you just ran your box as a user, and elevated to admin when needed.

Mor info on the non-admin experience

Re:It's not just the non-technical users

It's not just low security with IE that's the problem. I've surfed sites (IIRC it was a lyrics site for popular music) using Safari and was stunned to watch an .exe file automatically download to my Desktop. It's utterly harmless to me, but how many people, if they didn't notice it, would think "Oh, if it's on my Desktop, I must've put it there... click click." So, that's all it takes: 2 clicks to infection.

Re:It's not just the non-technical users

[OctoberSky]

Bush said that, it was a joke. As in "I think we misunderestimated /. users ability to comprehend jokes."

Re:It's not just the non-technical users

[yomahz]

Okay, sorry if I am sounding like a jerk. I really just want to know how this can happen!


In case you've been living in a hole for the past few years, IE has a particularly lengthy history of exploits. Auto execution of downloaded files by playing mime-type tricks, arbitrary execution of code via client side scripting languages, etc., etc..

It's perfectly possible that you could download and install spyware/adware/virii with IE with 0 clicks. Sure there are patches issued but they've been far from what I'd consider timely responses.

You can be as vigilant as you want with IE patches but I'd still be very cautious going to "seedier" sides of the the internet. I'm not saying there aren't problems in other browsers because there are. They just don't have nearly as many problems. Maybe that's because they don't have large enough of a market share to catch adware/virus author's attention.

Regardless, I've stopped using IE years ago because of these very issues and couldn't be happier with the alternatives.

Re:It's not just the non-technical users

[AnObfuscator]

Okay, sorry if I am sounding like a jerk. I really just want to know how this can happen!

You somehow assume that you actually have to "click" a link and "save to disk" to download a file through IE. This is not so. Sites can use IE to install software on your computer, without your knowledge, even with all the preventative measures you mentioned. This is possible with what are known as "exploits" in the system. The insecurity of IE is not so much the default settings, as it is that changing the settings means practically nothing. That is why IE is flawed and broken beyond belief with critical security vunerabilities.

If you want to see how easily a PC is infected without you clicking, saving, or knowing ANYTHING, this series of articles will help: http://isc.sans.org/diary.php?date=2004-07-23

Re:It's not just the non-technical users

[Dmala]

I know when I got nailed (I had launched IE just to take a quick look at a page that wasn't rendering right in Firefox), a dialog popped up asking if I wanted to install such-and-such program. I'm not sure if it was Javascript or ActiveX or what, but the impression I got is that it was something that would have installed silently prior to the latest round of security updates.

As it was, I knew what it was, and reached to click the "No" button. Somehow I missed and hit "Yes" instead. I realized what I had done an instant after I released the mouse button. It took me four hours to rip that fucker out completely.

One click was all it took, although this was quite a while ago. I don't know if the latest security updates make it harder to do by accident. All I know is if a page doesn't render in Firefox, I don't need to see it.

Re:It's not just the non-technical users

A-Squared, MS Anti Spyware, and AVG nailed that combo for me, but it was frustrating as hell.

Re:It's not just the non-technical users

Didn't someone patent "zero-click" shopping? :)

Re:It's not just the non-technical users

[Tezkah]

Absolutely insightful, I've had my parents computer set up with a limited user setup for over a year without problems*. Case in point: "Ryan, your sister is complaining that she can't install this program for free smilies".

When they DO need to install a program, for example the software that came with their digital camera, they can log out and log in as the administrator account. Sure, its a hassle, but much less of a hassle than using popups and things like that.

Whenever I come home I do Windows Update and usually a Firefox update, then I check up on Adware and things like that (nothing found at all for over a year!).

This setup has worked on my laptop as well, limited user accounts + no IE + no installing risky programs (ex: downloaded from bittorrent, closed source "Freeware" programs without researching), and you won't be getting any malware.

I don't even consider myself to be that knowledgeable, and I can't understand why people are still getting infected with this besides poor habits.

* the only problem with their computer is that they allowed my sister to install LimeWire, and while that isn't a spyware program, is still a risk (I don't trust P2P beyond Bittorrent, thankfully they chose an Open Source / Malware Free program) through installing programs. Sadly, the only problem with this is that my sister has downloaded enough music to get within 250MB of the harddrive limit, and they don't really want to buy a second harddrive.

Re:It's not just the non-technical users

[MCraigW]

I understand that it is quite painful.

Re:It's not just the non-technical users

[Bastian227]

Sites can use IE to install software on your computer, without your knowledge, even with all the preventative measures you mentioned.

The first, absolute preventative measure one must take is to not grant administrative access to web and exploit authors. Granting them admin access allows them to install software and disable what is commonly referred to as "preventative measures", namely anti-virus and anti-spyware applications.

These applications are often used as a first line of defense, but in reality they are the last. Malware must get by the OS security first, which is easy to do when you grant everything admin access.

IMO, it's time to stop putting all blame on the bad people on the Internet. I also blame technical support people who don't try to understand how to run a computer with user rights, and I blame Microsoft for not encouraging or requiring better default security. People have a tendency to accept whatever is given to them without question, and Microsoft gives them admin access by default.

Re:It's not just the non-technical users

[GlassUser]

How does clicking on a web page bring infection? Surely the browser shouldn't execute anything directly like a spyware installer?

He probably just has no idea how to use a computer. Logging in as an administrator, setting your web browser to automatically run executables, etc. He also left out a couple of steps he would have had to take. Basically, he's the non-technical user they're talking about up there.

Re:It's not just the non-technical users

[spxero]

I've had CWS.Hiddendll on my system for the past 9 months. It didn't do much, only try to open up IE every now and then and load itself into rundll at startup. I used Ad-Aware, Disspy, Spybot S&D, CWShredder, AntiVir and McAfee- all to no avail, so I feel your frustration. I only wish my box wasn't as lightly loaded and I would have wiped the darn thing. As it turns out, a virus/worm was loaded onto my system and only Norton was able to get rid of it. For those of you out there fighting stuff- google is the best option. I've found so much more about spy/mal/annoying-ware and removal than any programs have allowed me to. A lot of programs go out and find detections, but very few completely rid the computer. After all, wouldn't getting rid of it completely make them unnecessary?

Re:It's not just the non-technical users

[PHP+Addict]

"...tracking programs that come bundled with other software and that users knowingly download, although they don't necessarily want the adware." Why exactly is that allowed?

This sounds a lot like a certain method of getting bills passed in Congress...

Re:It's not just the non-technical users

[George+Beech]

Being a technical guy, familar with the registry, COM, and how windows works, I wend about trying to kill this pesky snake. A few hours later, after saying some words I won't repeat here, I decided to wipe the machine and start over (it was a lighly loaded box, so no major loss)

Being a technical guy who is lazy enough to realize someone else probably has already come up with a solution for this problem last time i ran into it.
I did a google search for "Aurora Spyware" and clicked on the first link
Much easier than trying to hack it out myself.

Re:It's not just the non-technical users

[Anarke_Incarnate]

See what butchery of the language Dubya has done?

Re:It's not just the non-technical users

[evilmrhenry]

Off-topic a bit, but this is how I removed Aurora:

1: Run regedit. Navigate to the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\winlogon\Shell and change it to "Explorer.exe" (ie, delete the Nail.exe part.)
2: Reboot into safe mode.
3: Now, open C:\Windows\Nail.exe in Notepad. (Yes, I just told you to open an executable file in notepad) Once open, hit Ctrl+A, Backspace, Ctrl+S. This leaves Nail.exe as a 0-length file. (Deleting the file doesn't work, by the way. It gets replaced immediately by the normal file.)
4: Reboot into safe mode. (You should get the message "C:\WINDOWS\Nail.exe is not a valid Win32 Application.")
5: Remove the randomly named exe file from msconfig, and remove nail.exe from the registry again. Reboot into safe mode.
6: Remove all the randomly named files from C:\Windows (They should all be the same size. 71.5KB over here.) and reboot into normal Windows. Check msconfig, the Task Manager, regedit, and look for popups. If no signs appear, you should be fine.

Re:It's not just the non-technical users

[Penguin+Programmer]

Which is something that pretty well every Linux distro *forces* users to do without inconveniencing them at all. Why should security be something that is optional and that requires advanced technical knowledge and understanding to enable in an operating system? It just doesn't make sense to me.

Re:It's not just the non-technical users

[99BottlesOfBeerInMyF]

"misunderestimating" is a perfectly cromulent word.

Re:It's not just the non-technical users

[AvitarX]

To remove spyware.

1) run spybot.
2) make note of what it can't remove.
3) find those files.
4) reboot repetedly hitting F8
5) pick safe mode with command prompt
6) when at command prompt hit WIN+E
7) browse to files and delete them.
8) reboot
9) run msconfig and delete mention of said files.

not too hard, and not too long, much easier then SoftIce.

Re:It's not just the non-technical users

[greginnj]

A-Squared, MS Anti Spyware, and AVG nailed that combo for me, but it was frustrating as hell.

Question here -it seems that most /. people use and/or recommend AVG. I stumbled upon AntiVir PE Classic ( http://www.free-av.com/ ) a long time ago, and have been pretty happy with it.

Is there any particular reason why AVG is the /. market leader, or is it just the best known? Can anybody compare/contrast AVG and AntiVir? Thanks ...

Re:It's not just the non-technical users

[chelecossais]

It wasn't a joke - he really said that - he tried to pass it off as a joke a couple of days later. He really is a dimwit.He's used this non-existent word more than once.

http://www.dubyaspeak.com/repeatoffender.phtml?off ense=misunder

Re:It's not just the non-technical users

[drsmithy]

While doing that, I accidentally clicked on a certain part of the web page. Bingo slammo, my system was infected with spyware, this nasty Aurora and nail.exe [netrn.net]

Your biggest mistake is running as an admin and not a regular user.

Your other mistake was using IE for something other than Windows Update.

Re:It's not just the non-technical users

[shikra]

Usually you need some serious hardware for that.

Claria

[MarkByers]

An thanks to Microsoft it looks like *every* Windows computer will be infected with spyware in the next veriosn of Windows.

Re:Claria

[Gertlex]

Perhaps the question should be 'how much spyware?' I'm willing to admit I probably have spyware/adware on my computer. It plain and simple doesn't affect me, however. I run adaware perhaps once a month and I get 1 or 2 files per month... So techinically I'm often 'infected,' but it sure isn't hurting me. So of course, the article is using faulty logic in saying that the number of computers with spyware is equal to the number of computers noticably affected by spyware...

Re:Claria

[MarkByers]

Some malware replaces adverts of the sites you visit with adverts of the malware author's choice. You say this doesn't affect you.

So you think that it's ok that when you visit your favourite site, all their adverts are replaced by adverts of Microsoft's choice, and your favourite site gets none of the revenue? And when your favourite site ends up having to shut down due to lack of funds, will you still argue that spyware/malware does not affect you?

Re:Claria

[Leroy_Brown242]

That's not a bug, it's a feature.

Re:Claria

[Iriel]

Well duh! It's called Windows ;)

Re:Claria

[lordsilence]

Call me cheap. But I use adblock and block all those adverts. Thanks, but Im not going to watch blipping and hopping adverts going over my screen. As people has pointed out before, the web wasnt developed to be dynamic. But it has become, though I still prefere text adverts over ANY banner.

Re:Claria

[TheRaven64]

So you think that it's ok that when you visit your favourite site, all their adverts are replaced by adverts of Microsoft's choice

Hmm. Maybe there is some Mac malware after all. Whenever I visit Slashdot, all of the adverts have been replaced by Microsoft ones...

Re:Claria

I guess you don't remember Alexa that came conveniently bundled with Windows XP.

Nothing new here.

I tell you what

[Luigi30]

Ah nevah though' that purpled monkeh wha' read my emails coulda ever stoled mah password!

Re:I tell you what

Southern accents do not make people stupid, you jackass.

I thought I was immune too

[ReformedExCon]

I run a firewall, I have my operating system completely patched, and I never open attachments from people I don't know.

Imagine my surprise when I ran AdAware just today and discovered 7 infections.

The real problem is not that there is a bunch of computer illiterate grannies opening every attachment they receive. While that is a factor, the real vulnerability is in the hubris of "power users" who think they can't get infected because they take all the precautions. But as I learned today, sometimes even that is not enough to be completely protected.

Re:I thought I was immune too

Let me guess...

You, just like the rest of the guys in that article, were probably running Windows.

Re:I thought I was immune too

[MoonFog]

How many were cookies? The only adware I've really got were tracker cookies from doubleclick etc. Those are recognised as infections in AdAware, and they are easy to get if you forget to turn off cookies.

Re:I thought I was immune too

[Enigma_Man]

Or you can just ignore them. They don't inherently do anything to your computer, they're just used for tracking purposes, which a lot of people probably don't like, but are generally not used for nefarious purposes (but are used by bastard marketers, to pick which kind of adds they want to display to you, by what your interests are).

-Jesse

Re:I thought I was immune too

[misleb]

Cookies are far too useful to turn off. And they are mostly harmless anyway.

-matthew

Re:I thought I was immune too

[MoonFog]

Yeah, my point was that they come up as infections in AdAware. I use the cookie handler to block known tracker sites such as doubleclick, but I allow regular cookies. A couple of tracker cookies can off course still get through, but it doesn't bother me that much.

Re:I thought I was immune too

[Captain+DaFt]

Yeah, I had spyware hit recently myself.
I bought an MP3 player (I'l be nice and not name the brand) and loaded the cd to load its driver to my system.

NOTE: I only selected that the driver, and nothing else, be loaded. (And not to the default directory, I might add.)

Imagine the stream of invective that resulted when, after installing the driver to the directory I chose, it promptly created the default directory, uploaded several megs more, the started installing things to apparently random directories!

Forunately I have Startup Guard http://www.acelogic.com/ installed, and was able to deny the crap access to the registry.
After that, I deleted the default directory, and got rid of the rest with Adaware and Search and destroy.

Moral: Take all the care you want, the crap WILL find some way into your system!

Re:I thought I was immune too

[Cerv]

Why must it be all or nothing? Allow the cookies that you find useful, disallow the ones that you don't.

Re:I thought I was immune too

[Lagged2Death]

Mozilla, for one (perhaps Firefox also) makes it easy to allow cookies on a whitelist-only basis, which I consider pretty easy, and which renders any worries about tracking cookies completely moot.

Surfing the net this way, though, it's surprising how many on-line stores won't even let you search and browse their wares without cookies enabled.

Re:I thought I was immune too

[misleb]

It isn't surprising at all considering how important cookies are to maintain user sessions. Shopping carts use sessions. Cookies are very useful. Many application simple will not work without them. I don't know why anyone would want to turn them off or even maintain a whitelist.

-matthew

Re:I thought I was immune too

[Gorath99]

Really? Could you please name the brand and type of player so we can avoid it?

Re:I thought I was immune too

[misleb]

Why bother? Is there any good reason for not accepting a cookie?

Re:I thought I was immune too

In Firefox you can either block cookies by default and have a whitelist, or allow by default and have a blacklist. Better yet (IMHO) you can tell it to allow them UNTIL you exit Firefox, at which point they all get deleted. Full functionality, and then all the crappy cookies that got dumped onto your machine vanish again!
The only problem with that is the odd cookie that you do want to keep, but they're pretty rare in my experience.

Re:I thought I was immune too

[rhizome]

Why bother? Is there any good reason for not accepting a cookie?

I think of it slightly differently: What are good reasons for accepting a cookie? You're inviting outside data to live on your machine, so I don't see a reason to allow all comers. Those that I find good reasons for keeping their cookies I put on my whitelist, which is really only the 5-10 sites that I regularly visit under login.

Re:I thought I was immune too

[Thud457]

I agree. Captain DaFt says he's "being nice" to the company that abused him and his trust. He should "be nice" to his fellow slashdotters by warning them off from such a rude, obnoxious and dangerous company.

Re:I thought I was immune too

[plover]

Please, enlighten us with this bastard company's name. You're not doing them any favors by allowing them to continue making work for the rest of us -- let's get them reeducated sooner, not later.

I found Brodcast / DSSAgent on my PC when I first started learning about spyware several years back. I realized this was the first cleanup I'd ever done, so I thought no big deal. But then, of course, I tightened the box down completely, and was far more cautious, and haven't encountered any on my box since.

Except Brodcast came back one day. I then researched it and found it came in on a purchased game CD from Mattel (I think it was a Carmen Sandiego title.) The CD was quite old, and it was just a "new concept in marketing" back in 1998, long before spyware became a word. Mattel got publicly spanked for this back in 2000, and their more recent releases are safe.

The spanking worked. A few of us still consider Mattel a bit "sleazy" for ever having tried it, but they did stop once it became widely known. Do them and us a favor and publish their name. The sooner they get spanked, the fewer computers will be infested.

However, please make sure your facts are straight before you go public. Make sure it was actually software on that particular CD that hit you and not a different product or a worm such as the Win32.Spybot worm. You should also contact the manufacturer and ask if it was deliberate -- it's possible that their master CD was infested with a worm like this just before it went to production.

Re:I thought I was immune too

[QuickFox]

The only problem with that is the odd cookie that you do want to keep, but they're pretty rare in my experience.

You can whitelist the ones you want to keep.

Re:I thought I was immune too

[bnenning]

Is there any good reason for not accepting a cookie?

When it's used to track you across multiple unrelated sites, absolutely.

Re:I thought I was immune too

[Captain+DaFt]

Ok, I un-installed the driver, and re-installed it so I could document by screenshots what happened.
Pictures and text are at available for download at http://www.savefile.com/files/6634857
The filename is MP3 blues.zip
(Sorry, just straight text and jpgs. It's late and I wanna go to bed.)

Re:I thought I was immune too

[plover]

Nice documentation! However, after looking around it doesn't really look much like a true spyware installation to me.

It looks like it's installing Audible's AudibleManager, which according to their website is supposed to be an automated podcast-downloader-thingie. Now, I know nothing about this software other than what its stated purpose is: to automate the downloading of (primarily) audio file content. As far as I know, to use it you have to register with Audible to request certain content. It seems like they're trying to run a pay-for-play service. I don't see mention of ad supported media, although I'm assuming their non-premium content probably comes with audio ads. Plus, they aren't mentioned as a threat on the anti-spyware forums I frequent. While it seems to be a touch suspicious, it's not ringing all my alarm bells yet.

The registry entry Startup Guard caught for you looks like a pretty standard "we've asked you to reboot to install our drivers, and when the reboot is finished we're going to run the installer one more time" (I am assuming this because the program path is an InstallShield related path, and not a typical spyware folder path.) Typically this step is used to clean up temporary or intermediate files created during the installation process. The name of the startup task here implies that it might launch a window begging you to register your software. But being placed in the RUNONCE key isn't necessarily spyware by itself -- according to Microsoft

"By default, the value of a RunOnce key is deleted before the command line is run. You can prefix a RunOnce value name with an exclamation point (!) to defer deletion of the value until after the command runs. Without the exclamation point prefix, if the RunOnce operation fails the associated program will not be asked to run the next time you start the computer."

Spyware doesn't typically want to be auto-deleted -- it tries to run forever and ever. Sure, some spyware hides in the runonce key and continually restores itself there, but your particular install doesn't seem to fit the spyware pattern yet. You can certainly choose to block this extra step (as you did) without doing real harm to your machine, but you'll probably waste a few bytes of hard drive space by not allowing it to clean up.

I personally agree with you on this one and consider avoiding this kind of random software execution to be worth the waste, which is why I usually don't allow these to proceed myself. However, by preventing this step from running, you may have inadvertently allowed the C:\Program Files\Creative folder to go undeleted after the install! Just because you chose a different folder doesn't mean their installer is perfect: they may have hired a stupid installation-script writer who put everything to C:\Program Files\Creative\ and then cleaned it all up at the end by moving the entire folder contents to your stated "real" destination. (Yes, there are installation packages like that because InstallShield has an absolutely horrible script language that takes a long time to learn, leading to all sorts of stupid workarounds among people who haven't mastered it.)

The one real concern I see here is the four Ad-Aware critical objects. It would have been nice to have a screen shot indicating what those were. They might have been as innocuous as the AOL spam on your desktop, a few doubleclick or aol cookies, or (my least favorite feature of AdAware) additions to a "most recently used" file list. (AdAware seems to equate populating a "most recently used" file menu list with the installation of real spyware. It's a very poor discrimination between "privacy" and "spyware" that tends to frighten people when they see it. I prefer to turn MRU checking off completely.) But without seeing AdAware's list, it's hard to tell what it thought was wrong.

All in all, I'd say

Re:I thought I was immune too

[Captain+DaFt]

Yeah, I'll admit to jumping the gun and calling it spyware in the original post, but it was a mixture of adware and totally unwanted programs that I didn't want or select to be installed. (at least, not intentionally.)
Oh, and the four critical objects were all AOL related. But after having had to fix three computers that AOL screwed up, (My nephew's once. his girlfriend's twice.) I go ballistic when anything AOL related gets sneaked onto a system.

Re:I thought I was immune too

[plover]

Well, I really saw only one unwanted program being installed, and I can't really label it adware (yet), so I'm glad you didn't prematurely blame the vendor.

Anyway, about AOL -- the thing I hate the most is that they add themselves to the computer's "most trusted domains" list. Now that's spywary activity no matter how you slice it.

not a big surprise, but it's ominous for future

[yagu]

We cluck our collective tongue and think that we'd never be so stupid, but this is a major problem that plagues personal computing.

One small but not insignificant piece of the problem is just that, the attitude among techies that if only the "lusers" would stop being so stupid, they wouldn't have so many problems.

1. they really aren't as stupid as we accuse them of being
2. most of us techies probably would have to admit to an infection or two ourselves, that with our extensive knowledge and background
3. the world of malware is incredibly aggressive at staying ahead of the defensive curve.

I've predicted this before, I'll stand by the prediction, (unless there are quick, effective, and transparent solutions) people eventually will become so fed up with this they will collectively begin to unplug (not necessarily a bad thing) and move on. I have in the last few years established my uneasy peace with Microsoft Windows on my dual boot machines now that XP has reached reasonable stability, but have gotten to the point where I rarely go there anymore because it has ceased being a "boot into" endeavor and instead is almost always a boot, then reboot, and sometimes yet another update and reboot. So much for transparency. I have programs I like to use in Windows I've actually begun to offset by creating my own similar linux functionality (thank Goodness I can code) just because I can't stand the 15 minute preamble to getting up and running in Windows.

On the other hand, my Dad, whom I've spent countless hours coaxing and helping learn Windows and how to use his computer called the other day and said he had disconnected it, and didn't care to ever use it again. I can't blame him.

Re:not a big surprise, but it's ominous for future

[Poromenos1]

That's true. I've been infected with a dialer myself once (I still can't figure out how the damn thing got in), but I quickly found and removed it (it changed IE's startup page, good thing I opened the damn thing to check something that didn't like Opera). Sometimes I help friends remove malware from their PCs, and I tell you, it's not that easy. Even when booting a windows livecd and running 2-3 antispyware programs, a lot of malware stay stuck in the system, and they're not really worth the trouble of cleaning them vs formatting.

Re:not a big surprise, but it's ominous for future

I agree. In what other product would we accept this type of headache.

The closest -and I'm not sure that its very close, is U.S. public transportation. And the only people who tolerate it are mostly people without any other choice.

Re:not a big surprise, but it's ominous for future

[Aerog]

I'm going to agree in part with that. First:

Disagreements:
Never underestimate the power of stupid people in large numbers. - Most of them are not as stupid as we accuse them of being but dear Lord are some of them ever close.

Stupidity and Ignorance are two different things. I'm noticing more and more that when I try to talk to someone I know about keeping their machine clean of spyware and ads (i.e. don't run IE) they either ignore it or just refuse to listen because they "aren't a hacker and don't know this computer stuff". People don't want to learn something totally unfamiliar for fear of seeming stupid, so they avoid it so as to not have to deal with it.

Agreements:
People will unplug. People will go do other things with their lives. It's a hell of a lot easier than reformatting a system and losing all your data (backing up or partitioning is 'too hard' for the average user, regardless of how easy we make it) or learning why it works. They don't want to know that, so it's easier to just stop doing it.

Sure, you can use Windows successfully and without spyware, but it's far too complicated and restrictive for the average user to care about. "What? You mean I can't just download that new picture-taking (pronounced 'pitcher') program to get the red eyes off Bill? Why can't I get this downloader program so I can watch porn?"

It's just easier to go find something else to do, especially if your X-Box 360 or PS3 will let you send pictures to Grandma.

Re:not a big surprise, but it's ominous for future

[scrow]

1. they really aren't as stupid as we accuse them of being
2. most of us techies probably would have to admit to an infection or two ourselves, that with our extensive knowledge and background
3. the world of malware is incredibly aggressive at staying ahead of the defensive curve.

You make a very good point that I don't think a lot of [technical users/geeks/l33ts/etc] get very often. There really isn't that much difference between these and an "average user" no matter what troll may claim here. These technical users are not heros (unsung or not) standing up and protecting everyone. Malware/Spyware authors are finding ways to eclipse the imagined skill of geeks more effectively everyday. You can throw a rock here and hit umpteen posts a day about how security is just another fence to cross, how drm does not matter, we can crack it in 2ms etc. Well guess what, geeks/technical users present a form of security/DRM/encryption to nefarious users. Some may throw up a pretty good defense, but in the end all end up getting screwed.

Re:not a big surprise, but it's ominous for future

[Lovesquid]

they either ignore it or just refuse to listen because they "aren't a hacker and don't know this computer stuff".

It's this willful ignorance that really gets to me. I can understand ignorance -- no one is born knowing how to maintain their computers. But there is an enormous segment out there who a) want all of the advantages of having a working computer in their homes and b) either are not willing or cannot be bothered to even attempt to learn how to take care of their computer, even if they have someone around who is willing to help them learn it.

The "oh, I don't have time for that stuff, it's too hard" mentality is everywhere.

If you want to go for a drive, you have to learn how to operate a car. Laziness, fear, or just plain apathy are what frosts my shorts about this whole thing.

Re:not a big surprise, but it's ominous for future

[Aerog]

The "oh, I don't have time for that stuff, it's too hard" mentality is everywhere.

I think the scariest prospect is when those people are placed in a position where those around them trust their computer knowledge. Think about it: We all have friends and family who ask us questions and generally trust our help when their computer breaks down. What about the people who don't know a geek? They call on their resident computer 'expert'. In one case, I was working on a remote site and set up Mozilla with their new install. Wood skin and imported mail contacts and the 60+ year old woman running it was happy as could be. I leave the contract for a few months, come back, and get asked to go out and diagnose a router problem. Her daughter, a 'computer professional' tells me to "Get that Mozolla thing off Mom's computer, it's just confusing her when I try to help". It wasn't that it was a bad idea, she just didn't want to learn how to use something that wasn't IE. Not only that, she couldn't even be bothered to learn what it was called. And I've run into a lot of people who won't even learn that. It's just 'not IE, so I don't want to know'.

Scary when you think how many of these people are in authority positions!

Re:not a big surprise, but it's ominous for future

[smooth+wombat]

Scary when you think how many of these people are in authority positions!

You mean like the CIO of the department I work in that let a several thousand dollar, one-time-only grant from the Federal government expire? A grant which could have been used to buy a new server for a specific agency but who will now have to budget for the new server?

People like that?

Re:not a big surprise, but it's ominous for future

[Aerog]

People exactly like that! Sorry to hear that one of them managed to get in a position of authority and you have to deal with it, though.

Re:not a big surprise, but it's ominous for future

[GutBomb]

i disagree with public transportation. I use it by choice to avoid the headaches of traffic. waiting for the bus in the extreme heat or cold for a few minutes is a small price to pay for sanity.

i would say cellular phones are probably second down the list. not the phone or the service itself, but any time you need to contact the company providing the service.

Re:not a big surprise, but it's ominous for future

[LKM]

On the other hand, my Dad, whom I've spent countless hours coaxing and helping learn Windows and how to use his computer called the other day and said he had disconnected it, and didn't care to ever use it again.

All my relatives have Macs. Problem solved, and I usually don't even need to wear The Shirt :-)

Re:not a big surprise, but it's ominous for future

[drsmithy]

they really aren't as stupid as we accuse them of being

Yes, they are. A depressingly large amount of malware requires the user to do something stupid - or at the very least questionable - before it can get onto the computer.

I have programs I like to use in Windows I've actually begun to offset by creating my own similar linux functionality (thank Goodness I can code) just because I can't stand the 15 minute preamble to getting up and running in Windows.

I'm having difficulting conceiving WTF you could possibly be doing in Windows that requires 15 minutes of rebooting just to get started.

Re:not a big surprise, but it's ominous for future

Yes, they are. A depressingly large amount of malware requires the user to do something stupid - or at the very least questionable - before it can get onto the computer.

And, a depressingly large amount of users who by no fault of their own do something they think is perfectly reasonable and end up with unusable systems. I've worked a lot with the user public, and while their notion of what a computer is, and how it works borders on amazing sometimes (e.g., confusing memory with disk space), they really are operating on a good faith basis here, and the world of computers does not return the courtesy. I've had users who were almost in tears and apologetic because they thought they'd done something horribly wrong, but in fact when you listen to their thought process, their actions were reasonably reasonable.

I'm having difficulting conceiving WTF you could possibly be doing in Windows that requires 15 minutes of rebooting just to get started.

As for WTF I could possibly doing... I don't sit poised at the edge of the keyboard waiting to click "OK" to a restart prompt. Typically I'd already started something I need to now stop doing because now I've got an update ostensibly in some halfway needs-to-be-rebooted state.

So, I've booted into Windows, tried to get started on something, and get interrupted. I've timed the boot sequence round trip into Windows, and it takes three and a half to four and a half minutes to get completely settled down (disk light finally stops chattering) and for the system to finally get responsive enough to fire up an application. Factor in getting an application started up, getting situated to start the work at hand with that app, and the interruption, typically I may be anywhere from two to five minutes into "using" Windows when interrupted for a restart.

So, if I were to just sit poised at my keyboard to interrupt the "long" POST (I leave that enabled by default), and log in to Windows, and start my application, two round trips would be seven to nine minutes. Add in the two to five minutes to get settled in on the work at hand, twice!, now we're looking at nine to fourteen minutes. But as I stated earlier in the comment, I don't sit poised at the keyboard because of the nuisance factor of "waiting" for all of this to go and with other things to do I typically will turn to some needed page in a manual, get a CD ready to play, plug in the charger on my mp3 player, etc.

So, all of this comprises what I refer to as a "preamble" -- it isn't hard for it to be easily fifteen minutes if there is an update to the system (and it is extremely likely I have an update). And, it is not unusual for my virus checking to ask me to do an additional "live update" after a restart and restart again, which even poised at the keyboard racing to startup yields close to the fifteen minutes.

I think I'm being generous. (I'm not gonna burn karma on this... I'll post AC, but if you have comments... you can e-mail me... yagu with additional thoughts)

Re:not a big surprise, but it's ominous for future

[dexomn]

15 minute preamble? Add a second 128MB stick and uninstall your 90 day demo of norton internet security. You'll be golden.

Re:not a big surprise, but it's ominous for future

[seifried]

We got my dad a Mac last year. I haven't recieved a single support call from him since. It's really the sanest way to go if you want it to just work, and be soft and fuzzy.

Re:not a big surprise, but it's ominous for future

[plover]

I used to have the same attitude, but I fortunately outgrew it once I realized the simple truth: these people have been sold computers.

There's a difference between buying a computer and being sold a computer. Buying implies that you know what you're doing, and that you have a purpose, and many other things including the willingness to learn, at least to the degree required that you mention above.

Being sold means being told "Oh, Grandma, you need a computer so we can send you baby pictures" or "Geez, Frank, why don't you just go to the web site to find the parts list for that snowblower?" Frank is a plumber. Grandma sells Mary Kay. These are not computer literate people, and have neither the time nor the inclination to learn. Yet they've been told by someone that it's "plug and play" or "just click here for your email, Grandma."

You can't hold these people responsible for having knowledge that they are never likely to be able to learn. An analogy is that today you can be a successful car driver without ever having opened your own hood. There was a time when it would have been unthinkable to not understand the Otto cycle and be presumputous enough to believe that you could successfully drive from New York City to Pittsburgh. So just as cars have become more reliable and simplified to the point where ordinary folks can drive them, computer makers have dumbed-down their interfaces so that Grandma can be successful at "clicking here for email."

And from the other side of the equation, why should Grandma have to know about a firewall, or spyware, or viruses? She doesn't have to know anything about a fan belt in order to drive her car. So why place these same expectations on ordinary people?

The reason is that computers were sold to the general public far, far in advance of their being market-ready. Only the simplest of embedded systems are really "consumer quality" -- toaster controls, elevator controls, etc. But we Lords of Technology have been trumpeting how great our lives are now that we're "on-line", and have been pushing everyone from your nephew to my grandmother-in-law to buy a computer. No matter that the systems bring up blue-screens-of-death, get infested with worms, and pop up little warning dialogs filled with humanly-unreadable arcana.

What should have happened? Should we have sat on our precious artificial monopoly as Kings of the Digital Age, with an understanding far above the Puny Mortals, denying them access to our CPUs of Great Power? We actually did for many years, but with the rise of GUI-based operating systems, we could no longer deny the spread. We kings now simplyh have to cope with the fact that the mortals can never be our equals, they'll never devote their lives to learning this trivia. So it's up to us to help them, at the very least to help them to the point where they can no longer do damage to us with their worms.

WTF?

[rerunn]

Malware?? I thought the porn popups were a feature!!

News?

[Hachey]

...stuff that matters...

This just in! The Chicago Sun Times reports, spyware disrupts lives of computer users! ;)


--
Check out the Uncyclopedia.org :
The only wiki source for politically incorrect non-information about things like Kitten Huffing and Pong! the Movie !

Re:News?

[MoonFog]

CST is hardly a tech paper, every report like this that may help regular people find something out about the issue should be encouraged.

Solution

[Mr.Dippy]

If you don't like it then stop using the Internets.

57% of Internet...

[timtwobuck]

In other related news, 57% of all internet browsers in the US either: Have been able to navitage to getfirefox.com and/or Have a porn addiction

Re:57% of Internet...

[Dunbal]

57% of all internet browsers in the US either: Have been able to navitage to getfirefox.com and/or Have a porn addiction

The other 43% have a Firefox addiction and are perfectly capable of navigating to porn...

Re:57% of Internet...

That statement makes no sense, even as a joke.

No spyware, malware

[Krankheit]

I have no spyware or malware on my computer. I only download good programs, like Bonzai Buddy and smilies for my Outlook Express. When I am not using my computer, and while I am using my computer too, I let my computer send out e-mail and perform security audits on other Microsoft Windows computers! In exchange, I get free, unlimited access to special money saving offers for products from many reputable companies, such as Pfizer.

Re:No spyware, malware

[accessdeniednsp]

You forgot Comet Cursor! It is *THE* best!

Survey results skewed (as always)

[FrontalLobe]

The people who are dumb enough to take these polls are the people who dont know how to prevent spyware...

I have a hardware firewall, software firewall, popups blocked, and dont visit 'those' websites.
When a phone survey comes my way (or any other telemarketer), which hardly happens, I tell them to take me off their calling list. Problem solved.
I did have one 'survey lady' call, and when I interrupted her, "Could you take me off your calling list please?", she replied, "I can't".

I told her she was going to have to if she didnt want her company to be sued, so she said she'll get her manager to do it.

Can't wait till VoIP starts getting spyware through telemarketers.
Telemarketer: "Hello, would you like to apply for the new [insert credit card here]?"
Customer: "No thanks, I have enough cards."
*faint buzz*
Telemarkerer: "No problem" *chuckles*

Re:Survey results skewed (as always)

'those websites'?

like MSN?

Yup, watched a computer that was fresh and clean get infected with spyware when the first launch if IE in an attempt to get the latest firefox installed get infected by a banner ad on MSN... the default page that IE uses on a fresh install.

so you simply only surf websites with the IP address of 127.0.0.1 then?

get a grip and a clue dude, as you obviouslally know nothing about the subject.

Re:Survey results skewed (as always)

[FrontalLobe]

Easy, I have the firefox installer (as well as all the security patches) burned on a DVD-R before doing a fresh install. Install everything needed before hooking up my network cable. Problem avoided.

There's about 5 websites I visit, period. people send me links, I don't click on 'em (for the most part). I have had spyware get installed before, for the record.

Instead of getting a clue, maybe I should be more descriptive in my posts.

Re:Survey results skewed (as always)

[MynockGuano]

I'm not sure why more people don't mention this, but you can get firefox easily without ever touching IE.

ftp ftp.mozilla.org

seems to be the obvious thing to do immediately upon booting into a new Windows installation.

Re:Survey results skewed (as always)

Which FTP client are you going to use? IE is the FTP-aware client in a stock install of any Windows.

59 mil seems low

[blankmeyer]

59 million people who have had their computer usage disrupted by spyware, adware, malware. What about the many more who are infected and just don't know it? What about those that have had data stolen and it just hasn't hit their credit statements yet?

It's your own fault

I can understand why non-technical users surf with Internet Explorer.

I can understand why technical users use Internet Explorer for Windows Update and a small selection of trusted websites (e.g. online banking) for compatibility.

But I have no sympathy whatsoever for technical users who should know better that continue to use Internet Explorer to visit websites that are in no way trustworthy.

Re:It's your own fault

[Secrity]

I have no sympathy whatsoever for ANY users that continue to use Internet Explorer to visit ANY website. The problem has been talked to death in the popular press and anybody who doesn't realize that there is a major security problem when using Windows and MSIE should not be using a computer. I also believe that anybody who doesn't know that they shouldn't toss a toaster or blow dryer into a bathtub should not be allowed to use any electrical appliance. There is NO difference between ignoring the warnings about computer security and ignoring warnings about the use of other appliances.

Re:It's your own fault

[MynockGuano]

But tell us how you really feel...

>8)

Re:It's your own fault

[dicepackage]

I agree with you that you should try and only use IE for Windows Updates but online banking I would avoid. Online banking needs to be extremly secure and I do not trust IE to handle everything properly. If your bank does not have compatibility with Mozilla Firefox then I personally would try and switch to another bank since that security hole is too big to ignore.

Re:It's your own fault

... </b>

My wife is forced to use IE to access her on-line report-card application. Firefox + User Agent Switcher does not make it past the inane "checks" that the schoolboard staff have implemented. While she has heard me jabber on endlessly about how insecure IE is, and how she should use Firefox (which she does), she has no choice in this matter. The tech-heads at the schoolboard will not budge.

Sometimes, there are situations in which using IE is a necessity, rather than a choice.

Re:It's your own fault

Anonymous letters to the editor, school board, and PTA about how the children's private data, grades, and permanent record are being made available over insecure applications may just be the trick.

Re:It's your own fault

[mpbrede]

But I have no sympathy whatsoever for technical users who should know better that continue to use Internet Explorer to visit websites that are in no way trustworthy.

But why, if you "know better", are you visiting websites that "are in no way trustworthy", regardless of which web browser you are using?? Surely the only excuse for visiting untrustworthy websites is "I didn't know better"?

Re:It's your own fault

[Jimmy_B]

Because the advertising networks are in no way trustworthy, and they insert their crap all over the place. A site is not safe to view with IE unless its server is well secured, it has no advertisements and it uses a cryptographic signature to prove its identity. And don't forget that mistyping a URL will usually lead you to a shady domain-name squatter's page, as will following an outdated link. In other words, you can use IE to visit Windows Update (which you should set as your home page), and that's pretty much it.

Re:It's your own fault

I agree with you that you should try and only use IE for Windows Updates but online banking I would avoid. Online banking needs to be extremly secure

Yes, but we're talking about being compromised by untrusted data. You are already trusting your bank.

If your argument is that Internet Explorer might have already compromised your system, then it doesn't matter which browser you use to access your bank, because the attacker already has control over your machine and can do what he likes to those other browsers.

IMHO

[ironicsky]

Quote: Yagu
people eventually will become so fed up with this they will collectively begin to unplug (not necessarily a bad thing) and move on.
Definately not! If all the idiots on the internet would simply unplug it would

• Free up bandwidth for the rest of us

• Reduce the risk of DDoS attacks on major sites

• Free up tech support people to do real things other then troubleshoot spyware

Honestly, I believe you should require some sort of license before operating the internet. You need a license to drive a car because you are putting other peoples lives in your hands. You need a license to fly for the same reason.
You need a license to sell stocks and be bonded by the securities commission. You need a license to sell insurance.
Why do you need a license for all of the above? Because what those people are doing is dangerous! Not necessarily to them, but to others as well.

How is the internet any different. Its estimated that viruses, spyware. and DDoS attacks cost over Billions of dollars.. They slow VoIP systems, they slow regular phone lines, they can mess up cable TV. If messing up necessary communications tools isnt dangerous, what is!

Re:IMHO

You arrogant, pathetic child....

You suggest that controlling access to the Internet will "fix" the problem because the "idiots" are using the Internet. You want to "license" access because this will prevent the bad guys from doing bad things. Wake up!

And you suggest that Tech Support has better things to do than support the "idiots". Who, pray tell, is paying their salary?

I don't believe that you can legislate your way out of this. The cost-benefit equation must favor the elimination of spyware - and right now, that's not the case.

Re:IMHO

[Dunbal]

If all the idiots on the internet would simply unplug it would...

Amen brother. I've been waiting for this to happen since 1986...

Re:IMHO

Lay off of my Grandma! The problem is that Grandma is not the problem. Spyware, Malware, Adware, viruses, and worms will not go away until the idiots that create them stop doing so. Fixing Grandma's or anyone elses usage habits treats a symptom but doesn't fix the cause of the problem. More focus should be put into a remedy to fix the cause. I am all for the death penalty for spammers.

Re:IMHO

You are a fascist.

Re:IMHO

[zpok]

"Honestly, I believe you should require some sort of license before operating the internet"

I think people should require some sort of license before running Windows. That would do the trick.

Let's face it

[Arthur+B.]

People ain't up to the task of using a computer. Most people are frightened, they have no idea what's going on... they merely repeat cryptic memorized sequence of actions to do everyday tasks but they are just not "getting it". Sad news: this is unavoidable, a gap is going to widen between people. Earlier "breaktrhoughs" in technology didn't need much understanding... take the wheel. But the automobile has been around since a century and people still can't drive ! Ever wonder why plane is safer than road ? The car is not intrinsequely more dangerous, on the contrary, but generally the pilots are trained professionals. I think technology is going to split between ultra-simple computers meant for web (and web will include applications such as wordprocessing etc) and the real-thing.

Re:Let's face it

[ironicsky]

people eventually will become so fed up with this they will collectively begin to unplug (not necessarily a bad thing) and move on.

3Com tried this with the Audrey a few years back. I remember supporting these things working for AT&T Worldnet many years ago. People STILL couldn't figure out the simply touch screen interface, and the all of 6 buttons the ENTIRE system had on it. Up/Down, Volume Up/Down, Home/Email.

They eventually abandoned the project and recalled the product

Re:Let's face it

Most people are frightened, they have no idea what's going on.

I'll give you the later, but as for the former, maybe they just don't care.

Re:Let's face it

[Arthur+B.]

Well I dind't mean that specifically for spywares. They are frightened to dive in, hence their reluctance to read manuals for example. They won't try to understand because trial implies action. I don't mean they are literally frightened, on the contrary, most of them are completly careless when they should fear... They will open a more than dubious attachment but be afraid if their desktop actions swtiched position.

Re:Let's face it

[el_womble]

This never ceases to amaze me and its disgraceful computer science. It seems to me that the gap between those who can and those who can't use a computer is widening rapidly. Its like learning to ride a bike the minute you get it, you just can't imagine not being able to get it, which makes you unqualified to solve the problem of making it easier to get.

Other things that must appear terrafying to the uninitiated:

• Keyboards: 105 keys, randomly ordered. Most of the keys you'll never use. Huge learning curve
• Mouse: The learning curves on these things is suprising huge. Keeping you wrist on the table is counter intuitive. People are convinced their arms arn't long enough
• Pointers: You know its related to the movements your making with the mouse, your just not sure how.
• Icons: Double click? Single Click? Right Click? Drag and Drop? Context Menu? These actions are hard enough for people to get - but then you have to explain that they represent their work XOR the application XOR folders and that all of these things have different behaviours.

I think GUIs are scary for a lot of fresh meat. "Click here to start" is not suffient instruction for somebody who doesn't know how to use a computer

...not to mention the ones who don't even know

[fhknack]

That's 43% of the folks surveyed who know they've been bitten. I'd guess there are at least half again as many who don't know that their IE keeps taking them to that new "search screen" because of something they downloaded.

Spyware & Windows

[Krankheit]

I personally run Debian Linux as desktop OS on my desktop machines, and the *BSDs on my firewall and server machines and entrust my source backup to the FreeBSD machine with NFS, but it is not hard to have a Windows machine that is spyware free. I have my grandparents, non computer savvy teachers, and many relatives who call me "computer whiz" (which is annoying) setup with Firefox and a software firewall (I'm not going to setup an OpenBSD machine to firewall unless they give me more than four litres of Mountain Dew) and they have no problems. They all run Windows {XP, ME, 2000, 98} without problems. With Firefox and gmail, they have never complained about the computer "being slow" or "crashing alot" now. This is a simple solution that ISPs like Adelphia should solicit to customers, instead of blooding blocking ports to "protect" less competent users, and annoy the rest of us like me. These teachers and relatives are soliciting Firefox, gmail, and a software firewall to all their contacts.

Re:Spyware & Windows

I happily run Windows but with the knowledge that there is bad stuff out there and have adjusted my habits and installed apps accordingly. I take care to keep it clean.

When attempting to switch to Linux I found it hard to make Linux work how I wanted it to. I dont want to start a huge debate on Linux v's Windows but I do want to point out that I spent more time trying make linux work on my laptop than I did with windows and protecting it from spyware.

I also want to say that the first response from many people is say run linux etc etc. If everybody ran Linux then that is where the malware etc would be targeting. Be happy you are in your little world that is not being attacked (Switzerland). Windows is just easier to use and if you are aware of the potential risks it is very easy to keep your PC protected and for me less time consuming in maitenance and tweaking.

Re:Spyware & Windows

[Krankheit]

No offense, but your post seems to be a generialization of Linux. What Linux distribution did you use? I use Debian Linux desktop machines (both my Mac Mini, Presario desktop, and Dell Dimension) and currently have Slackware installed on my laptop. While getting everything the way you want may take longer than Windows, once you get it the way you want, you (provided it is configured properly) don't need to bother yourself with excessive maintenence. Adding another machine is quick because I just need to set it in /etc/fstab to mount NFS from my FreeBSD (not Linux FYI) server and access is instantly provided to my mp3's, source to programs I have been coding, etc. Thanks to ReiserFS on the Linux machines and a UPS on the FreeBSD and NetBSD servers, and OpenBSD firewall machine, threats of data loss are virtually nonexistant (short of outright hardware failure of my aging machines, which I have never had a problem with, even with my 133 MHz ten year old NetBSD IBM Aptiva for Apache PHP) I think both OSes have their advantages, but what I have does everything I want and I would rather have an initial bother of getting it setup than a continual burden of maintenence.) You probably don't mind maintenence, I guess I'm lazy. Albeit, I do plan to setup a Windows 2000 machine to port programs which use Xlib directly to Win32 (I have alot of spare time)

I have to ask ...

[Kozz]

Not trying to completely berate you here, but I'm genuinely curious as to the level of protection you were using on your PC. Were you surfing with IE at the time? Did you have all the latest windows patches? Also, were you using Spybot S&D's "immunize" function?

I use FF exclusively, unless there's a good reason to view a page in IE. And I always have the latest S&D immunizations for IE. But I'm curious if I'd be just as vulnerable despite these protections.

no, thanks...

Macs combines the power of Unix and the power of Microsoft Office and are immune to spyware and viruses...

Oh, look - an argument unemcumbered by facts.

The "Trust Gap"

[digitaldc]

"There is a trust gap,'' said Douglas Sabo, a member of the board of directors for the National Cyber Security Alliance, which did that study. Consumers believe they are safer than they actually are, he said.
Wow, what insight!!! You could apply this statement to how people relate to today's government, media and advertising.
The bottom line is that people need to be vigilant about security in whatever they are doing. The computer software manufacturers need to stop spyware and adware as a built-in feature, not as a free download from an obscure website. But then again, who is profiting from all this spyware and adware? Most likely it includes some of the same people who are trying to stop it.
It does provide a need for tech workers to fix these problems ---- as its only bright side.

I just don't get it (thanks dog)

[crovira]

At home I use slackware and OS X (and a well firewalled, FireFox-ed and Thunderbird-ed Win2k box,) but I have witnessed the people at the bank where I am consulting go nuts whenever one of their machines get infected.

A consultant got banned after his laptop got infected from a connection at a hotel while getting his mail and some crap got through when he connected to the bank.

There are over 20k boxes at the bank and they take a bird if any of them would ge anything that would behave like spyware. They might monitor your keystrokes but they would hate like hell if somebody else did it. Its their equipment after all.

Re:I just don't get it (thanks dog)

Not surprising. $129 x 20,000. How many infections would you take?

No doubt they are relying on a safe network behind the firewall. Keeping 20k machines fully patched at all times seems a bit unrealistic. It's also been my experience that that applying a patch can disable a machine. What percentage of 20k patch sucessfully everytime?

From TFA

[Philosinfinity]

Sixty percent said they would have paid for the software if they knew it came with adware.

So they would pay for software that comes with adware huh? I guess I don't understand. Why pay for adware when you can get it for free?

Re:From TFA

[blankmeyer]

I think what the author meant was that the responders would pay for the software if it meant getting an ad-free application.

Windows

This is no surprise to me, as almost all default installations of Windows instantly give all users full administrative privledges out of the box. This in itself gives malware a VERY large playing field.

Windows also has the largest installed base, so malware creators obviously want to affect the largest audience possible. However, Microsoft's own anti-spyware app seems to be quite effective, and even offers realtime protection for free...what a deal!

I've switched to Linux for the most part, and I can now tolerate computing...to some extent :)

Re:Just buy a Mac :-)

[Aerog]

Okay, I'm going to bite, because this has been irking me a bit this week.

Macs are not immune to viruses, we just haven't seen a virus or spyware author take the time to exploit it, yet. Why? Because it isn't profitable RIGHT NOW.

1. Lots of users (likely the ones who would initially be succeptible to a virus) are running windows. This makes it easy to spread.
   
2. Most computers run windows. You don't see a lot of human viruses that only attack people with anemia; it's just more profitable to attack the majority (or everything, if you can get it).
   
3. Spyware makes its money on user numbers. The more users you can get, the more you want to develop a product. Why spend the time to write for the small % running macs when you can take some already-proven techniques and go for the big money (i.e. the lots of users) on Windows machines.
   
4. Programmers are lazy. If there isn't a really good reason to do it (i.e. not enough profit potential in their eyes) they generally won't do it unless they're really keen on it. Mostly, these people are not making spyware/viruses.
   

When you see the Mac userbase hit a decent number (and I don't pretend to know what that is) then you'll see spyware and viruses for it. Fact. Until then, stop being a mactard and just deal with the situation at hand: there is a lot of spyware out there and something needs to be done now. That something is not ignoring the problem until it swims up and bites you in the ass.

Non-techies don't care

[jb.hl.com]

My experience is as follows.

My mother got a new PC about Feb last year, it had XP installed on it (not by me) and since her Internet access would be coming through my PC through NAT, I asked her to install Mozilla on it to stop her getting malware. She immediately told me she didn't want "any of that Linux crap" on her PC.

Fast forward a couple of months. She was complaining about, among other things, porn popups and the fact that her PC was slowing down to a crawl. She and my brother had installed, among other things, lots of casino programs, Kazaa and had been using only IE to browse the web. A quick scan with Ad-Aware revealed 1000 infections. This time I set Ad-Aware to run a scan at every system startup, removed access to IE and told her to use Firefox. This time, she went schizo and I had to shout her down and get someone else involved to point out to her that using IE was a bad thing.

Normal users don't care. End of.

Re:Non-techies don't care

[rpozz]

If someone won't follow your advice, whoever they are, then you can't (and shouldn't) help them.

The web browser is only half the problem. The fact that people will happily run any .exe they get their hands on is the other half. While I think that MS has to take most of the blame for the current situation of Windows's security, teaching users a bit of common sense can go a long way.

You're absolutely spot on about normal users not caring. They'll happily let their system turn into a spyware-infested zombie, and only complain when it actually completely fucks up. They don't care and don't understand the damage a broadband connection can do to others when compromised.

Re:Non-techies don't care

[CableModemSniper]

Your mother didn't seem to not care, she seemed violently anti-firefox (or Mozilla). I can understand prefering IE for whatever reason (familairity, etc.) but why be like "I don't want any of that Linux crap", and go 'schizo' the second time? Ok, you did remove access to IE which could piss her off legitamently but 'schizo'?

Re:Non-techies don't care

This time, she went schizo and I had to shout her down and get someone else involved to point out to her that using IE was a bad thing.

Ummm, no offense, but it doesn't sound like spyware is the #1 problem here...

Re:Non-techies don't care

[mrscorpio]

Why help her? Sounds like she has other issues besides computer ignorance...

Re:Non-techies don't care

[ratboy666]

So your Mom went to the trouble of downloading and installing 1000 programs?

Wow, that's industrious, and she should be commended.

Ignore it, and get on with your life. The CORRECT answer is, as always, that computers just get old, and slow down. There are SPECIALIZED shops that can give them a tune-up, and you don't have the equipment.

Keep repeating that. You KNOW you can't win this battle.

Ratboy.

Re:Non-techies don't care

[freeweed]

Odds are, she installed a couple/half dozen programs. Some of the adware out there will set itself up almost like a mini distribution server, and install everything else under the sun.

ie: install program A. A installs B, C, and D. Each of those install 4 other programs. Repeat ad nauseum.

The rest of what you said, however, is spot on. I've stopped giving free technical support to friends and family who think they know better than me. If you ask for help, then ignore that help, you're on your own. Fortunately, my folks trust me pretty well and have been enjoying tabbed browsing for a few years now.

Re:Non-techies don't care

[slavemowgli]

Normal users may not care, but normal users who don't care, get infected big time and *still* refuse to use better alternatives deserve it. :)

Re:Non-techies don't care

[pikine]

Any reasonable person *would* care if she understands that spyware and adware is having a negative impact on her experience online and, in general, using a computer; and that she is willing to keep her computer in shape. However, I think your mother has a strange case that is not representative of non-techies.

Even techies can be unreasonable. I have an uncle who works for a respectable software company that sells asset management products, and he is whole-heartedly loyal to Microsoft. He has for more than one occasion expressed disgust in Linux and free software. I have to give him credit for keeping his computers in shape even though he uses IE exclusively, but I now avoid any computer talk whenever I can't avoid talking to him.

But his daughter, my little cousin, being technically unprejudiced, really enjoyed playing Ksokoban and the Potato Guy.

Re:Non-techies don't care

[TheMCP]

My mother got a new PC about Feb last year, it had XP installed on it (not by me) and since her Internet access would be coming through my PC through NAT, I asked her to install Mozilla on it to stop her getting malware. She immediately told me she didn't want "any of that Linux crap" on her PC.

My neighbor has been giving me free internet service at home for years. We have a very simple deal. He gives me free service, and I agree not to use Microsoft Windows on his network. If I want to use Windows that's fine, I just have to get my own network service for it.

I think it's about time you tell your mom that if she can either choose to respect basic security procedures (like using Firefox), or get her own internet connection and pay for her own technician to maintain her machine.

Re:Non-techies don't care

[mvdw]

Is it your network? It might be her computer, but I wouldn't let it on the network if she wouldn't comply. I don't let my kids or my wife on the network while using IE. There's this wonderful thing called an ethernet plug that I can disconnect whenever they don't comply...

Re:Non-techies don't care

[bnenning]

She immediately told me she didn't want "any of that Linux crap" on her PC.

That's just wacky. Is your last name DiDio or O'Gara by any chance?

Re:Non-techies don't care

[strikethree]

Ignore it, and get on with your life. The CORRECT answer is, as always, that computers just get old, and slow down. There are SPECIALIZED shops that can give them a tune-up, and you don't have the equipment.

Insightful? Computers "get old and slow down"? WTF? A computer runs at the same speed it always has. It does not have arteries that harden.

Maybe what you meant to say is that Microsoft based operating systems tend towards disorder and appear to operate slower as the internals of the operating system creep towards a disjointed state? Regardless, there is only one solution: reformat and reinstall. Nothing specialized needed.

strike

Re:Non-techies don't care

[Deeze]

"Maybe what you meant to say is that Microsoft based operating systems tend towards disorder and appear to operate slower as the internals of the operating system creep towards a disjointed state? Regardless, there is only one solution: reformat and reinstall. Nothing specialized needed."

Yes, this is what the appropriate language would be to those who understand what you're talking about, and where you're coming from.ll although..
what he said...
"computers just get old, and slow down. There are SPECIALIZED shops that can give them a tune-up, and you don't have the equipment."
IS the absolutely correct answer to someone you are tired of mucking about with, that do not want, or care, to understand what you're saying. That was his entire point. It was not to be technically accurate.

Claria and HomeSec

[Tackhead]

> An thanks to Microsoft it looks like *every* Windows computer will be infected with spyware in the next veriosn of Windows.

Gator, er, Claria, is not spyware.

Gator CPO at the Department of Homeland Security.

D. Reed Freeman, the "Chief Privacy Officer" of Claria Networks (formerly Gator), the creators of the pervasive spyware package GAIN, has been appointed to the Department of Homeland Security's "Data Privacy and Integrity Advisory Committee"

Legitimized by Microsoft and with representation on HomeSec DPIAC, Gator is now officially securityware, Citizen!

And if you've got some sort of problem with that, take it up with the boss, namely HomeSec's Chief Privacy Officer. She's none other than Nuala O'Connor-Kelly, formerly of Doubleclick.

What's with the head-on-desk-thumping motion? I'm not demented enough to make this shit up!

Re:Just buy a Mac :-)

[FLAGGR]

Uh, the power of unix and the power of microsoft office? What the hell? Mac's are not immune to viruses or spyware, why do you think there are security updates in Software Update? Having a "proprietary user interface and hardware" doesn't stop you from having a blue screen of death, the fact that OSX isnt windows and doesnt have the "blue screen of death" in it is what prevents it. Hell, have you ever had a kernel crash? Those are the same thing (when the screen fades, and a bunch of different languages all saying 'your fucked' (or 'reboot', i can never remember) show on the screen)

Don't troll windows users into switching to mac, I may like it, you may like it, but if theyre fine using windows then let them bitch about spyware.

EULAs, Bill Riders

[Marc2k]

Why exactly is that allowed? At least make the bastards advertise it on par with the 'features'.

Because for legal purposes, they're implicitly required to make you agree to a license agreement, which in most cases does state that, by default, or sometimes as a requirement of the license, they'll be installing the adware on your system.

By contrast, there's no requirement for a company to offer a "feature set" on their website, or anywhere else. I suppose you're proposing something like a Surgeon General's warning on cigarettes, but that seems like overkill to me, and I do hate ad/malware.

But more importantly, this sort of thing is exactly how the legislative branch of the US government works: "Sure, you can have this bill, but we're going to tack on some of our own additions that you probably haven't had time to read." Adware in EULAs Riders on bills. While again, I do hate adware, I really suggest we rout this process from our respective lawmaking bodies before we concentrate on [wah, wah] consumer electronics.

BBC news version

[richardablitt]

BBC news have also run a similar story recently.
http://news.bbc.co.uk/1/hi/technology/4659145.stm

Also says that 90% of Americans have changed their surfing habits, so it can't be all bad...

Re:BBC news version

I found it amusing that an article about spyware on Microsoft Windows has a photo of someone sitting in front of what appears to be an Apple monitor circa 1990.

Reason to switch..

[concept10]

Spyware, malware, viruses and any other non-intended features of Windows made it easy for me to switch to Linux for everyday normal desktop use. I believe this is a major reason for users to switch if you are not dependent on Windows only applications. Besides, running Norton Antivirus was consuming alot of resources and slowing the entire system down. It's great not to worry about malware running in the background. I think is was interesting that Intel's CEO said that he spends the weekend cleaning his daughters computer of spyware and that people should switch to Apple (before the official announcement) Bottom Line, switch to some *nix based OS.

surveyed, eh?

The project surveyed 2,000 people by phone in May and June.

Now wherever could they have gotten the names and phone numbers of those people?

The internet is out of control...

[Thaidog]

It's like talking on a phone that's always tapped... but not by the police... by somebody who, you guessed it, want's to take advantage of you. I think it's time that big business stopped looking at the interent as there sole posession and way to make money and started treating it like a personal extension of one's privacy.

get it right!

[SolusSD]

I'm sick of people not using the correct words when referring to malware. i'm sure you've all heard the line "I need adware for my computer" or "I need spyware" when they are referring to removal tools. also, contrary to the article:
Adware: A program that displays ADs on your computer.
Spyware: Tracking software that may work in conjunction with Adware for targeted advertising
Malware: All of the above

Re:get it right!

Annoyware: iPod pyramid schemes in Slashdot sigs.

Schmuck.

welcome?

[Spy+der+Mann]

If anyone here dares to welcome our new spyware overlords, I'll revoke his geek license and kick his first post to where Soviet Russia welcomes YOU!

Re:welcome?

[mvdw]

In Korea, only old people have a geek license.

MS Bashers Get off it

[Sir_Eptishous]

First off, I love Linux, have been using it since '99 (SuSE, RH, FC, SlackWare), still use it constantly, am part of a local Linux users group, etc;
HOWEVER, I'm sick and very tired of many posters here on /. acting as if the use of any MS product or platform is somehow a cardinal sin and an open invitation to get \cr@cked\.

Give me a freekin break. First off, I agree that Windows is less secure than Linux out of the box. But with the proper configurations and preparations (which I won't go into because we all know what they are) a WinXP box is a very useful tool and can be used safely in an internet connected world.

Yes, your typical user who buys an HP from CompUSA or where ever will most likely not know how to tighten up their box and connection. But this isn't solely MS's fault. The culture of technology we are now immersed in requires constant learning and updating of even the most mediocre of technical skills to use our devices safely and correctly. Most people in our society don't find this an _acceptable_lifestyle_.

They simply want something akin to a Television.
Turn it on and change the channels!
Until a 'safe' internet device is used by the masses, malware and its kind will continue to proliferate.

The government needs to do more? Users do!

The government needs to do more? The same government that seems to be for sale to those with the money? ...copyright...patent abuse...spying on own citizens in the name of fighting terrorism.
The government needs to do less.
The users need to do more. They need to educated themselves. Keep antivirus, antispyware and antiadware up to date, don't open email attachments. Use web browsers that block pop ups and software installs. Don't download crap. Turn off unneeded services, ports.
Actually BACK UP their DATA. ----
That's the biggest problem where I work. The users are responsible to back up their own data. Oh, the data must not have been important to you since you didn't think it important enough to have a back up...and before you say that should be the IT departments responsibility, I work at a University where in the name of academic freedom the Profs have administrative rights to their own computers and don't want their data residing anywhere they don't control. Along with freedom comes responsibility!!! This applies to home users to.
Of course I am preaching to the choir here on /.
I'm going to have to get some of them O'Really shirts that say....
"Distributing CLUE to USERS"

Re:The government needs to do more? Users do!

[Professr3]

I have 300GB of data on my system. How would you suggest I back that up? 60 DVDs? 320 CDs? >40 tapes? Spend 300$ or more on hard drives to back up the data onto? Seriously, with the large amount of media content on today's PCs, finding mass media cheap/large enough to back it all up can be a real challenge.

+5 Interesting?

Re:The government needs to do more? Users do!

It all depends on how important the data is to you. For people doing research, yes I recommend a external hard drive. When they configure a new computer I tell them to factor in the cost of an external hard drive. You always want your data in more than one place. CD-Rs, DVD-S, external hard drives, if you have important data then you also want to preserve it. You never know when a Hard drive will fail mechanically, let alone lose it do to computer infection, brain fart deleting it.
BACKUP BACKUP BACKUP.
If your data is not important, well then don't worry about it.

Re:The government needs to do more? Users do!

[Armando_Mcgillicutty]

Start dealing with that many DVD's/CD's/Tapes/whatever and it's obviously a major hastle. However 500 gigs of hard disk right now costs roughtly $250.. So I'd say if that 300GB of data of yours is worth more than $250 to you, then you have your answer. As for me, I have 40 or 50 gigs of pictures that (to me anyway) are worth that $250 price tag many times over. (Really they're irreplaceable, and I'd bet much of your stuff is too.) But hey, if you want to tempt fate just for the sake of saving a couple hundred dollars, that's up to you.

Re:The government needs to do more? Users do!

An even better idea is to set up hardware RAID mirroring on the computer AND use external hard drives in addition. Really, hard drives are CHEAP these days. About 10 years ago I paid over $300 for a 1 GB scsi HD. Today that same $300 buys about 500GB ATA. It PAYS to back up important data.

Re:The government needs to do more? Users do!

Come on, although that is a lot of porn, it isn't anything that can't be replaced. Give me a fat enough pipe, and I could get 50GB of porn in a matter of hours.

True...

[Otto]

People ain't up to the task of using a computer. Most people are frightened, they have no idea what's going on... they merely repeat cryptic memorized sequence of actions to do everyday tasks but they are just not "getting it". Sad news: this is unavoidable, a gap is going to widen between people.

After dealing with this sort of problem for years, my conclusion is that there are two types of people in the world:
a) Those who need instructions and learn new things by learning those instructions, and
b) Those who don't need instructions and learn new things by grasping the underlying behavior behind the system.

That's basically the difference. Most people aren't stupid, but a lot of them fall in the type A category above. These people have trouble with computers. They also have trouble trying to, say, fix a car. They cook by reading a receipe and following those instructions, possibly introducing minor variations on that theme. This basic underlying behavior applies to all facets of everything they do. They're not incapable of learning, but they need some form of step by step to learn it from.

But a type B person figures out how the thing works and then works his way up to how to do specific things. A lot of auto mechanics fall into this category. All "hacker" types do as well. A large number of your better chefs do too. They grasp the basic principles behind whatever it is they do, and then simply figure out the specifics each time, based on their knowledge of those principles.

That's my opinion, anyway.

Re:True...

[simonecaldana]

Follow instructions is not learning.

Re:True...

[JudicatorX]

So finding out how to do something and remembering how to do it by reading instructions isn't learning?

Re:True...

[Lovesquid]

I'd like to add that the type A people above can accomplish things by learning the step by step process, but they do not really "learn" things by doing this until things finally click and they actually begin to understand the underlying behavior behind the system that the type B people catch onto early on. They have to do the process over and over and it's not until they start to think about WHY what they are doing works that they really start to learn anything.

I'd also add another category of person (C): the apathetic and lazy who just don't want to learn anything unless forced to do so, even if you throw it in their faces.

Re:True...

[Otto]

I see his point, in a way. It really depends on your definition of "learn". Type B people don't generally consider the word "learn" to be equal to "rote memorization", sort of thing.

I would argue that Type A people are learning the instructions and not the system. Memorization is learning, to a minor degree. You can't learn things without remembering them.

Re:True...

[mvdw]

Type A people are better suited to college courses like arts, law, business administration, etc. Type B people are better suited to college courses like science, engineering, IT, etc. Different strokes for different folks.

I'd never thought of exactly the way the GP described before, but it certainly explains a lot about the way my step-doughter cooks (can't do it without a recipe, while I can't do it with a recipe.

Re:True...

[Arthur+B.]

Thank you for phrasing it so clearly. That is precisely my opinion. Btw, my parents fall in A... *sigh* Give a man a shell command, he will be happy for the day... give him man pages, he will ask you for the command anyway.

Don't necessarily want?

[NitsujTPU]

although they don't necessarily want the adware.

That seems to infer that there is a group of people that do want it.

Re:Don't necessarily want?

[Dunbal]

That seems to infer that there is a group of people that do want it.

That would be the people that created it...

Re:Don't necessarily want?

[Redwin]

Ooh Oooh me me! I want it! It will be like my computer is talking to me! After all its Bonzo buddy so he must be friendly!
And all those popups, its like a big game where you get to try and close the windows faster than the computer can display them! I got 50 today but am hoping to beat that score tomorrow. Also this nice girl called Jenny says she wants me, but I've been having problems with my computer and can't get online to talk to her.

Re:Don't necessarily want?

[warbital]

I work at the IT department at my school and we've actually had people come in and tell us not to remove the add ware on their machine. One person even said that they liked it. It's an engineering school to top it all off.

Re:Don't necessarily want?

[program21]

Having recently graduated from an engineering school myself (technically, an "institute of technology") I can say that attending such a school doesn't mean that the people in it with you are all computer-savvy (though I'm willing to bet it's a much larger percentage than at a liberal arts school). I know people getting/with degrees in Computer Science and Computer Engineering who have no idea what they're doing at a computer (hell, some of the CS majors can't program!).

They were probably cookies

[crovira]

and they are inert and only serve to preserve any state information on the site you were visiting as you were visiting it.

Cookies are inherently safe since they couldn't send any run-time state information that the browser didn't have access to.

Stopping it is easy.

[SSHGuru]

There is software that can scan every page you go to and warn you and block this stuff.. ViewSmart by ViewFour.com is Web-based software that visually displays search results found in Google, MSN, eBay, and other search/e-commerce engines in a multi window environment (2-50). By visually displaying results you get to see your searches rather than having to click back and forth through them. This slick new method of searching the Web also removes the potential dangers of surfing the NET. The software scans each Web page prior to displaying it and stops all hidden and or malicious files from being automatically downloaded without your knowledge. If a page fails the scan, a large red border and stop sign will appear around the window. This means you are protected from contracting viruses, adware, spyware, and other forms of malware while surfing the Web. http://www.download.com/ViewFour-com-ViewSmart/300 0-8022_4-10406154.html?tag=lst-0-2

$129 to fix

[MrToast]

Well of course it costs $129 to fix. That's the price of Tiger. Duh.

Re:$129 to fix

[CausticPuppy]

Well it'll be at least $499 if you want to include the hardware required to run Tiger (still worth it, IMO).
If Tiger only costs you $129, it means that you already have a Mac, and you aren't concerned with spyware to begin with.

That will all change if we will be able to install x86 Tiger on non-apple machines...

Securityware

[MarkByers]

'Securityware' or 'Security? Where?' ;)

Seriously though, your post is interesting - I hadn't heard of the term 'securityware' being used before, especially not for malware. I guess that Microsoft will try to spin this into a good thing, if they can't keep it quiet.

Adware/Spyware

As a small business owner I find that the vast majority of people that bring their computers in do so because of either adware/spyware (which I consider to be the same) and/or viruses.

No one tool can remove it all. Microsoft's and AOL's tools are the worst at removing it. Do a test. Remove all that these guys find and then run spybot search and destroy or ad-aware. Then look at your system with HijackThis and cwshredder. Then use the yahoo anti-spy toolbar and a couple others. You'll find that Microsoft and AOL missed the vast majority of the infection.

Now onto what I am really posting about. Adware/Spyware is almost never legitimate. It is an invasion of your computer and your privacy in almost 100% of the cases and here's why.

Adware brings more adware and spyware brings more adware/spyware. Viruses bring more viruses. Viruses bring adware and spyware. The circle is viscious.

Virtually 100% of all adware and spyware get onto your computer without your acknowledgement, and without you understanding the potential impact of it. Since virtually ALL adware/spyware bring other products down to your computer (either directly or indirectly) of which you never agreed to, they are not legal and are illegitimate.

Adware/spyware almost never has an uninstaller. For those that do they almost never get rid of themselves completely, nor do they remove the other malware that they installed behind the scenes.

For those that give you an uninstaller they typically put you in a loop or force you to visit some other location where you have the potential to download and install more adware/spyware.

Many spyware/adware put some mechanism in place to keep you from removing it. This means that if you try they may disable some feature, such as your ability to access the internet. They may reinstall themselves when you try to uninstall or manually remove them.

Since these product are in fact illegal in virtually every regard their intent is not to present you with ad but to be illegal. With that intent they are liable and I would think that anyone participating in it are liable under the new Supreme Court ruling (ala, even if they purport to be legal and have legal uses if their intent was illegal then they can be held liable).

On any given day when I clean a system of adware/spyware I see all the above. Amost none of the customers I have that are infected know they have it or agreed to it (or at least knew they were agreeing to it). None of them have the skills to verify something has been removed completely. None of them realize that the product they may have agreed to installed the adware nor that that adware went and got other packages and installed them behind the scenes on their computers.

Adware and spyware bring trojans and keyloggers. These programs are not innocuous presenting just ads. They are meant to monitor and steal what you are doing and some of them are extremely dangerous to your identity.

I would say that 100% of all adware/spyware is illegal in some sense. The reasoning is that they

1) bring other malware down without your knowledge or agreement.

2) don't provide uninstallers and when they do they don't uninstall completely.

3) you never knew that they were being installed.

A good 90% of those machines that come into my shop are infected. Sometimes I discover them as I am trying to resolve other problems. They contribute to massive slowdowns.

I've had them installed on young children's computers. A 12 year old girl had such a massive infection that it took days to get rid of it all. It wasn't just one program it was a large number of programs. These brought viruses, trojans, keyloggers, spyware, adware, x-rated toolbars, links, etc. All on a 12 year old girl's computer who just wanted to enjoy her experience on the web. How can that, in anyway be considered legal.

Pffft..

[sandman935]

If a company does it, it's called malware. If one of you did it, it's called a virus and you'll be prosecuted.

Re:Pffft..

When companies bundle malware with installers for other apps, like screen savers, its typically mentioned in the EULA.

Malware that uses browser exploits and similar are just as illegal as viruses.

More intesting from the AP

http://news.yahoo.com/s/ap/20050707/ap_on_hi_te/sp yware_worries "Fear of Spyware Changing Online Habits"

Eighteen percent of U.S. adult Internet users have started using Mozilla Firefox or another alternative to Internet Explorer.

So why do I always see IE as having a 90% or 95% "market share?" Is the reported survey wrong, the reporting of the survey wrong, or should people start writing their web sites to standards rather than to IE?

-mcgrew

Re:More intesting from the AP

[Dunbal]

Is the reported survey wrong, the reporting of the survey wrong,

"Surveying" is perhaps the least accurate, and the most bias prone method of collecting scientific (term used loosely) data. Two major problems being that the questions themselves and the way they are asked can be very misleading, and the second is that you are forced to assume that people are 100% honest. At the end of the day, you simply cannot turn subjective data (what people tell you) into objective data just by turning it into numbers and playing around with them.

So don't be surprised if the survey and/or its reporting has little relation to the "real" truth.

I run Linux

[Colin+Smith]

A "Power user" on windows? That's a laugh.

Linux: No spyware. No adware. No viruses.

Do you know why sex exists? It exists to mix our genes up so that we are not all clones of one another, this is so that bacteria, viruses etc can't wipe out the entire race in one fell swoop. Finding a mate and having sex became less hassle than trying to fight off all the diseases out there trying to kill us. And we all know what a hassle finding a mate and trying to get laid is.

Monocultures are *perfect* for the spread of disease. Windows on the desktop is a great monoculture.

Re:I run Linux

[sandman935]

The only reason you do not have spyware or adware or viruses is because Linux is relatively unpopular.

Re:I run Linux

[JWW]

C'mon thats a lame excuse. Also it really dosen't address the Monoculture commet above. Until the monoculture is addressed using Linux IS statistically safer.

Also people don't normally surf the net logged into their Linux boxes as root, but do surf as administrator almost all of the time in Windows. The user handling in Windows has always been a vulnerablitity. Windows is only now staring to move past its multi user bolted onto a single operating system design. And in so many of their operating systems Administrator rights are required to do even the simplest things. I remember when NT first came out that administrator access was required to change the desktop wallpaper, and that was just ridiculous. Run as root gets closer, but its still not quite right.

Re:I run Linux

[Colin+Smith]

No, you are incorrect. It is one of the reasons but not the only reason by any means. It is different and writing software to run on different systems is difficult.

This is the same reason viruses don't infect everyone, each person is different, the viruses code isn't as effective on different people and the spread is slowed or halted. Exactly the same effect is possible within computer systems.

Re:I run Linux

[wgaryhas]

And it is because of comments like this on slashdot that I decided to set up and run my Windows computer with user access by default. (Adaware and such only find an occasional cookie.)

Biggest issues: Unreal Tournament 2004 can't save your info for single player unless you are in admin mode, and pretty much any other game that saves progress. And you can't download patches for MMORPGs without running them in admin mode. (At least they have a run as option so I can just run those few things as admin)

Re:I run Linux

[GeckoX]

It doesn't really make much sense to disagree with someone, and then prove your point by backing up that which you disagree with.

Very strange really.

Re:I run Linux

[sandman935]

Sure it's lame, but Linux is statistically safer because there is statistically less people using it.

If the positions were reversed and most people used Linux, I suspect that Windows would enjoy less viruses, less spyware, less malware.

Re:I run Linux

Yeah, that's true that Windows is wayyy more popular than any other OS. We all know that. But it doesn't change the fact that Windows is still a very insecure OS. It also doesn't change the fact that Linux and other *nix's are inhospitable to viruses from the get-go.
So, yeah, as Linux grows we'll see a few more problems with viruses, but even if the OS were as popular as Windows, I doubt we'd ever see the same threat that Windows gets just besause of the way the OS is designed to begin with.

Re:I run Linux

[fa2k]

Most malware would probably be happy with user access only -- they'd just have more trouble hiding. There isn't as much difference between the two os'es (linux, windows) as one would think. The OSS development process is the most obvious difference. Patches are made more quickly. The problems include the classical security vs. usability and PEBKS (sp?, dumb users anyway). (I'm tired of posting anti-linux and looking like an M$ fanboi, I really like Linux, pro OSS propaganda coming up soon :P)

Re:I run Linux

[JWW]

Good for you! More people need to do this. But it should be easier for you to do this.

I do understand where installing updates should be an admin task, but windows needs better mechanisms for this. And their mechanisms are getting better, but you can still see the signs of being built from a single user system.

Re:I run Linux

[JWW]

But the point is that there is a monoculture where basically every system has the same vulnerability to attacks, and attacks targeted at that system can be effective.

Eliminating the monoculture will require the need for the viruses to adapt to the other systems in the environment. Widespread use of Linux (or OS X) would make widespread infection of PCs much harder.

Agruing that if the situation were reversed is irrevalent, the situation is not reversed. Also, early adopters of alternate systems from a monoculture will naturally encounter the longest timeframe between the attacks against the monoculture and the switch by attackers to heterogeneous environments.

Basically it comes down to this. Sure, if everyone switched to Linux, it would get attacked more (I still think its less vulnerable), but if YOU switched and everyone else didn't you wouldn't get attacked as much.

Re:I run Linux

[colinrichardday]

Not really. Even if many more people ran Linux, they would still run different distros with different mail clients.

They also might not run as root all of the time.

Re:I run Linux

[colinrichardday]

Even ignoring difference in the OSes themselves, Linux users would be safer in the sense that a virus might only work with certain distros/mail clients/whatever. It's not just that Linux isn't dominant; it's that Linux itself is not a monoculture.

Re:I run Linux

"basically every system has the same vulnerability to attacks"

That's just nonsense.

Re:I run Linux

[drsmithy]

Unreal Tournament 2004 can't save your info for single player unless you are in admin mode, and pretty much any other game that saves progress. And you can't download patches for MMORPGs without running them in admin mode. (At least they have a run as option so I can just run those few things as admin)

A safer way (at least with regards to saving, may not work for patching) is to find the files/directory the games try to write to that they shouldn't be (will probably be in the program's directory) and make them writable by your user. That way you can still run the game as a regular user and not worry about any network related exploits in that game making your whole system vulnerable.

You should also file a big report with any developer stupid enough to write their software such that day-to-day usage requires writing to files outside the user's home directory.

Re:I run Linux

[drsmithy]

[...] it's that Linux itself is not a monoculture.

It is at the level that matters for this sort of thing. How many Linux machines do you see without perl, bash, sendmail (or equivalent), etc installed ? Heck, it's not often you find a Linux machine without gcc installed.

Re:I run Linux

[Deeze]

fetching worm!!11one1.bin .......
unpacking .......
unable to install .......
worm!!11one1.bin unsatisfied dependancies grub!!11one1.1.0, libbeetle.so

Re:I run Linux

What about the daily patches required to play MMORPGs? Should each user on that computer have to download them separately?

Personally, I think there should be a way to allow a specific exe write access to a specific folder as part of the installation process.

Oh, and giving user write access doesn't work on everything. Some applications try to change a registry setting each time it is run.

Re:I run Linux

[colinrichardday]

And how many vulnerabilities do perl, bash, gcc, etc have? Also, even here one has alternatives (python vs. perl, zsh vs. bash). And what is the level that matters? Does Microsoft Windows need these to attract malware?

When you say sendmail (or equivalent), do you know if other mail servers would share sendmail's vulnerabilities, if any?

Even if gcc has no alternatives (is the kernel ANSI compliant?), is it the sort of thing that script kiddies could exploit?

Re:I run Linux

[drsmithy]

And how many vulnerabilities do perl, bash, gcc, etc have? Also, even here one has alternatives (python vs. perl, zsh vs. bash). And what is the level that matters? Does Microsoft Windows need these to attract malware?

You miss the point. It's not the vulnerabilities, it's what all those tools allow you to do. There's more than enough capabilities - just from the basic tools installed on nearly every unix box you'll ever use - to do the things most pieces of malware want to do.

When you say sendmail (or equivalent), do you know if other mail servers would share sendmail's vulnerabilities, if any?

Nope, but I bet they've nearly all got a sendmail-compatible mode for $PROGRAM to generate and set a shitload of emails.

Even if gcc has no alternatives (is the kernel ANSI compliant?), is it the sort of thing that script kiddies could exploit?

It makes it pretty easy to get whatever software you want running on the machine.

Software vulnerabilities are not the primary problem - on all platforms they're relatively uncommon (particularly remote exploits). The biggest problem is end users, and their penchant for doing anything a random email or web page asks them to do so they can get at teh free b00bies. This is the point I was trying to make - from the perspective of end users running "stuff", linux (indeed, unix in general) is more than homogenous enough.

Re:I run Linux

[colinrichardday]

Hmm. . . And would such end users run things like gcc? It may be possible to get unsuspecting users to compile programs, but why bother? Why not just have them load the executable instead?

Again, the same with sendmail and such. Would these users run mail servers (as opposed to clients)?

As for the naivete of the users, doesn't Linux have better separation between regular users and root? Granted, Linux will not stop end users who run as root from toasting their systems, nor will it stop non-root users from toasting their owen accounts. If Linux develops Microsoft levels of market share, more experienced users will have to warn newer users about such issues.

Maybe what malware needs more than scripting languages are mail clients and browsers that have deep hooks in the OS. Linux doesn't have these.

Re:I run Linux

[drsmithy]

And would such end users run things like gcc?

No. The shell script they received in an email and executed would.

It may be possible to get unsuspecting users to compile programs, but why bother? Why not just have them load the executable instead?

Because the executable might not be compatible across systems.

Again, the same with sendmail and such. Would these users run mail servers (as opposed to clients)?

Most unix systems have a mailserver running to handle local mail delivery, even if the end user never knows about it nor deliberately enables it.

Sendmail - or equivalent - is the rough unix equivalent to those MAPI APIs that allow Windows applications to send mail.

As for the naivete of the users, doesn't Linux have better separation between regular users and root?

It's irrelevant. You don't need root access to do just about everything malware wants to do. Most malware /today/ breaks with a regular user account because it is written under the assumption the user is running as Administrator. However, higher privileges are rarely a functional requirement - expect to see more malware in the future start working under regular user accounts.

Not that root access is particularly hard for a program to obtain with the fancy new GUI sudo programs that get around these days conditioning users into typing in their password whenever a box pops up. Just raise a password request with a vaguely authentic sounding reason and voila, you've got root.

If Linux develops Microsoft levels of market share, more experienced users will have to warn newer users about such issues.

Pffft. "More experienced users" rarely deign to try and impart wisdom _today_, let alone in the future when they're even more outnumbered.

Your inherent assumptions that regular users will be prepared to listen, or that the "advice" will come in an understandable form, is also rather optimistic.

Maybe what malware needs more than scripting languages are mail clients and browsers that have deep hooks in the OS. Linux doesn't have these.

These "hooks" are no "deeper" in Windows than they are in any other OS.

Re:I run Linux

[colinrichardday]

So Microsoft lied when it said that Internet Explorer was part of Windows?

Also, if executables aren't compatible across systems, doesn't that mean that Linux is not a monoculture?

Also, do you have any real evidence that Linux users would act this way, or are you merely extrapolating from Windows users?

Re:I run Linux

[drsmithy]

So Microsoft lied when it said that Internet Explorer was part of Windows?

No.

Also, if executables aren't compatible across systems, doesn't that mean that Linux is not a monoculture?

I have already explained how Linux is enough of a monoculture. Applications standard to just about every unix machine on Earth provide more than enough functionality for malware.

Also, do you have any real evidence that Linux users would act this way, or are you merely extrapolating from Windows users?

Users do silly things. The platform they choose to do them on is but a minor detail. Linux will not magically make people stop doing silly things.

Re:I run Linux

[colinrichardday]

The question isn't whether users will or will not do silly things. The question is what silly things will the OS let them do.

Also, on your previous claim that script kiddies will try to get users to compile executables, good luck trying to resolve the library dependencies (or will the script kiddies include their own libraries?).

And you really have not explained how they will exploit the rich scripting/programming environment of Linuz.

Re:I run Linux

[drsmithy]

The question isn't whether users will or will not do silly things. The question is what silly things will the OS let them do.

And the answer, of course, is anything they want - because otherwise those computers wouldn't be very useful.

"Silly" - like "malicious" - is a matter of context. Computers aren't very good with determining context.

Also, on your previous claim that script kiddies will try to get users to compile executables, good luck trying to resolve the library dependencies (or will the script kiddies include their own libraries?).

I made no such claim.

And you really have not explained how they will exploit the rich scripting/programming environment of Linuz.

Much the same way they do on any other platform.

Re:I run Linux

[colinrichardday]

You made a similar claim, as I asked why a compiler would help the script kiddies, and you replied that executables might not be compatible across platforms. OK, but the requisite libraries might not be compatible across install.

Many Windows users trigger viruses/malware by browsing with Internet Explorer. How are going to do that in Linux?

Re:I run Linux

[drsmithy]

You made a similar claim, as I asked why a compiler would help the script kiddies, and you replied that executables might not be compatible across platforms.

Actually I used compiler ubiquity as an example of how Linux has enough of a monolculture for it to be a vulnerability.

OK, but the requisite libraries might not be compatible across install.

Which libraries are you thinking of that might not be compatible ? Why do you think it can't be handled in the same way such "incompatible libraries" are handled by the vast numbers of other programs that can be easily compiled across multiple unixes ?

Many Windows users trigger viruses/malware by browsing with Internet Explorer. How are going to do that in Linux?

Exactly the same way - with a buggy browser (or other software).

Re:I run Linux

[colinrichardday]

And what Linux-compatible browser is as buggy as Internet Explorer?

Also, a program might require libfoo.so.3 and the user has libfoo.so.2. Some software won't compile.

Re:I run Linux

[drsmithy]

Are you a lawyer ? If not, you might consider a career change...

And what Linux-compatible browser is as buggy as Internet Explorer?

Doesn't matter. We're talking about principles, not specific examples.

Also, a program might require libfoo.so.3 and the user has libfoo.so.2. Some software won't compile.

Indeed it mightn't. Just like some pieces of malware only work on certain versions of Windows.

Although I'd have to wonder what specialised libraries you're thinking of that malware will be after.

Re:I run Linux

[colinrichardday]

It doesn't matter? But it's not simply that no single Linux browser is as buggy as Internet Explorer, it's that there is no single Linux browser as dominant (in Linux) as Internet Explorer is in Microsoft Windows. Even if script kiddies could exploit one browser in Linux, users could choose others, and competitive pressure would force the developers of the exploited browser to fix it or lose users.

And what principle are you talking about?

Re:Just buy a Mac :-)

[Zemplar]

"Don't troll windows users into switching to mac, I may like it, you may like it, but if theyre fine using windows then let them bitch about spyware."

Agreed!

You'll have to excuse me now, I'm off to collect another $129...

I'm pretty sure...

[misleb]

I'm pretty sure the actual percentage of adware/spyware infected users is well above 59%. The question is, do they notice it? Probably not. I would figure the percentage is closer to 90% for regular Windows internet users.

-matthew

I agree

Total number of Mac OS X viruses: zero

Good enough for me.

Re:Just buy a Mac :-)

What utter bullshit. Macs, Linuxes, BSDs, and other things like that are more secure. For one thing, you don't need to run as admin to get software to even work, unlike on Windows, and therefore almost all users DON'T run as admins. This means that it's much harder for the malware to get installed.

Get over your Stockholm Syndrome.

Ironic

[jsmith8858]

If every single byte of technology for windows, Linux and MAcs where the same, but the market share was 45% Linux, 45% Mac, 10% Windows, the Windows users would be the "cool" hacker group making fun of those linux/Max "newbies" who have to deal will so many viruses/adware/security violations every day.

Re:Ironic

[Dunbal]

the Windows users would be the "cool" hacker group making fun of those linux/Max "newbies"

Rubbish.

When is the last time you changed the windows kernel and recompiled it? What disk is the Windows source code on? Remind me again what compilers Windows comes with? Oh sorry, market share is the ONLY factor that makes linux cool...

Re:Ironic

[I+confirm+I'm+not+a]

...the market share was 45% Linux, 45% Mac, 10% Windows, the Windows users would be the "cool" hacker group making fun of those linux/Max "newbies" who have to deal will so many viruses/adware/security violations every day.

Just like those uber-cool IIS operators make fun of those daft Apache admins, having to put up with all the attacks on the Web's Most Popular Web-Server?

Disclaimer: I *use* Windows. I also use Solaris, Linux and BSD. They're all good - and bad - in certain areas. Unfortunately Windows' area of "badness" is security.

Re:Ironic

What Linux distro sets up regular user accounts with default administrative privledge (like XP Home)?

Microsoft - the choice of botmakers everywhere.

Re:Ironic

[mopslik]

If every single byte of technology for windows, Linux and MAcs [was] the same ...

... then I imagine viruses would be cross-"platform", and easily interchangable among all three.

Re:Ironic

I think what you're referring to is the fact that the purveyors of malware/virii go for the largest possible impact (hence the largest user base that could be infected). After all, I haven't heard of any infected comps running Windows 3.1 anymore.

Re:Ironic

[colinrichardday]

But Windows users would still have a dominant browser (IE) versus the choices available in Linux. So, 1337 Haxorz d00d, would you like to make a virus for konqueror running on SUSE 9.3, or some spyware for Firefox on Fedora Core 4, or maybe some adware for lynx running on Mandriva.

Even if Linux as a whole has such marketshare, it's not at all clear that the distros/applications would be that prevalent.

How malware affect normal user experience

[concept10]

My sister works at a medical admin office and the manager has implemented the perfect Windows security policy:

Remove all privleges for all employees. Can't access the internet or install applications. This was done after the manager recieved a virus via Outlook and she thinks she is the only person in the office with that may open attachments.

She may not know anything about infosec but is this an acceptable practice?

Re:How malware affect normal user experience

Put yourselve in her shoes.
What's cheaper:
-change the infection prone software and/or retrain everybody. Also patrol each PC for bad software.
OR
-cut off internet and make installs by end users imposible.

It all comes down to the mighty $.

Re:How malware affect normal user experience

[jimicus]

She may not know anything about infosec but is this an acceptable practice?

Maybe she doesn't have the formal training but she's hit the nail more-or-less on the head. If you want a secure system for a number of users, a common technique is to start out by working out exactly what each of those users needs in order to do their job. Differentiate between "would like to have" and "needs" - and playing Solitaire or browsing the web over lunch aren't necessary in order to do a job.

Then you take your computer (be it running Windows or Linux) and you nail it down so thoroughly it's no more than a screen you can move a mouse around on. This is quite doable with policies in a Windows domain.

Final stage, you go back to your "list of things the user needs to do" and you set up their account such that it can do those things and nothing more.

The difficult bit isn't the computer system. The difficult bit is explaining to someone why it is their computer won't let them access the internet, click this attachment or run this program a friend gave them. This can get particularly difficult when it's non-technical management you're explaining this to.

Re:How malware affect normal user experience

[KC7GR]

"She may not know anything about infosec but is this an acceptable practice?.."

Their machines, their network, their rules. The owner/admin(s) for the network and systems in that medical office have absolute and total authority to implement any restrictions they want to.

So... I would say 'yes' to your question.

Keep the peace(es).

I have put my non technical family members on macs

[marika]

Since I didn't want to spend time cleaning my friends and family members' machines the mac mini made it perfect for me. I made my sister switch to a very inexpensive mac and voila.

Ordinary People

[MarkByers]

This article is not about how if you know how to tweak the registry, access the advanced administrator options, configure the firewall and download the correct (non-malware) 3rd party applications (web browser, mail client, anti-spyware and anti-virus) then Windows is secure.

We are talking about people that don't even know what half of those words mean. Is a default Windows install good enough for them to be able to keep their machines clean?

Statistics...

"From the article: "The study found that spyware has disrupted the computer lives of 43 percent of surfers.""

In an unrelated study, 57% of people are found to be liars.

wow, what a great idea

[rebug]

No, wait, the other thing. Stupid.

The last thing we need is more government involvment in what people do online.

Well I, for one,

welcome our new geek license revoker and first post kicker Overlord!

How funny

[billsoxs]

I just went to read the article at the Tribune and what did I get a pop under ad!

Re:How funny

[billsoxs]

article at the Tribune

==> article at the Sun Times

I never can remember the difference in the two main Chicago papers.

We all rip into Linux now and then...

[rinkjustice]

because of non-standardization issues etc, but malware isn't - and likely never will be - a problem for Linux.

Windows may be user-friendly, Mac OSX is a looker, but most Linux distributions have a good mix of what's important and are generally impervious to the datamining, spyware tricks out there.

Maybe we should appreciate what's so good about Linux (for a change).

Re:We all rip into Linux now and then...

[colinrichardday]

Nonstandardization may be an advantage here.

Re:Just buy a Mac :-)

[sqlrob]

No, they are not immune, neither is Linux or any other OS.

The damage is more isolated and easier to clean, unless some moron enters his admin password. There's much better isolation between the OS and apps for the average user account in just about every other OS. That's Windows fatal flaw.

Malware - Love it AND hate it

[retro128]

One one hand, spyware is some pretty evil stuff. There are little weasel programs I've spent quite a bit of time trying to get out of systems.

On the other hand, I get paid to do that. I just did one small company with 5 computers that was literally shut down because they couldn't do anything on their systems. Spyware is a problem on just about every single "joe average" computer that I have seen lately. The problem, of course, is going to get worse as long as Windows continues to allow users to run with privileged access by default.

I don't feel like going into a Microsoft rant - I'm sure it would be preaching to the choir anyway. I would like to share effective tools in my warchest for cleaning out spyware -

Ad-Aware - My favorite anti-spyware program right now. Gets about 95% of baddies.

HiJack This! - Cleans up anything that Ad-Aware may have left behind. It scans all startup regkeys, services, and BHO IE extension keys and lets you select which ones to nuke. BE CAREFUL, it lists both the good and the bad. If you don't know what a process is, google for it before you remove its key.

There are many other useful tools on this download page as well, like LSPFix. This program will fix the mess left by programs that mess with your TCP stack, such as New Net, whos manual removal can disable your Internet access completely.

Pocket KillBox - You know those processes that come back from the dead after you kill them? Can't delete the EXE because it's locked in both normal and safe modes? Pocket Killbox is what you need. If it can't delete the file outright, it can temporarily end the Explorer task and try it that way. If that doesn't work, it can use Windows' replace-on-reboot function to swap the EXE with a dummy file on the next reboot. Very handy for getting rid of the most nefarious of processes.

Spyware Blaster - Pre-emptive spyware prevention. The interesting thing about this program is that it doesn't remain resident in memory. Instead, it writes files and regkeys to your system that prevent the spyware from installing. Adding and removing protection can be done in one click.

Re:Malware - Love it AND hate it

[Quince+alPillan]

The problem, of course, is going to get worse as long as Windows continues to allow users to run with privileged access by default.

Clarification.

The problem, of course, is going to get worse as long as stupid Windows programmers force you to run in Administrator mode to even run their program when their programs really shouldn't need Administrator privileges in the first place.

I've seen games that require you to run in Administrator mode. The amount of programs out there that automatically assume you're an administrator in combination with inane Windows policies (i.e. regular users can't normally change anything in the registry) forces a user to be an administrator or be bombarded with privilege errors.

Note: runas and program-specific access privileges alleviate the problem somewhat.

Re:Malware - Love it AND hate it

What, no spybot S&D? Aside from the DSO exploit bug (which was since fixed), it's worked great for a long time. Plus, it's free! (Whereas Ad-aware wants you to buy it before letting you use the better features).

Re:Malware - Love it AND hate it

[Kagami001]

The problem, of course, is going to get worse as long as Windows continues to allow users to run with privileged access by default.

I see people repeat this mantra a lot, but I really have to wonder if a clueless user in front of a Linux or Mac OS X box would at all hesitate to provide their root password when the installer for a "cool screensaver" prompts them for it.

Re:Just buy a Mac :-)

[Prophet+of+Nixon]

The mac had a fair number of viruses back around 1992-1994 when OS7 came out. At that point many schools were buying color macs (II series, then centra, then quadra) since they were far superior (graphically and in some means, performance-wise) to the PCs at that point. This happened to coincide with the beginning of internet use and networking in many schools, and quite a few viruses got prolific amongst the macs, at least in my school system. The only half-decent AV product at the time was from Norton, but even it was awful since it was really slow and wrote about 10MB of files in directories which the mac GUI couldn't locate (which was a fairly nasty surprise given how small hard discs were then)... it was nasty. I remember moving to win95B boxes (we skipped 95 initially) and being impressed with having fewer viruses and nuisances than on the mac. Granted, things have changed a bit.

We're not stupid but we designed the stupid browse

r.

Any other product that caused as much havoc and damage as browsers would quickly have its designers and manufacturers sued out of existence.

Having bright yellow OSHA like popups warning that installing an unknown plugin is dangerous won't help. Do you know of *any* major web site that doesn't have a propietary plugin by now? I can't view half the movie trailers out there because they all require some plug-in that I haven't heard of. And that includes some movie trailers mentioned on slashdot. So slashdot is contribiting to the problem. Slashdot should be saying *don't* view the movie trailer because it requires a propietary plugin and we don't want to encourage the proliferation of plugins because it encourages people to download plugins without thinking.

Ice Cream Malware

The article was right on. I've recently had my computer infected with this new malware product. ("Line-yuck", or something like that.) The damn thing totally took over my desktop. I think it's put out by some Ice cream company or something like that, because it has pictures of this penguin *everywhere*. OK, I get it - you want me to be familar with your little icon, so when I see it in the grocery store, I'll buy your mocha-nut fudge.

A friend heard I didn't like this "Line-yucks" thing, so he installed this "busted" thing (Yes, they actually called it that.), which is supposed to take care of it. The only problem is, I think it's adware for some air conditioning company, because I keep seeing this Devil charachter instead.

Why can't advertisers just leave me alone?

Are you sure you're a technical user?

[Sloppy]

While doing that, I accidentally clicked on a certain part of the web page. Bingo slammo, my system was infected with spyware

Your web browser is defective. It's inconceivable that clicking a link on a web page could be a potentially dangerous thing to do.

So the obvious question I have is: why the hell aren't you shouting out the name of your web browser to warn the world? (Yeah, we can all probably guess what browser that is, but still, I don't see why it has to remain unspoken.)

And while it's not my style to knowingly use defective software and then pretend I have the right to insist it not suck, many people feel differently, so the next obvious question is: why aren't you part of a some class-action suit against whatever company made that web browser?

Now I run double anti-spyware programs in addition to my A/V and firewall.

This is the most amazing thing of all. So I guess the third question is: how can you call yourself a "technical user" while simultaneously thinking that your problem is somehow related to spyware and viruses, when the problem is so very obviously with your defective web browser? Why is a "technical person" treating the symptom (malware) rather than the cause (the backdoor in your system that allows anyone to install malware just by getting you to click a link on a web page)?

Or to look at the same problem from a different perspective: if your anti-spyware hasn't deleted your web browser yet, then you need better anti-spyware.

Thats the point

[Sir_Eptishous]

I agree completely.

The problem here is a technological/social one. The average net user not only doesn't know how to configure their box/connection, They don't want to know how.
Thats the problem.

The attempts of the past with things like webtv, etc, were a good start in this area. I think (hope) a smart company out there will develop some kind of 'dumbed_down' internet/tv device that will be largely immune to malware, etc.

I disagree that the business drummed up malware is a good thing.

Re:Thats the point

[Lovesquid]

Good solution. Let's just keep dumbing down everything everywhere until people are not forced to do anything other than drool on their shirts.

Re:Thats the point

"The attempts of the past with things like webtv, etc, were a good start in this area. I think (hope) a smart company out there will develop some kind of 'dumbed_down' internet/tv device that will be largely immune to malware, etc."

The problem with this is that there won't be a dumbed down version for those who need it and another for those who don't. When they succeed in making the Internet "safe" for the average user who doesn't want to learn about protecting their PC's they will most likely force everyone to use the same limited access crap.

Want it stopped? Do this, even WITH IE, it works

Take 30 minutes and do this, never get infected AGAIN (on Windows no less), ever, & most certainly NOT in 12 minutes time as was said here recently & I posted this for those that have been victims because it works...

Don't get yourselves infect, not again, ever!

APK Online Security 20-points basic checklist. A combination of things really, layered security is the idea!

DETAILS:

http://www.avatar.demon.nl/APK.html [demon.nl]

SUMMARY:

1.) IP Security Policy in place for adbanner servers blocking OR other "undesirable" IP addresses.

2.) A custom adbanner blocking HOSTS file with 35,000++ entries in it with known banner ad servers in it (which have been shown in some cases even as bearing malicious javascript etc. in them as well as just plain slowing you down as you surf the web by calling out to DNS' servers for URL to IP resolution & loading their remote data).

* This HOSTS file is at the URL above for public consumption/download so anyone can "have @ it"... apk

3.) Tcp/IP filtering @ the IP Stack levels (UDP & TCP) allowing ONLY port 80. Need others? Open then up, this is all I need personally here.

4.) Using up to date AntiVirus & AntiSpyware.

5.) Using .PAC file proxy filters in all web-browsers vs. adbanners & such.

6.) IE Restricted Zones (added to via .reg files which the first body of code in the HOSTS file I use is prepped for the .reg filedata for via a program I built in ObjectPascal delphi console mode ripping away the URL from the 127.0.0.1 loopbacks I equate adbanner servers to, etc. & then insert these here and into IPSecPols also).

7.) Custom adbanner filtering Cascading Style Sheets in webbrowsers when possible (via Opera).

8.) ZoneAlarm Pro or Native Windows Firewall. ZA is the better overall, the Windows one works though.

9.) Disable Java-javascript &/or ActiveX-activescripting in your webbrowsers.

Sorry webmasters, but too many holes popup here and ONLY IE gets that enabled here for Windows Update really only or sites that "demand" I use either.

10.) Making sure the Operating System is up-to-date/fully hotfix or service pack patched.

11.) Disabling uneeded services (especially remote oriented ones, e.g.-> Remote Registry) gaining not only memory & CPU cycles back, but also security:

Microsoft is even into this one now, evidenced by Windows Server 2003 Security Configuration Wizard run by the installation of SP #1 final onto it.

(I've been doing it for YEARS now, better than a decade since Windows NT 3.51 in fact: It WORKS!)

12.) Using restricted Registry &/or FileSystem ACL rights to disks/folders/files + Registry Hives.

13.) Amending secpol.msc & gpedit.msc security polices local to my system for better security.

14.) Using User-Rights & restricting them to my usual logged on user & the system entity SID itself only on most rights, denying all other groups.

15.) Applying registry hacks known to fortify the system BOTH remotely & locally per Microsoft guides for this on Windows Server 2003 for "OS Hardening" &/or "Tcp/IP Hardening".

16.) Being sure applications are up-to-date & patched current as well.

17.) Lastly here, by using a LinkSys BEFSX41 "NAT" & true CISCO technologies based stateful-packet-inspecting firewall router!

18.) Disabling NetBIOS over Tcp/IP & stopping Client for Microsoft Networks (all you need to get online IS Tcp/IP).

However, Ms Lans need these for file and printer sharing and networking properly/fully. THIS changes on LANS, but can be secured better than the default so IF you need it? Patch/harden for it IF you have to use it.

19.) ADDITIONALLY:

RUNNING IE in a "runas limited user class" sandbox effect, is possible -

It is actually possible to run IE securely

Effects are hellish on ISP tech support troops

[alumshubby]

I used to work for an inbound call center whose major client was a RBOC's Internet service over DSL. We were given unreasonably short average and max call time criteria given how prevalent spyware was on their customers' PCs. The proportion of calls from people complaining of slow surfing increased during the year I worked there, and as I recall, spyware was the culprit in the overwhelming majority of situations, although our troubleshooting scripts required us to waste precious minutes (thereby imperiling our jobs) checking for other causes before we finally worked our way down to the "let's clear your cookies and your cache" part of the script and advised on spyware. Worse, we weren't allowed for liability reasons to recommend any particular antivirus or antispyware tools, only to say "There's lots of 'em; get online and search for reviews." Having to educate customers about spyware is hell on your average handle time.

dont be a retard

you sir are retarded. I cant count the number of times I've heard this argument from retarded windows users.

any *nix based system is more secure than windows by design. I dont care how many OSX or linux users there are, those systems will never be the "typhoid mary" that windows has become.

The strange thing about this article

[Sloppy]

What's funny about this article, is that it does not contain the words "Windows" or "Microsoft".

How can someone "report" (I use that word loosely) on this problem and tiptoe around the huge elephant in the room? In spite of the overall fraction of users that are having problems, spyware is not normal. It is almost entirely contained within one single very specific homogenous portion of the population. To say that computer users suffer from spyware is like saying that Sol 3 lifeforms suffer from tobacco mosaic virus. Yes, it's technically true if you want to get pedantic, but it's hard to believe that a "reporter" (*cough*) could so egregiously overly-generalize unless they intended to mislead.

Re:The strange thing about this article

[NaruVonWilkins]

Except that almost all "regular joe" computer users are on Windows. Come on, this is nuts.

Re:The strange thing about this article

[mvdw]

And your point is what, exactly? The reporter should at least make the distinction to regular foks that spyware only affects Windows machines, and there are actually alternatives.

Re:The strange thing about this article

[NaruVonWilkins]

But it wouldn't be true. I know folks who get Mac spyware, there's just a lot less of it. I can just as easily say that the reporter should have mentioned that this was only an issue for personal computers, not typically for large servers.

Re:The strange thing about this article

[filipvh]

90% of users use Windows. It's not being ignored, it's being assumed.

My guess would be that most of the readership of popular media think that Linux is an app that runs on their Windows PC.

Like it or not, Linux is still below the radar for most users.

John McEnroe said it best...

[hotdiggitydawg]

"C'mon, you cannot be serious!!!"

We've heard it all before, but to summarise a few points as to exactly why this is a bad idea:

* The internet is global, whereas governments (who would purport to do the licensing) have border restrictions. Who would police whom, and how? Will you drive on the left side of the information superhighway, or the right?
* You don't need a licence to drive a car, you just need to know how to drive a car. You only need a licence if you don't want to run the risk of getting a criminal record. My uncle has been driving without a licence for over forty years, and he drives for a living too. He's just never been caught.
* Same goes for firearms. Plenty of unlicenced firearms and firearm owners in the world today.
* Would you licence all forms of communication?
- Should we require everyone to get a licence to use the telephone (and make the phone do retinal scans before placing a call) to eliminate prank calls and unsolicited marketing drones? Prank calls can be dangerous too (eg. wasting the time/resources of 911, 999, 000, 111, or whatever your favourite emergency service number is, when they could be saving someone else's life).
- Should you need a licence to purchase stamps, or insert items into postboxes? Think "mail fraud", "letter bombs", "anthrax", etc...
- Should you require a licence to own a wireless AP, or even a television set? How about those FM transmitters you can get for iPods? Walkie-talkies? Mobile phones? An unusually loud voice? etc?
- Should little Billy down the street be fined for having an "unlicenced" tin-can telephone? I'd say posession of two distinct communications units and the means for them to interact should actually be a felony ("trafficking of communications" or some garbage)...
* Would you trust your government to police that communication (a) effectively and (b) with full regards to your privacy? Would you then trust all other governments who may happen to form part of your communications link to do the same?

You say How is the internet any different. How are any of these examples different? Seriously, it's a pipe dream, and not even a good one at that.

Re:John McEnroe said it best...

[MynockGuano]

Here, I think you dropped this:

</b>

Re:John McEnroe said it best...

[hotdiggitydawg]

Arghh... sorry people! :(

(Note to self: 1. Close HTML tags in future. 2. The Preview button is there for a reason...)

the hidden costs

[robotparker]

malware is a mind-bogglingly huge problem for the library I work for. I can't tell you (no, really) how many thousands of dollars the county has had to spend updating and maintaining public terminals that just get reinfected over and over again. and who picks up the tab? the county residents, many of whom probably don't even use the internet at the library.

Re:the hidden costs

Then don't be such an irresponsible admin. Get DeepFreeze like most schools, libraries, public terminals, etc.

Seriously, don't be an asshat wasting other's money.

Re:the hidden costs

[40000]

Just get one of these in those computers
http://www.recoverystar.com/p.html
and even if you don't you'll learn about "dumpling" and "defraying" from the web site!

Re:the hidden costs

[warbital]

I work at the IT department of my college and we spent close to 40% of our time removing spyware. A usual computer for us has between 300-600 infections/files. The max we have ever gotten on a computer is somewhere around 3k infections/files. The bad part is that increasingly were running into stuff that neither addaware, spybot, nor ms can remove. I think ive spent at least 4 hours removing spyware from a user's machine. Its getting to the point were seriously considering just reformatting any machine that a user brings in for spyware related problems because were not able to help the users with more serious problems.

Fear of spyware changing online habits

[yagu]

For those interested, here is another article just popped up in the Seattle Times on the very same thing. I think the claims on "reaction" to spyware are a little more gentle (e.g., being more vigilant... what the heck is that?, and what added benefit does it really bring?). Regardless, enjoy... it's a good enough read to take a look.

Re:Just buy a Mac :-)

[Aerog]

No, they are not immune, neither is Linux or any other OS.

Exactly. And I agree wholeheartedly. My point was that we just haven't seen it yet.

The damage is more isolated and easier to clean, unless some moron enters his admin password
This is where it gets interesting. At the moment, a large percentage of Mac users would understand what you mean. I'd bet the same percentage of Windows users would say "What?". This isn't a Windows vs. Mac thing, this is a statistics thing. There's just WAY more Windows users and more users who know a lot about systems will be using something other than Windows, which leaves the majority of users (people who don't know that much about computers - read: some-assembly-required-victims) using the majority OS. That's why there's so much spyware for Windows. It may be a little easier to code, but I doubt that's the only reason.

We'll see Mac spyware just like we'll see Linux, Unix, Solaris, *BSD, etc. spyware: Whenever the user numbers are big enough. And when the user numbers get big enough, expect the user base to include a percentage of AOL-type users who would type in their admin password to get smilies, or have it as their default account because it's convenient. Especially in some cases (I can think of one in my family) where people specifically use their admin account because they don't want to have to be constantly switching; people know enough to know what an admin account is, but not enough about why not to use it.

And, because most of the point of the rest of my comments was lost because the parent was just a troll, the answer is not just 'buy a Mac'.

Just get a Mac

Pretty simple for about 80% of personal computer users.

Re:Just buy a Mac :-)

[FLAGGR]

On OSX, the root account is hidden. However, the password is the same as your default user. When I go to install software, i just put in my password. Great security. OSX has had TONNES of holes, thats why there are security updates. Same as linux. OSX isn't even all that unix-y as you may think. Sure, they are more secure, but don't get ahead of yourself. (For the record I use OSX and ppc gentoo linux, haven't used windows in a few years)

heh

[Renraku]

The most annoying thing is that they often don't know they're infected, with obvious signs.

Case in point. Friend gets on, messages me to download smileysmileyface.com somethingoranother, and tried to send me the file three times, immediately after I cancelled it.

I told them their computer was infected with a horrible virus (thats what spyware is, legal viruses), and she was like..oh that's just my smiley program. Its cool.

I immediately went over, uninstalled it for her, cleaned the machine (2 hours) and then found a tame smiley program so that she have her smiley fetish with something that wasn't spamming so incredibly hard.

Who would pay for spyware

[spicydragonz]

"Fox said 90 percent of users want better notice of adware. Sixty percent said they would have paid for the software if they knew it came with adware."

I would pay more for software without spyware!!!!

Re:Who would pay for spyware

[Silver+Solid+Brass]

I think they mean that they would rather pay for a product than have it ship with spyware, ala DivX.

You can buy it clean or get it free + spyware.

I think I'll stay on it for a while, thanks

[freeweed]

I'm sick and very tired of many posters here on /. acting as if the use of any MS product or platform is somehow a cardinal sin and an open invitation to get \cr@cked\.

It sure seems to be, however.

I remember a simple time when malware spread one way: through executable files on floppy disks. Wanna be protected? Don't run them without a virus scan on the disk first.

Then, viruses started spreading through email. No problem, just don't open the executable attachment and you're safe. What's this? Suddenly they can auto-execute just by previewing the message? Strike 1, Microsoft.

Ok, so that's fixed. I'll also run a virus scanner on all incoming mail for fun. Oh? I got a worm that infected me on an open port that I didn't know about, wouldn't want open if I did know about it, and couldn't close even if I tried? Strike 2, Microsoft.

Ok, we've solved that. A lot of patching, and a software firewall (and maybe h/w in front for good measure) stops that. I should be pretty safe. Now people are hosting viruses on webpages. No problem, I'll just not open executables within my browser. What? A simple click on a URL can infect me now? Strike 3, Microsoft.

You know why people bash Microsoft? They release an OS that needlessly leaves itself open to infection. Instead of closing the infection route, they (3 years later) tack on a firewall. They release an email client that will automatically run executable content. They release a browser that will do the same.

Fact is, it's possible to run a pretty secure Windows box, you're right. If you don't use Microsoft's email and browser software, if you patch (and reboot) your machine every week, if you run a software and/or hardware firewall in front and if you run antivirus/antispyware software 24x7. Oh, and shut down a few needless services (if you can).

Or, run pretty much any other modern OS/software suite without any of the above precautions. Of course, don't run untrusted executables in ANY OS, that one is a far more difficult nut to crack :)

Yes, it is your own fault. Not the brower's.

Blame IE for whatever you want, but don't call yourself an "technical user" in the same breath. Technical users don't blame their tools when things don't go as planned. IE may be a completely horrible, unsafe browser, but if you knew how to reconfigure it properly, or had any sort of skill in mitigating intrusions, you wouldn't have a problem.

(Slot screwdrivers are inefficient, people still manage to use them successfully without incident.)

Aurorafix

[VolciMaster]

Maybe this will help you in the future, or somebody else here.

A buddy of mine runs a virus removal site, and has a tool to remove Aurora specifically: Aurorafix.

It's likely the whole story was made up

[Tezkah]

Look at his post, and see the plug at the end for the grandparent's website.

Nothing but a stupid ad, probably has been posted many times before (the story doesn't even make sense, as you said) something that is happening more and more often with Slashdot (Turn off sigs and see how many fake ones are out there, its disgusting.)

Don't worry about being a jerk with people like this, they deserve it.

hint: If you have a link to your website, put it in your sig or profile, /. allows for it. DO NOT PASTE IT TO THE END OF EVERY POST.

Family Macs

[Dog135]

On the other hand, my Dad, whom I've spent countless hours coaxing and helping learn Windows and how to use his computer called the other day and said he had disconnected it, and didn't care to ever use it again.

That's exactly why my entire family use Macs. My family (parents, sisters, wife) want to browse the web, use email, listen to music, and connect their digital cameras. If they switched to a Windows machine, I'd have to smack them pretty hard. (actually, I'd just let their computer do it to them for me)

So far, no complaints.

Nope

[kmmatthews]

Apache has > 60% marketshare, yet IIS has more vulernabilities.

The whole "windows gets infected more because more people are targeting it" argument doesn't hold up - otherwise, apache would have more security problems than IIS.

Re:Nope

[toddestan]

That's only half the story. What you really have is IIS on Windows vs. Apache on Linux/BSD/MacOS/Windows/AIX/Solaris/whatever else you can get it to compile on. My guess is trying to design something that will affect Apache on all platforms to hit that 60%+ mark is pretty tough.

Re:Just buy a Mac :-)

[kmmatthews]

Your argument claiming so much fact is an interesting attempt at ignoring simple facts.

(Below is a paste of my post from above.)

Apache has > 60% marketshare, yet IIS has more vulernabilities.

The whole "windows gets infected more because more people are targeting it" argument doesn't hold up - otherwise, apache would have more security problems than IIS.

Re:MS Bashers Get off it

[SpacePunk]

I thank god that MS software is unsecure out of the box. Makes my bank accounts grow.

But, on the other hand, I hate it.

Your typical user comment is almost right on the money. Computers are treated like cars. The typical user just want to use their computer, not know how to work on it. That's our job, we are the new mechanics. So we might as well get used to it. There are those here on Slashdot that like to sneer at users and Microsoft, but they either are college kids, live in their parents basement, or don't have a business. Don't sneer at them, thank them for business. They need to learn how to say "Yes ma'am", "Yes sir", and "Here's your bill."

Our legal priorities are messed up

[Mingco]

Why is spyware and malware legal, and yet innocuously surfing on someone's open WiFi network illegal?

If I want to borrow someone else's access for a day, should I write some malware to trick them into clicking "ok" so that they grant me access for a day?

It makes no sense.

MOD PARENT FUNNY

Cat got your tongue? (something important seems to be missing from your comment ... like the body or the subject!)

Re:Yes, it is your own fault. Not the brower's.

[DocSavage64109]

And what if your slot screwdriver was made of wax? Sorry, but crappy tools can make a job very difficult, if not impossible.

Here's an idea

[joschm0]

If someone were to make a list of all the websites out there which offer known spyware, I could then load that list into adblock for firefox. ...Ok, I'm not sure that idea would work but maybe something along that line might.

Re:Here's an idea

[TildeMan]

This sort of thing has been tried before with spam. It invariably doesn't work. The problem is that you need someone to maintain the list, and they may start out with only good intentions -- hmm, what was it that the road to hell was paved with? -- and eventually they get power-hungry, adding sites to the list because of minor personal annoyances and refusing to remove them.

Here's how it happens:

[suitepotato]

"Click the monkey and win a plasma TV!"

"Click on the smiley for free emoticons for your IM"

"Click (insert crap here)"

The idiot users cause these problems. You don't get spyware from Slashdot and other reputable sites. You get them from free tchotchokes sites, you get them from free pr0n sites, you get them from everywhere but reputable sites.

One culprit though are reputable sites which allow NON-reputable sites to advertise on their pages, allow them to use pop-up script ads, and purvey spyware to anyone going to those sites. THOSE webmasters CANNOT be allowed to get away with the idiot claim that it isn't their problem. If you allow advertising for unreputable sites, and you allow the advertiser to write the HTML/etc. for those ads, and to use pop-ups/unders and they host any spyware/malware at the other end of those ad links, you are only helping to spread it.

One sort of site I do find is leading to issues would be astalavista. A LOT of Windows users are finding out about cracks real quick and see no problems stealing software. But then, we see that "everything should be free" mentality in the FOSS community too.

Clueless Slashdot User

You know, reading through this thread I found repeated attempts by people to demean the users. There were comments about how they should have a license to use the computer, about how they just shouldn't be using computers, how people are stupid, how afraid they are, etc.

I read articles by people who say they are not infected. This is so absurd. Of course, they probably are infected, they just don't know it.

The person that bought the computer is the person that knows whether they should or shouldn't be using one. It isn't a judgement for some lame-brained slashdot'er who thinks they have the stock on all the knowledge. These individuals really need to get a life.

90% of all the computers that come into my shop are infected whether they are using firefox or not. It is not just the browser that brings these infections.

Much of the problem is in how open Microsoft designed Windows. You know there are many different ways to start a program on a computer? Did you know that policies can be put in place by viruses and malware that locks you out of making changes/fixes to portions of your registry? Browser helper objects are only a small portion of the problems. They can be nasty and can be persistent. This complexity is the main reason why you can't attack the users of computers. It took these malware jerks authoring these programs alot of time to figure out and exploit them. Now you want to accuse everyone that's infected of being an idiot because they can't keep their machines clean?

The implication is like saying that everyone has to have a gun to protect themselves instead of relying on the police and courts to do so. By these lame-brained slashdot'ers we'd all be walking the streets with guns because there's a possibility of the need to defend ourselves.

Well, this is unrealistic. The alternative is to move. So we move to another town (browser) and then that becomes popular and all the defects in it crop up and the malware jerks then attack them there.

In reality it is the problems with how Microsoft set up the registry and how programs are launched, and more. It is about many things including the browser, policies, and registry issues.

To say that every person is stupid because they don't know this stuff and hence they should never be allowed to use a computer without a license is the most ridiculous thing I have ever heard.

You people need to grow up. You sound as clueless as those you are accusing of being clueless.

Someone spouts about x product for getting rid of malware. Someone else lists options of a few. You know the best adware/spyware removal tools and even some of the self-professed experts don't know about all the malware products out there. They don't know how it got onto the compter and most of you have no clue how to get it off even if you had one or more of those tools. In the end you'd still have an infected machine but you'd think you are clean.

When you can figure out how to remove all the malware products then maybe you can talk to users like you have been, and even be justified in demeaning them. But right now you are as clueless as they are.

Re:Just buy a Mac :-)

[Aerog]

Your argument claiming I'm ignoring simple facts is an interesting attempt at ignoring the parent post.

Spyware doesn't target servers like it targets home users. It's two different markets.
IIS on a server != Windows at home
Apache != OS

Plus, I never said windows gets infected more because more people are targeting it, despite that:
a) Windows gets infected more
b) More people are targeting it.

Windows gets infected with more spyware because more users use it, and they're the target audience. I'll say it again: When it becomes profitable to target other OSes, they will be targeted and infected. Windows isn't the best OS out there, but it's not the only one that can and will be targeted by viruses. No OS is immune to viruses and spyware.

And, as I intended with the original post, simply telling somebody to change to a different system is like telling somebody who just got robbed to move ten blocks over because nobody has been robbed on that block yet. Maybe there's lots of crime on the first block but none on the other. Does that mean crime is impossible on the other? No.

Re:Just buy a Mac :-)

But there ARE exploits and issues even in Apache.

Just add a few modules and look how insecure your server becomes.

I do seem to remember a cute worm that traveled via PHPBB: http://isc.sans.org/diary.php?date=2004-12-21

While I agree that Mac is not going to become the "Typhoid Mary" that Windows currently is but I do think it is rather foolish for Mac users to take the "We are so damn secure" attitude as things might suddenly change with one unnoticed mistake.

Dilemna

[grimharvest]

I don't want to charge family or friends to clean up their computers, but on the other hand, if too many friends find out you can do it then you'll never get any rest. Solution. Tell them to get Ad-Aware. No guilt and no pain in the ass that way.

Re:Dilemna

[Neop2Lemus]

I caught my parents computer at an early stage of infection this past week.

Got it cleant up with Ad-Aware easily, and now that they had been exposed to spyware they finally let me install and teach them Firefox.

Hope that's the end of the story.

Re:Just buy a Mac :-)

[kmmatthews]

Your argument claiming I'm ignoring simple facts is an interesting attempt at ignoring the parent post.

I was replying to your incorrect conclusions and assumptions; not the parent post. Nice attempt at diversion.

Shopping Carts Etc.

[Lagged2Death]

Well, sure, the shopping cart will need them. I don't have a problem with that; if I actually decide to do business with an online merchant, I add their site to my whitelist.

But consider, say, Staples, for example. With cookies disabled, one cannot even see if Staples even carries the item one might be interested in buying. That's just silly.

As for turning them off, well, it's certainly a personal preference. I do what I can to keep my online activities private.

Re:Shopping Carts Etc.

[misleb]

It isn't silly at all. They often need to set up the user session as soon as you start browsing so that they can show dynamic indications of your shopping cart status and whatnot... even if you haven't yet selected anything to purchase. If you want to cripple your browser in a silly attempt to protect your "privacy," that is up to you. But don't expect merchants to accomodate.

-matthew

Re:Shopping Carts Etc.

[Lagged2Death]

They often need to set up the user session as soon as you start browsing so that they can show dynamic indications of your shopping cart status and whatnot...

You have a misunderstanding about this word, "need." Some sites may be designed to require cookies, but that's not the same as a "need." That's just a poor design, and it's allowing the software guys to make a business decision (an uneccesary and poor one) to boot. Consider that not all web-browsing devices even have storage space for cookies.

Most online stores and services, and notably the most successful ones, work hard on interoperability. They work with old browsers, they work even if you don't have Flash, they work with screen readers, and they at least allow you to browse even if they can't store cookies. Amazon, Ebay, Yahoo, Google, et al. Try telling Jeff Bezos that he's running his little store all wrong - he "needs" to start forcing cookies down his customer's throats.

...don't expect merchants to accomodate.

I don't expect most of them will. So? Really, it doesn't matter why I don't like cookies - it's my computer, and that's that. If merchant A has a stupid e-commerce setup, there's generally a merchant B who does not. It's not like I've ever had to do without some widget because of a cookie issue.

Are you in the web-design/e-commerce game? If so, you should take this as feedback, rather than get all bristly. The simple fact is that some people absolutely hate being required to accept cookies from a site they've never used before. A web designer who truly cares about his craft would focus on giving the users what they want, rather than grumbling about how what the users want is dumb.

Re:Shopping Carts Etc.

[Trelane]

They often need to set up the user session as soon as you start browsing so that they can show dynamic indications of your shopping cart status and whatnot... even if you haven't yet selected anything to purchase. Maybe I'm ignernt, but it seems to me that the intelligent thing to do would to gracefully fail if you can't set cookies. For instance, if you store purchased item information in a cookie, you might well consider the fact that, if there's no cookie, there's nothing in the basket!

Regardless, the behaviour the poster described (not verified it personally) where the site doesn't even come up in a usable state is simply miserable programming.

Re:Shopping Carts Etc.

[misleb]

...forcing cookies down his customer's throats.

Give me a break. It's a fuckin' cookie, for chrissake. The FUD concerning cookies ended like 10 years ago. Get over it. If we were talking about locking certain browsers out of a site, that would be a different story. But you have made a conscious choice to disabled a ubiquitous technology which a site wants to use. I have no sympathy.

-matthew

Re:Shopping Carts Etc.

[123abc987]

And soon you will have no business.

BAM!

[SoupIsGood+Food]

Every time I have a friend, co-worker or family memmber ask me what to do when their PC is wrecked by viruses or crippled by malware, I tell them, in my best Emeril Lagasse voice, "B.A.M! Kick it up a notch! B.A.M!"

They're like, "What does that mean, B.A.M?"

Buy a Mac. Problem solved.

I bill too much for my time to give them any other advice... and it wouldn't be as effective or easy as having them buy a Mac Mini or iBook, anyway.

BAM! Buy A Mac!

If they're too poor to buy a new Mac, have them buy a used Mac. A slot-loading gumdrop iMac can run Tiger just fine with 512mb of RAM.

Linux and OpenBSD would work as well, but it would require more effort on my part to walk them through the migration, and I'm lazy.

SoupIsGood Food

Re:BAM!

[toddestan]

Buy a Mac. Problem solved.

The problem lies mostly with the user. If malware starts coming out for the Mac, these users are going to get infected just like they did on Windows. I don't call that solving the problem.

If they're too poor to buy a new Mac, have them buy a used Mac. A slot-loading gumdrop iMac can run Tiger just fine with 512mb of RAM.

You can't be serious. A gumdrop iMac + upgrade to 512MB of ram + copy of Tiger is probably going to cost them more than the base model $299 PC's.

Browsers are different

Browsers are a different dynamic, and your average user will only think Internet Explorer is just a window with the internet in it, and spyware is an internet problem. They aren't going to realize that IE is a program that interprets and translates stuff from the WWW and presents it to them, and any mistakes in that translation or transaction of information will result in that spyware. They don't understand that a different program would do these things differently and not make these mistakes. They don't even know that the problems are caused by mistakes in IE, they think it's just that the internet is evil. Think like a user. Why would you go "Shit, I need Firefox!!"

I agree they should be and aren't doing this, but you fail to see why not, so there seems to be miscommunication on both sides.

Re:Browsers are different

Er, did you even bother to read my comment? I explicitly distinguished between technical and non-technical users. I don't "fail to see" anything, you fail to see the very clear words I used.

No Free Love

[JehCt]

You should charge your friends and family. How do you expect the rest of us to make a living when you're giving it away?

Linux/OS X don't run as ADMIN

[bach37]

No, it's because Linux and OS X don't let you run as the full administrator, like windows. This is a simple fix, and if MS is smart, they will do this for Longhorn. Otherwise viruses and malware will prevail as MS's biggest problem.

Re:Linux/OS X don't run as ADMIN

[Trelane]

No, it's because Linux and OS X don't let you run as the full administrator, like windows.

Not quite correct. As of last time I tried, SuSE would let you log in as root. Note, however, that they made the background bright shiny red with big warning triangles and big round lit bomb pictures. :) And they try to convince you to create a regular user account at install time. But you can still log in as root if you wish.

Please note, however, that if you do log in as root, particularly if you browse around on the 'net and use irc and chat and email, that our crack Geek Emergency Rapid Clue Repsonse Squad will be dispatched to your location and will be beating you soundly with Big Foam Cluebats until you Learn. So you do so at your own risk. ;)

Re:Linux/OS X don't run as ADMIN

[bach37]

No, it's because Linux and OS X don't REQUIRE you run as the full administrator, like windows.

You're missing my point about windows being vulnerable. I should have posted it this way, perhaps.

Re:Linux/OS X don't run as ADMIN

[drsmithy]

You're missing my point about windows being vulnerable. I should have posted it this way, perhaps.

Windows doesn't REQUIRE you to either - I've been running as a regular user in Windows for nearly 10 years now - it just defaults to it.

Re:Linux/OS X don't run as ADMIN

Try to change your date/calendar, (or run any apps like BF 1942) as any user but full admin in XP. Good luck. It DOES require you to be logged in with full admin rights to do anything useful at all. This means you will also be running IE, Outlook, executing .exe's as full admin.

Re:Linux/OS X don't run as ADMIN

[demon]

Except of course for the applications that won't run right - or at all - unless they have access to poke and prod _anything_ on the system at any time *cough*MS Office*cough*.

Re:Just buy a Mac :-)

[aedan]

No, the OS X root and admin user passwords are not the same. You need an admin password to turn on root at which time it will ask you for a root password. If you give it the same one then that's up to you.

aedan

spyware irony

[chrish]

Har har, looking at the article, I see: Firefox prevented the site from opening a popup.

Wonder if it installs any tracking cookies.

Re:Just buy a Mac :-)

[SideshowBob]

Yes Macs are theoretically vulnerable to viruses or spyware.

In theory there is no difference between theory and practice, but in practice there is.

So I'll just keep enjoying using a computer that doesn't have viruses or spyware, and you keep warning me that theoretically I might get one some day.

Firefox

[minus_273]

I submitted a similar article from MSNBC (was rejected yesterday) the most interesting part is it calims that Firefox and other browsers are now at 18% of all adult US users. This was a random phone survey with a margin of error of 2%. I think it is some of the best data on the penetration of alternative browsers and something people could use to back up decisions to not just support IE. 20% if the market is not an amount that can be ignored.

Re:Just buy a Mac :-)

[colinrichardday]

But would they be targeted and infected as much as Windows users?

Buy a mac- call it a day

[Enrique1218]

if people are $129 to remove ad-ware, then that would seem nullify the whole price premium argument.

Re:Just buy a Mac :-)

[99BottlesOfBeerInMyF]

Okay, I'm going to bite, because this has been irking me a bit this week... When you see the Mac userbase hit a decent number (and I don't pretend to know what that is) then you'll see spyware and viruses for it. Fact.

The above comment certainly irks me. A prediction cannot be a fact. Let me repeat that for you. A prediction cannot be a fact.

That said, no, macs are not immune to viruses or spyware. Yes, macs and other computers could be made more secure. Your assertions, however, are misleading. Huge numbers of worms and malware are written for motivations other than profit. Mac OS X is designed in such a way that it is much, much harder to write worms that will actually propagate, there are basically no services available to be exploited on a default install, and the vast majority of mac machines are patched regularly because it is set up to automatically prompt you to do so, by default. Macs users operate as a limited user, without full privileges and are prompted for a password to perform administrative tasks. Users are warned when downloads are executable. Market share helps Mac OSX escape unscathed from worms and malware, but that is by no means the only factor and your attempt to portray it as such is incorrect.

Re:Just buy a Mac :-)

[LKM]

Macs are not immune to viruses, we just haven't seen a virus or spyware author take the time to exploit it, yet. Why? Because it isn't profitable RIGHT NOW.

True, Macs aren't immune, but you're missing a few points. It's harder to make a good virus/spyware/trojan for Macs than it is for Windows. Here are a few reasons why that is:

• On a Mac, most (all?) services are turned off by default. Ports are closed.
• Macs ship with an easy-to-use built-in firewall.
• You don't run your Mac as root. Viruses have less access on a Mac than on other OSs.
• Mac users use different E-Mail-apps and different Browsers. Mail.app and Safari have pretty good market share, but they're nowere near where Outlook/IE are. Even if Macs were to reach a significant market share, you could only reach a quite small part of them by using, say, an exploit for Mail.app (of two dozen Mac users I know, only about four use Mail.app, about five use Outlook, one uses PowerMail, one uses Mailsmith, some use Mozilla and some use Eudora).
• Mac users are less tolerant of bad software. If there's something that even smells like malware or spyware, there's a huge outcry in the community, with news sites posting the info and tons of people analyzing traffic from apps and publishing the news.
• There's more open source software in Macs than in Windows. That means less exploits and quicker fixes if there is a problem.

Fixing this problem in my town

[lordmoose]

I've decided to teach a local community college class about spyware/adware prevention and removal. Some would think that I'm giving away my business secrets on how to clean out computers, but I've found that even though I teach my clients how to be safe, they invariably end up with the same problems 2 months later and want me to help them again. I figure that by teaching this one-time class I will spread the word about how to prevent these infections. If anyone else has taught others in a group setting like this, I would like to hear how it went!

Re:Just buy a Mac :-)

[droleary]

Don't troll windows users into switching to mac, I may like it, you may like it, but if theyre fine using windows then let them bitch about spyware.

If they're bitching about spyware, they're clearly not fine with Windows. If they shut the fuck up about their woes then, no, I pretty much don't care what they run. A Mac purchase simply sends the single best message to Microsoft (and all the PC makers under their thumb) that people are tired of their shit. I highly recommend doing it, and that's not me trolling.

Nope

[zpok]

OK, windows is good for people who know how to 'maintain' their computer. I'll take your word for it.

But people don't want TV's, they want computing machines that compute. That do stuff with pictures, video, etc, that connect them to the internet etc etc.

It's perfectly possible to make that a safe experience without turning people into computer mechanics.

You know it, I know it. And if windows doesn't care, it's perfectly all right to do some windows bashing.

I won't because I don't care about windows one way or another. The time I had to use one for work (3 months until I started shouting and the financial director caved in) is long past - as is the time I thought I'd try to manage one at home for game playing. I'm free of all that, thank god.

For me it's a SEP (Someone Else's Problem). But if Windows cared as much about security as about their bottom line, we wouldn't have this discussion now...

Re:Just buy a Mac :-)

[droleary]

Macs are not immune to viruses, we just haven't seen a virus or spyware author take the time to exploit it, yet.

This is essentially the only reasonable thing you wrote.

Why? Because it isn't profitable RIGHT NOW.

Simply wrong. Raw profit is not about volume, it is about . . . wait for it . . . profit! Apple is a profitable company despite not being as big as Microsoft. Any market forces you care to point to that affect Windows should equally affect the Mac. Yet where are the Mac exploits? Let's explore your flawed reasoning:

Lots of users (likely the ones who would initially be succeptible to a virus) are running windows. This makes it easy to spread.

That makes no sense. All computer users are involved in a "network effect" for their platform. Look at my address book (which is very easy to do on a Mac) and you'd quite likely to find the bulk of them are using Macs. What you say only makes sense in the general context of trying to exploit a random machine, and that actually supports the case of Macs being a more secure choice.

Most computers run windows. You don't see a lot of human viruses that only attack people with anemia; it's just more profitable to attack the majority (or everything, if you can get it).

Again, it's not a volume issue. When it comes to profit, it makes the most sense to target the platform that is "cheap" to attack. No malware author with a clue would ignore the Mac market just because it is outnumbered 9 to 1 if it were 10 times easier to exploit. The Mac just isn't that vulnerable compared to Windows. Again, the overwhelming amount of malware for Windows supports the conclusion that it is an easy target, not that it is abundant one.

Spyware makes its money on user numbers. The more users you can get, the more you want to develop a product. Why spend the time to write for the small % running macs when you can take some already-proven techniques and go for the big money (i.e. the lots of users) on Windows machines.

You keep making the same fallacious argument. You spend the time, by your own admission, if it is profitable. Nothing about the numbers says that market size is the driving force towards profitability. Indeed, as a Mac developer and with knowledge of the Mac community I can easily say that, were it not for basic protections built into the OS, fucking over the user is at least 10 times easier on a Mac. You don't use the same methods that you do on Windows, but anyone who would want to target the Mac would find users more ripe for the picking.

Programmers are lazy. If there isn't a really good reason to do it (i.e. not enough profit potential in their eyes) they generally won't do it unless they're really keen on it. Mostly, these people are not making spyware/viruses.

Do at least keep up with your own misguided reasoning. The Mac is overflowing with profit potential. On Windows, you have a saturated market. Your new malware is going to be in direct competition with hundreds if not thousands of others. The Mac, on the other hand, is 100% for the taking. Do the math and you'll see that the best path to profit would still be the Mac despite its smaller market.

When you see the Mac userbase hit a decent number (and I don't pretend to know what that is) then you'll see spyware and viruses for it.

Nah, we'll just see people like you trying to backpedal and explain why Macs still aren't getting exploited like Windows machines were.

Until then, stop being a mactard and just deal with the situation at hand: there is a lot of spyware out there and something needs to be done now. That something is not ignoring the problem until it swims up and bites you in the ass.

Right, that something to be done is to buy a Mac. Your dire predictions are just that: predictions. I'm not going to lose a second of sleep until there is a OS X exploit. Until then, you're just spewing FUD.

Re:Want it stopped? Do this, even WITH IE, it work

[toddestan]

2.) A custom adbanner blocking HOSTS file with 35,000++ entries in it with known banner ad servers in it (which have been shown in some cases even as bearing malicious javascript etc. in them as well as just plain slowing you down as you surf the web by calling out to DNS' servers for URL to IP resolution & loading their remote data).

Do you have any idea how slow a 35000+ hosts file can make a Windows computer? I tried one of those mega-hosts files, and quickly nuked it because the banner ads slowed down the system considerably less than parsing the hosts file. I then slowly started adding the worst offenders (like doubleclick) back in.

mac numbers

[zpok]

I've read the argument that we are too few to bother with. That's too simplistic an argument, but it made me think about numbers (userbase)...

Can someone give a number (and/or argument) that would make it worthwile to make malware or write viruses for the mac?

I KNOW (or suspect) the average mac user isn't smarter than the average windows user, so I'm sure you'd get people to install this shit all by themselves.

(Please don't moderate this, just answer if you think you have a hunch, or ignore...)

Cheers

what is needed here is...

[jonwil]

An all-in-one package that newbies could run.
Call it something like PC-Tune-Up or something.
It would include a good anti-virus program.
It would also include anti-spyware and other things to clean up peoples systems (i.e. registry cleaner like Norton System Works has, things that ensure that the windows firewall is configured properly and protecting your system, things that make it dead simple to download and install windows security updates and anything else that might help with securty.
Also, it should include features like email scanning to check emails for viruses (and remove them before they even get to the inbox).
Out of the box it could include 1 year subscription (for spyware and anti-virus defintion updates, new program code etc)
Everything it does (including descriptions of anything nasty it finds) would be described in language that even newbies can understand.

Many people understand that taking your car to the mechanic every so often to get the oil replaced, brakes checked and whatever else is essential to keeping your car running the way you want.

So, use that metaphor to market the software. Tell people that running PC-Tune-Up (or whatever it is called) does the same thing for your computer as getting your car serviced does for your car.

Also, market to OEMs to include the software on the PCs they sell (in this form, it could just sit there and do its work with very little user interaction required unless something nasty showed up). By including this, they get less calls to technical support.

ISPs too could market this (since it would potentially reduce the number of machines infected with trojans spewing out spam or being used as part of botnets)

But, above all else, make it so simple even grandma and grampa can use it. Most newbies dont know what a "Trojan" is.
But if you told them that a program was running on their computer without their knowledge and that it was making their computer and internet slower, they would probobly understand. The program should be set up to remove viruses automatically. (not necessarily spyware but certainly viruses)

Windows XP is secure.

Say, I just got my computer 12 minutes ago and connected it to the internet and haven't had a single malwCLICK HERE 4 CHE3P V14GRA!!!! (hint hint, this article.

Re:I run Linux and whatever else...

[ThePackager]

God I'm tired of reading the gobbledegook about Win-haters, geekoid nerdelian, "LINUX" worshipping, snotty, "I-know-more-than-you-especially-when-it-comes-to- meaningless-information", whiny, "open source has to be good, after all we think so"; "we love malware 'cuz we can fleece the less dweebified segments of the population", "computers are my life, but I'm so socially inept, I wouldn't have a life without them" bulls*it. Go help people out without all the pompous crap you losers!

Re:Just buy a Mac :-)

[Thu25245]

When I go to install software, i just put in my password.

I know. Linux/Unix has the same vulnerability, called "sudo." Put your non-root password in, and you can immediately do everything root can do.

Great security. I'll stick with good ol' Windows, thanks.

Re:I run Linux and whatever else...

Did that make you feel better? Sounds like you need to get laid dude.

Re:MS Bashers Get off it

[Deeze]

"They need to learn how to say "Yes ma'am", "Yes sir", and "Here's your bill.""

Yeppers :D. They learn that part much faster than they learn anything about their pc. It's so much easier for them lol.

Your wish is granted

[SuperKendall]

I only wish I could protect my less-technically-inclined family members and friends more effectively, as I don't charge them for removal

I cna't believe no-one has said it outright yet - buy them a Mac. That's how I got out of the family support biz.

Re:It's your own fault -- My 2c

[iamcf13]

But I have no sympathy whatsoever for technical users who should know better that continue to use Internet Explorer to visit websites that are in no way trustworthy.

I've been using PC's and 'Billware' since the 1980s -- the days of DOS. Now pretty much exclusively on Windows, I just lock IE down and use that -- just disable ActiveX and scripting and your PC cannot be 0wned that way provided the affected routines are coded correctly by the folks at Microsoft. To keep the rest of the malware out, I use a software firewall and am currently behind a hardware one as well. My guess is that by the hardware firewall simply dropping all unsolicited incoming connections except to 'well known internet ports' for HTTP, SMTP, POP3, NNTP, and FTP servers coded to defend against buffer overflows and illegal command execution would go a long way toward quashing malware. Using trusted antivirus programs and treating your email like text like I do would go a long way toward preventing system compromise.

Oh well, let the naysayers say 'Get A Mac' as the solution to the malware problem but aren't there documented cases where Macs were compromised? C'mon, Windows is just the whipping boy for this issue.

I was a net newbie once....

I learned (in time) how to take care of my PC when surfing the Internet.

MOD UP

[SuperKendall]

That was really an even more intersting article. Truly there is no justice in stories selected for posting.

I found it funny the person in the story bought a Mac, then installed two layers of firewalls and turns off the broadband link when she's out! But really I have to say she's safer than most of us even if her measures are a little extreme.

Re:MOD UP

[minus_273]

that will never happen. see my sig, that usually gets me modded down.

Re:It's your own fault -- My 2c

just disable ActiveX and scripting and your PC cannot be 0wned that way provided the affected routines are coded correctly by the folks at Microsoft.

That's a pretty big assumption, especially as Microsoft have shown time and time again that they simply cannot be trusted to "code the affected routines correctly".

Internet Explorer hasn't had any major changes in four years. And they are still finding security holes in it. It's one thing to find an occasional security hole in something that is under active development, but after four years of work, they still can't secure their browser? Something is severely broken at Microsoft, and if you use Internet Explorer in the manner you describe, you are sticking your head in the sand and pretending it doesn't exist.

My guess is that by the hardware firewall simply dropping all unsolicited incoming connections except to 'well known internet ports' for HTTP, SMTP, POP3, NNTP, and FTP servers coded to defend against buffer overflows and illegal command execution would go a long way toward quashing malware.

Your guess is wrong. The vast majority of malware gets onto computers through outgoing connections - that is to say it's referenced by seemingly benign code that your computer downloads and interprets - e.g. HTML by Internet Explorer, email by Outlook.

From that point, the malware is already on your system and can do what it wants, including communication with external servers, since it can make all the outgoing connections it wants.

Furthermore, the configuration you describe is a misconfiguration. Unless you are running a web server, mail servers, news server and FTP server, you don't need to allow incoming connections to those ports at all.

Using trusted antivirus programs and treating your email like text like I do would go a long way toward preventing system compromise.

Yes. But not using software from a company that has shown itself to be utterly incapable of writing secure software would be far better.

Antivirus is an untrustworthy hack. It's unreliable and is best used as a "just in case" measure, not as a trusted layer of security as you describe.

Oh well, let the naysayers say 'Get A Mac' as the solution to the malware problem but aren't there documented cases where Macs were compromised? C'mon, Windows is just the whipping boy for this issue.

You really can't see the difference between "Aren't there documented instances on the Mac?" and "With Windows, you have to buy lots of extra software, extra hardware, severely lock down your computer, and even then millions of Windows users get infected all the time"?

I learned (in time) how to take care of my PC when surfing the Internet.

Computers are meant to work for us, not the other way around. Bloody typical Windows mindset.

Another theory

[Otto]

Different strokes for different folks.

I have another theory as well, and that's that Type B people started really getting their learn on at a much younger age than Type A people. That it's in the major changes which take place during the initial formation of synaptic patterns in the brain, within the first year or two of the child's life, which determine this sort of thing.

But that's just a theory, I have no real evidence other than anecdotal. Except that everybody I know who falls into Type B (damned few) learned to read well before age 5, whereas those Type A people learned after age 5 and were still struggling with it up into the 10-11 year old range.

I've also been in several elementary school classes and observed this sort of thing. Remember that kid in 3rd or 4th grade? The nerdy one who, during the reading time/class/instruction, could read along out loud at a clip that nobody else in the class matched? Maybe you were that kid, I don't know. But there's always at least one or two in every class I've seen. That's the Type B kid. You can tell that he's the bored one when anybody else is reading, because he reads 3 or 4 times faster than everybody else. That kid was reading probably before he was 2 or 3 YO, which is why he is so much faster. Reading came easy to him, he grasped the pattern of the system quickly and didn't have to learn the language one word at a time until he got it. Most of the rest of the class is Type A.

But that's just my own theory, and its not rigorously backed up or even thought out, really.

Re:It's your own fault -- My 2c - reply

[iamcf13]

AC: Computers are meant to work for us, not the other way around. Bloody typical Windows mindset.

Want to put Bill out of business?

Create a secure operating system.

The closest one to this goal might be 'NSA-Linux' from our 'friends' at Fort Meade, Maryland, USA.

Its existence won't put a dent in the 'Microsoft monopoly'. However, said 'friends' apparently asked/forced Microsoft to put in a backdoor for them in Windows. Moral of the story: Don't do anything sensitive on Windows period. If you must, use trusted, 3rd party crypto software (or write your own) to encipher your secrets.

Even better and more secure: write your own OS from the boot sector up using only BIOS, CPU-specific machine language, and a 'disk zapper' program that runs in another OS to get you started. Can you write an OS (even a 'toy' one)? I could probably write a 'floppy' based 'toy' OS if I had the time to do it--it would be nowhere near the (abysmal?) quality or have the mass acceptance of the stuff coming out of Microsoft.

Though Windows is a gigantic, insecure kludge of an operating system, it does have one shining plus: backwards compatibility. For example, I have a very good backgammon game programmed back in 1991 that runs on my Windows 2000 PC in 2005 without any problems. Can the same be said of MacOS?

If Apple Computers had the market share that Windows enjoys, Mac-based malware would be 'an unwanted evil that won't go away' and not a curiosity as it is today (anybody got links to documented Apple/Mac-based malware from the wild -- I heard it's out there and the {unscrupulous}Apple/Mac supporters just choose to ignore that it exists.)