MIT Startup Tests Top Million Sites for Spyware

torrentami writes "An MIT startup called SiteAdvisor has downloaded over 100,000 programs from the top million Web sites and tested them for adware and spyware using an automated system they've built. They've got a blog entry where they dissect 5 of the worst adware bundles they found. There is some amazingly invasive stuff in there."

Re:The major lesson of all this.

[BushCheney08]

In fact, if Windows were to fail commercially tomorrow and everyone runs *nix, you'll see spyware applications be written for these OSes immediately.

Agreed. Especially when you consider that all of the programs in TFA were installed after the user clicked the "I Agree" button five, six, seven times. The OS could be totally secure and only allow the installed apps to affect the logged-in user. They'll still be there annoying that one user, though, since the user is the one who said it was okay to put them there. This is where informing the user comes in. And the user has already shown many times over that they don't care to be informed. This sort of crap is gonna be around for a long long time...

I don't agree.

[Zombie+Ryushu]

THe security paradigm of Windows and the Unix World are Apples and Green peppers. There will still be spyware threats out there if Windows didn't exist. But they would be different threats, and they could eeven be worse in some cases, but they would be fewer in number and the Internet wouldn't be such a darkened Hell hole it is steadily becoming. The Data miners would get more resistance from the Unix world than they have a Windows world that can't fight back.

You get what you pay for...

[ian_mackereth]

If the word "Free!" is enough to get users to download the screensaver, game, utility, etc., then this sort of thing will continue.

Somebody has to pay for the server bandwidth and the time to write the programs, and one viable model is adware. I deplore the installation of software that's a)not in the EULA or installer screens and b)damn hard to get rid of, but the 'legit' adware is what's paying the bills of the guys giving you free stuff.

There's always a subset of users who can circumvent the installation of the unasked-for bundles, but the average user without updated anti-spyware, firewall or anti-virus software will make enough money for the vendors to keep us in freebies for quite some time to come...

Re:The major lesson of all this.

[WindBourne]

I always laugh at that argument. Basically, so many windows encourage all the hackers. So not true. Even back in the 80's when Mac was bigger than Dos, attacks were being designed for DOS. Why? ease of doing so. Apache has shown this,as well as numerous other examples. The best example out there, is that banks during the 60's and 70's were heavily robbed until the 7-11 stores became the easy marks (and loaded with small money). Finally 7-11 decided to change their attitude and make it near impossible to make any amount of money over 50. So what are robbers hitting these days? banks. Why? do to ease of hit combined with the amount of money.
 
The lesson to learn on that, is that crooks go for the easy mark that makes money. *nix will be the target when either:

1. insecure systems do not have money.
   
2. all other systems are more secure than *nix.
   

Neither is likely to happen anytime soon (and many would argue any time far). *nix will be very secure for a long time.