Slashdot Mirror

← Back to Stories (view on slashdot.org)

Study Notes Decline in Internet Spyware

Posted by ScuttleMonkey on from the big-decline-still-big-dissapointment dept.

Zoner12 writes "LiveScience magazine is running an interesting article about a new study detailing the extent and seriousness of spyware on the Internet, finding that it is still prevalent but declined significantly. The scary statistic is that 1 in 62 websites visited distributes malware. Kind of disheartening that this is a decline."

94 comments

  1. Interesting view on market self-regulations by dada21 · · Score: 5, Insightful

    Whenever we find something new, we look to how we can make our lives better with it. Some people can use this new product or service to save them time or money, and others will use this new product or service to directly make money. Look at the TV, the VCR and now the Internet.

    I truly believe that Spyware has always had a market provision for it -- to find a way to capitalize on this "new" medium. Initially spyware may have been created by the big media companies -- Prodigy, AOL, Compuserve and the rest. They never had any opportunity to really sell the informaion of their users, so most of them gave up the flagrant "violations" of user privacy. Of course ISPs likely still have ways to make money on user information, but not like they thought they would.

    Spyware was then taken over by individuals and foreign companies who might have been duped into thinking there was a profit. Most spam comes in from out of the U.S., but the value of spam has decreased majorly in the last year -- not due to laws or government regulations but through the end user finding ways to avoid even seeing spam. I think by next year spam will decrease greatly and in the next 5 years we'll have forgotten it entirely.

    Spyware is now on that last phase, as well. With firewalls and spyware-detecting software, the power of spyware is decreased majorly. As operating systems are released that are aware of spyware and the implications of being known as a spyware-enabling operating system, manufacturers will take a big step in combating spyware before the fact, rather than after the fact. Yet the spyware will be beaten down by market choices not by government action or mandates.

    By the time the law is created, it is already outdated. 10 years from now SPAM and spyware laws will still be on the books, but the market will have provided users with the proper way to fight it. As the next generation of users is accustomed to requesting information in the the way they want it, spyware companies and spammers will have to find new ways to make a profit: they won't be able to trick the next generation as easily.

    Yet along with the market ending spyware, the market also seems to be trying to find ways to destroy the previous financial structure of information -- advertising. I use Google AdSense to monetize most of my sites, but it would never truly pay the bills. If I didn't have people volunteering money, I'd have to look into new ways to pay for my time. I actually prefer not to charge for information, I'd rather get my thoughts and opinions out in the market so that I can back up my billable rate by offering people the knowledge that I spend a lot of time researching my businesses. Having to find a new way to pay for media you want (TV, music, whatever) will be the unintended consequence of our market decision to get rid of all advertising and ad-ware type of programs. It'll be interesting to see how quickly the market recovers, though, as it always does: to give the best balance between the needs of party A (the producer) and party B (the consumer).

    1. Re:Interesting view on market self-regulations by jdavidb · · Score: 4, Interesting

      I blew up and started obliterating every add I could when Drudge Report went around Firefox's built-in popup blocking. Prior to that, I'd been blocking images from ad servers that served women in swimsuits (or less), since I won't look at a woman dressed like that unless I'm married to her. That meant I was missing most of Slashdot's ads.

      I've never had any qualms about blocking the ads, and have been saying for a long time that we'll just she a shift in the "ecology" of website funding. Some will continue to be funded by ads, more will become funded by donations or subscriptions. Some will continue to be funded by private individuals or companies.

      I keep hearing two-bit webmasters on slashdot prophesy Armageddon on the web because of people like me. Yet life has continued to go on, and it's nice to see someone putting out content on the Internet who does not think that ad blocking is going to cause the sky to fall.

      I run only a handful of websites; one is supported by user donations, and the others are not yet big enough to need anything other than about $10/year from me.

      I'm a much happier man since I started skipping all ads on the Internet. We also quit watching television other than recorded shows where we could skip the ads, or purchased movies with no ads (other than at the beginning, sigh...). Much, much happier, all around.

      --
      Secession is the right of all sentient beings.
    2. Re:Interesting view on market self-regulations by dc29A · · Score: 1

      but the market will have provided users with the proper way to fight it

      In a few years the market will have legitimized spyware (Gator^H^H^H^H Claria is already semi "legit") so that way it will look as spyware is reduced when infact it's no longer spyware but "useful programs that are funded by advertising" PR bullshit that scumware companies like Claria and 180 crap spew.

      But, I think that in the future, if spyware will decline, it will not be attributed to the market giving people tools (those already exist), but I see the computer users being a little bit more savy and most importantly Windows Vista and beyond pushing non administrator accounts for newly installed PCs and more and more people are adopting Firefox.

      The main reasons for spyware today are IE + everyone and their dogs running Windows with root accounts. Eliminate those 2 problems and the spyware plague will be severely crippled.

    3. Re:Interesting view on market self-regulations by AeroIllini · · Score: 3, Interesting

      Most spam comes in from out of the U.S., but the value of spam has decreased majorly in the last year -- not due to laws or government regulations but through the end user finding ways to avoid even seeing spam. I think by next year spam will decrease greatly and in the next 5 years we'll have forgotten it entirely.

      Yeah, we may have forgotten about it in 5 years, but that doesn't mean it's gone away ... it just means we can no longer see it.

      I'm not worried about how many spam messages end up in my mailbox; I have all kinds of filters and things set up to prevent that. What I'm worried about is the sheer amount of traffic being sent over the internet backbone fibers related to spam. All that data is clogging the system, even if filters at the message's destination make it so the data never arrives in a mailbox. Lots of this spam is being sent by zombie machines, and will continue to be sent long after spam is no longer profitable, which is highly unlikely to ever happen. Even a single purchase of a product justifies the cost of sending millions of messages.

      If all the spam in the network is completely eliminated all at once, would the internet speed up? Would my downloads be faster, and my bandwidth wider, and my gaming lag smaller, and my surfing more productive?

      How much bandwidth are we truly wasting on spam? I'd love to see some up-to-date statistics on this.

      --
      For security, the MD5 hash of this message and sig is 09f911029d74e35bd84156c5635688c0.
    4. Re:Interesting view on market self-regulations by Anonymous Coward · · Score: 0

      Reading critically between the lines you'll find that most spyware is being replaced by equally invasive and useless (to the user) bundleware. The phenomenon isn't getting any better. It's just becoming more acceptable and less obvious to notice. Collecting information that, at one time, required scraping the system using a spyware agent is now automatically forwarded to central databases during the installation process. Don't let up your guard just yet.

    5. Re:Interesting view on market self-regulations by Nahor · · Score: 2, Insightful
      the value of spam has decreased majorly in the last year [...] through the end user finding ways to avoid even seeing spam. I think by next year spam will decrease greatly and in the next 5 years we'll have forgotten it entirely.

      Spyware is now on that last phase, as well. With firewalls and spyware-detecting software, the power of spyware is decreased majorly.

      I could have said the same thing about viruses 10 years ago thanks to antivirus software, yet they are still there and more thriving than ever. I don't see why spam and spyware would be any different.

    6. Re:Interesting view on market self-regulations by Anonymous Coward · · Score: 0

      "I'd been blocking images from ad servers that served women in swimsuits (or less), since I won't look at a woman dressed like that unless I'm married to her"

      I guess I won't be seeing you at the beach.

      "We also quit watching television other than recorded shows where we could skip the ads, or purchased movies with no ads"

      Good luck trying to avoid ads with the ever proliferating use of product placement schemes. Just watch Seinfeld reruns and spot George standing with the "Rolled Gold" bag strategically placed.

    7. Re:Interesting view on market self-regulations by Anonymous Coward · · Score: 0

      Prior to that, I'd been blocking images from ad servers that served women in swimsuits (or less), since I won't look at a woman dressed like that unless I'm married to her.

      Yeah, I put my bitch in a burka, too.

  2. In other news by abenton · · Score: 1, Funny

    87% of studies are made up on the spot

  3. A decline in study notes...? by Anonymous Coward · · Score: 2, Funny

    Did anyone else read the headline as meaning "there are less Study Notes included in Internet Spyware"???

    Whenever I need to brush-up on my 19th Century history or Applied Calculus, I always read the source-code of spyware first...

    1. Re:A decline in study notes...? by xitshsif · · Score: 1

      The odd headline intrigued me. The only reason I clicked on the link.

    2. Re:A decline in study notes...? by Anonymous Coward · · Score: 0

      That's because there's suppose to be a colon after the word notes. I think it's suppose to be, Study Notes: Decline in Spyware.

    3. Re:A decline in study notes...? by nurmr · · Score: 1

      Also only clicked the link because it was so cryptic. The title should at least read: "Study Notes: Decline in Internet Spyware"

  4. rise of spyware killers by joe+155 · · Score: 1

    Spyware will start to fall off (or become more secretive and worse) because everyone now has a copy of spybot or adaware or whatever, even my mum does (and she still uses IE 6 because she doen't trust anything else)... When people start to find them quicker they can do less, and if they can do less people will make less money out of them, so it'll fall a bit, also I've stopped going on porn, so thats 500000 less peices of spyware on my computer each week, meaning the distrobution is falling

    --
    *''I can't believe it's not a hyperlink.''
    1. Re:rise of spyware killers by gcw1 · · Score: 1

      Or maybe the makers spyware cleansing apps are getting paid off by more and more companies like gator/claria to not consider them spyware.

  5. I don't understand... by MS_Word · · Score: 2, Interesting

    What does most spyware do? Show advertisements and redirect browsers? Use your pc to generate spam? Track your surfing and purchases online?

    Are not all of these things in the end for comercial gain?

    What companies profit from this?

    Are any legit? Or do they all offer you penis enlargement?

    If so why not name and shame them?

    Of the ones that are a scam, who buys penis enlargment pills for 1.99 or cheap viagra? Spam wouldnt be profitable if no one bought any products that it advertises?

    Any idea what percentage of spam emails are responded to?

    1. Re:I don't understand... by John+Hurliman · · Score: 1

      Spam wouldnt be profitable if no one bought any products that it advertises

      That's a common myth about spam. Spam will always be profitable as long as you can convince a single client (penis enlargement or Viagra reseller) that it will be a successful marketing campaign for a minimal cost. If 10 billion e-mails go out, and 100 click-throughs are generated (95 of which may have been accidental) along with 0 sales, you can say "I drove 100 visitors to your site, if you had a 1:33 conversion ratio you would have made three sales and had a profitable day. Better work on your website." There's also the advertising concept of mindshare; fill the inboxes with more Cialis ads than Viagra so the next time someone decides to shop around online for that type of product you already eliminated half the competition.

  6. The Rise of Firefox by s3x3s · · Score: 1, Insightful

    Does anyone else find the corelation not at all supprizing. Teh firefox usage increases, spyware goes down. Not to mention the good work *gasp* by M$ w/ their free anti-spyware app. s3x3s

    1. Re:The Rise of Firefox by gunpowda · · Score: 4, Insightful
      I don't think it's Firefox in particular - the study was carried out over '20 million Internet sites' and any executable files present. Sure, your typical exploit won't have an effect on computers running Firefox, but what's being tracked here is the presence of software rather than its consequences and effects.

      I think SiteAdvisor is also a valuable tool in this context.

    2. Re:The Rise of Firefox by gordgekko · · Score: 1

      Hey, I love Firefox (gaze at the sig for proof), but it is no more secure than IE is. The rise of Firefox didn't make us necessarily more secure, it only gave us a better browser.

      --
      You want to know who isn't running Firefox 2.x? They spell it "definately" and "rediculous".
    3. Re:The Rise of Firefox by Firehed · · Score: 2, Interesting
      And to a (very) lesser extent, user knowledge. While most users out there still don't know the difference between [insert related metaphor], they're slowly becoming aware of the fact that clicking "Yes! Please install ShitSoft's Sp33dB00st3r" isn't the best decision. eDarwinism reigns supreme, of course, and people manage to learn from their mistakes. Not because of downtime or inconvenience, but if you're dumb enough to cause them, you're certainly not smart enough to fix them, and Best Buy charges out the wazoo. So when the ads cost the consumers money due to their own stupidity, they do learn. It's really the only way to teach people (at least in my not-so-lovely America), but if it gets the point across, then good.

      Of course, FF taking ActiveX out of the picture certainly helps things. The problem is that most of the shitware-infested (spy/ad/"mal"/etc -ware) users aren't the type to go out of their way to get Firefox, no matter how much more incredibly convenient it is after the fact. Unless they spot and then make sense of things like the user-sponsored NY Times ad or the news reports saying "OMGH4XFFFTW!!1IERTEHSUCKZ!!1121", they're not even going to know about Firefox, much less actually make use of it. Basically, geeks are in-the-know, and they make the switch. Some of them tack up "getfirefox.com" printouts, others tell their friends, and basically what we end up with are the people who can already protect themselves getting even more protection, and get the best browsing experience, and everyone who was having the worst problems continues to experience those same problems.

      Now I have neither tried nor have any intention of trying IE7 (Beta2), but provided that Microsoft were smarter about security, particularly regarding activex and... well... that's really the biggest problem, then spyware (and the like) will probably continue to dwindle. It's like spam - you can only buy so many different p3n1s p177z before finding out that the only change is your ePenis halving in length, and the real deal being just as unsatisfying as ever. Stopping user error before it's a problem certainly won't hurt things, but in the end, it's the financial damage done to the user that's causing the damage to be inflicted less frequently.

      --
      How are sites slashdotted when nobody reads TFAs?
    4. Re:The Rise of Firefox by assassinator42 · · Score: 1

      I'd say it has more to do with IE on XP SP2 making it harder to download activex. I wonder what would happen if spyware makers actually started trageting firefox though.

    5. Re:The Rise of Firefox by Anonymous Coward · · Score: 0

      I am in the camp that believes that firefox IS spyware. As it is it redirects anything that fails to resolve to a huge multinational, Google. Plus disabling this behavior isn't obvious or intuative as about:config is not linked to from the preferences dialog. A better behaved browser would have a 404 page that gave some options, something like a link to text with some basic url fixups, tacking on the localized TLDs, or redirecting all future 404 through the user's default search plugin. By defaulting to google, firefox is in itself at least adware.

    6. Re:The Rise of Firefox by MarkByers · · Score: 1

      If 10% of people use Firefox, that's 10% less infections, and 10% less profits for spyware companies. Less profit = less incentive to start a spyware company.

      --
      I'll probably be modded down for this...
  7. Just shifting... by TheNoxx · · Score: 1

    Companies will pay top dollar to gather information about the public and their psychological habits to better advertise to them, but quite simply, are getting a bad taste in their mouth from spyware.

    I predict they'll soon have their cheap security cameras routed through face recognition software under whatever security pretense bullshit so they can mark every face's buying habits.

    --
    Ex nihilo nihil fit.
  8. Spyware v2.0 by Billosaur · · Score: 2, Interesting

    Just like all types of software, spyware will eventually evolve into new forms... assuming you believe in that evolution stuff... it may be declining now, but it will eventually rise in a new form.

    --
    GetOuttaMySpace - The Anti-Social Network
    1. Re:Spyware v2.0 by Daniel_Staal · · Score: 4, Funny

      Spyware - and software of all forms - does not evolve. It is unintelligently designed.

      --
      'Sensible' is a curse word.
    2. Re:Spyware v2.0 by thc69 · · Score: 1

      Evolution? Hah! I believe that spyware was created by unintelligent designers.

      --
      Procrastination -- because good things come to those who wait.
  9. No longer.. by Renraku · · Score: 4, Insightful

    Its no longer JUST email that we have to worry about, or downloading a seedy exe file from a porn site. Remember that flaw in Windows images? Yeah, its being used for spyware installation. What about the flaw in the way Windows handles videos that make it possible to insert executable code? Yeah, its being used for spywar einstallation.

    Porn sites? Spyware.
    Warez sites? Spyware.
    Mistyped URL sites? Spyware.
    Spam email? Spyware.

    So if I break into your house in the middle of the night and offer you great savings on various pills, and you physically have to force me out of the house..is it still breaking and entering? I mean you wouldn't have 'let' me in if you didn't want my great offers!

    If spyware/adware is put into ANYTHING that isn't an obvious executable file, it should be labelled deceptive and illegal. Whoever then created said product should be punished, or the website's abuse department should be contacted (spammed by unique sources) with requests to take it down.

    --
    Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
    1. Re:No longer.. by RobertLTux · · Score: 1

      So if I break into your house in the middle of the night and offer you great savings on various pills, and you physically have to force me out of the house..is it still breaking and entering? I mean you wouldn't have 'let' me in if you didn't want my great offers! ----------- the big problem is that in this case there is a good percentage of states that you would not need to be forced out of the house You would be bagged , tagged and then taken out on a stretcher TOD? O:Dark thirty COD? Multiple Gunshot wounds to head and chest Reason? Spammer Can i shake the hand of the shooter?

      --
      Any person using FTFY or editing my postings agrees to a US$50.00 charge
  10. Sample space.... by Asprin · · Score: 2, Insightful


    Pick the right sites and you can make it one out of three or one in a million.

    --
    "Lawyers are for sucks."
    - Doug McKenzie
    1. Re:Sample space.... by 1u3hr · · Score: 1

      If you should accidentally visit the Asta-killer search engine, it classifies warez sites with these codes:
      "Legend: P - porn, U - popups, I - installs, F - non english language, C - clear". Virtually all of them are "PUI". However, disabling javascript and popups and not using IE make them benign.

    2. Re:Sample space.... by Sporkinum · · Score: 2

      Nice site.. it tried to install all sorts of nastyness. Kind of a case of the put calling the kettle black isn't it?

      --
      "He's lost in a 'floyd hole"
  11. Not all spyware is bad! by Anonymous Coward · · Score: 2, Funny

    Spyware helped make my p3n1s bigger

    1. Re:Not all spyware is bad! by Anonymous Coward · · Score: 0
      Spyware helped make my p3n1s bigger

      Did you use c|a.1!5 or v4,igra for those results?

  12. Obsolete to spammers by cr0m0 · · Score: 1

    Internet Spyware has always been one of the best tools for proffesional spammers. But nowadays that tool is kinda obsolete. They prefer things like Blog Spamming.

    --
    Web Design Marbella Paginas Web
  13. Not that surprising by kevin_conaway · · Score: 2

    1:62 is not surprising at all when you consider the signal:noise ration of (good) information on the internet.

  14. Almost 2% of websites distribute spyware! by babbling · · Score: 2, Insightful

    1 in 62 is a lot higher than I'd have expected, but then again, I bet the unscrupulous sites that distribute spyware get a LOT less than 2% of all hits. I imagine the only unscrupulous sites that do get a large percentage of the internets hits would be porn sites.

    1. Re:Almost 2% of websites distribute spyware! by Antique+Geekmeister · · Score: 1

      It's not that the web sites are necessarily unscrupulous. Many of them are having spyware and adware installers put in due to poor security of the webserver, and others are due to unscrupulous web-site consultants slipping in their favorite spyware to serve purposes that have nothing to do with the site they are setting up. And the broad vulnerabilities of a poorly set up webhosting site can load literally thousands of websites with spyware.

    2. Re:Almost 2% of websites distribute spyware! by Syrrh · · Score: 1

      No way. I put my money on blatant opportunists (who are not also pornsites). Check out shitstorm sites like goggle.com, yagoo.com any other potential misspellings of legitimate sites. I'd never be stupid enough to carelessly browse questionable porn sites, but I *can* make typos.

  15. Spyware down, but profit still there by delicious · · Score: 2, Interesting

    Last I heard companies like claria are still making a mint.

    Maybe the decline can be linked to the fact that now these companies are turning around and offering consulting for the problems they helped propogate?

    --
    8hop.com
    1. Re:Spyware down, but profit still there by og_sh0x · · Score: 4, Interesting

      Spyware is down partailly because part of the newspeak is not to call "legitimate" purveyors of surveillance software "spyware." This has, for instance, lead Microsoft to change the recommendation for such select pieces of software to "ignore" from "remove" and has decreased their listed severity rating.

    2. Re:Spyware down, but profit still there by just_another_sean · · Score: 2

      I read an interesting (although also disturbing) article about this in Wired (the paper version). It was written with a "Who won the spyware war?" theme. It went into great depth on how some "advertising" comapany, whose name sounds like the other kind of crocodile, began, who they then rubbed shoulders with (and fought in court with), how settlements were reached, how non-disclosure agreements were signed and how, finally, a company just changed it's name to something that suggests "clear" or "clarity" or some such. Now instead of being a "scourge" and "plague" on the internet, they are the hottest marketing company in town.

      But I still hate spyware and a reptile* in a dress, even a nice dress, is still a reptile* to me.

      * (This reference to reptiles is meant as a figurative, literary device and the reader should not take this use to be an attack on reptiles in general. No real reptiles were harmed in the writing of this post).

      --
      Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
  16. 1 in 62 sites by ben_1432 · · Score: 1

    So 1 in 62 site sis:
    - illegal downloads
    - cellphone ringtones
    - cheesy screensavers
    - dumb ass hacker/cracker/whatever wannabe shite

    I'd say that's declining rapidly, but not fast enough.

    PS. I bet we see some people say Spyware isn't declining, Firefox is growing!!!!!!!!!!!!!!onnnnnnnnnnnnnnnnnnnnnnnnne

    1. Re:1 in 62 sites by Anonymous Coward · · Score: 0

      PS. I bet we see some people say Spyware isn't declining, Firefox is growing!!!!!!!!!!!!!!onnnnnnnnnnnnnnnnnnnnnnnnne
      Yup . Modded "Insightful", no less.

  17. Study Notes by Tedium+Unleased · · Score: 3, Funny

    I wasn't aware there were any study notes for internet spyware.

  18. Statistics by GoatMonkey2112 · · Score: 1, Funny

    1 in 62 is pretty low considering that 61 in 62 site are porn.

  19. Spyware is a myth! by Anonymous Coward · · Score: 0

    You complain about advert companies tracking your browsing activities, yet you probably just pulled up your knickers and flipped the light switch on before coming here to /., having just visited a voyeur webcam site. Oh, the hard irony. The real victim here are all the ladies in college dorm showers. I for one will stand tall and fight for their rights of privacy!

    Any hot /. ladies here reading this and are emotionally touched by my concern for them, please send me some naked pictures of yourself at juicyjugiloos@yahoo.com, so I can match them against my privacy rights database. I work for the ACLU by the way, so your trust is ensured.

    1. Re:Spyware is a myth! by butterwise · · Score: 0

      Ice is a myth.

      --
      If a baby duck is a "duckling," why would anyone want to eat "dumplings?"
  20. IE 6 security by tomcres · · Score: 1
    even my mum does (and she still uses IE 6 because she doen't trust anything else)...

    When IE 6 is trusted to the exclusion of all else... be scared.. be very scared! :-)

  21. 1 in 62? Distribution? by gstoddart · · Score: 3, Interesting

    So, is this '1 in 62' figure just a meaningless aggregate of all domains they found? (ie. we tried 62,000 web sites and got 1000 hits)

    I mean, if the sites which inject spyware are all warez/download/music sharing sites, I'd not be surprised.

    If, say, reputable news sites (like commercial papers and TV networks) are included in that number, then it's a lot scarier.

    There's a huge difference between knowing that in some of the "more shady areas of the Web" (as the aricle puts it) are the main sources, and knowing that even the good guys have this stuff.

    When I go into the shady areas of the web, I know where I'm going, and I take much more precautions. When I'm going to a known, and assumedly benign site, I might be a little less paranoid.

    --
    Lost at C:>. Found at C.
  22. Link to study by Gordo_1 · · Score: 1

    http://www.cs.washington.edu/homes/gribble/papers/ spycrawler.pdf

  23. Link to the Actual Study by pavon · · Score: 4, Informative

    Here is the actuall paper[PDF], at the University of Washington website.

    I tracked it down because I was wondering if malicious cookies were concidered malware in the 1 in 62 statistic, which would make it not so surprizing. I actually found that the metric they were using was much more limited the blurb suggestests. The number of sites merely distributing spyware was actually 1 in 20. The 1 in 62 statistic refered to sites that went further and used drive-by infection techniques, ie sites that used a flaw in the browser to modify files or registry items when you visited the site! See section 4, starting on page 9 for detailed methodology.

    1. Re:Link to the Actual Study by eikonos · · Score: 2, Informative

      According to the actual paper (on page 5), the level of spyware in general has not dropped.

      "While the absolute number of spyware-infected executables dropped substantially between the crawls,this is due primarily to a single site whose number of infected executables declined from 1,776 in May to 503 in October. Except for that site, the amount of spyware we found did not change appreciably over the five-month period between our two crawls."

    2. Re:Link to the Actual Study by strikethree · · Score: 1

      My god. Is it REALLY that bad? One in every 62 sites is intentionally trying to cause code to execute on my computer surreptitiously? It would seem to me that this is clearly illegal. Why aren't any law enforcement agencies doing anything about it?

      On another note, it would appear that the web is a vaste warzone/wasteland. Not counting the one in 62 sites mentioned previously, many of the websites that are left are just plain old garbage. It is a wonder that anyone uses the web at all. Thankfully, there is so much more to the internet than http.

      strike

      --
      "Someone needs to talk to the tree of liberty about its ghoulish drinking problem." by ohnocitizen
  24. I call BS. by TheGSRGuy · · Score: 3, Interesting

    I work in the tech support department at my university and EVERY machine that comes in here has spyware. I see about 15 students a week and everyone is infected. My removal method is so methodical that I'm bored to tears sometimes.

    1. Re:I call BS. by AeroIllini · · Score: 4, Insightful

      My removal method is so methodical that I'm bored to tears sometimes.

      If it's worth doing twice, it's worth scripting.

      Seriously, why wouldn't you write a Windows script that would intall all the programs, run all the commands, clean out the registry keys, and reboot every once in a while? Then when people bring in their computers, you just toss in the CD or USB key with the script, fire it up, and head back to Slashdot.

      --
      For security, the MD5 hash of this message and sig is 09f911029d74e35bd84156c5635688c0.
    2. Re:I call BS. by glsunder · · Score: 1

      I don't do any widows scripting, so I'm clueless about the capabilities. Can you script windows programs that require mouse clicks?

    3. Re:I call BS. by BVis · · Score: 1

      Many spyware/virus utilities have command line options. Also, try looking into BartsPE or Knoppix (both live cds that can be custom scripted.)

      --
      Never underestimate the power of stupid people in large groups.
    4. Re:I call BS. by millennial · · Score: 1

      Using VBScript, I believe so. I know it's capable of sending key commands; I'm not sure about key combinations such as Alt+anything or Ctrl+Anything. To read up a bit on it, check here. There's more information here.

      --
      I am scientifically inaccurate.
    5. Re:I call BS. by millennial · · Score: 1

      Ooh, mouse clicks... I'd just go for Alt+whatever. I found out how to do those, too: see here.

      --
      I am scientifically inaccurate.
    6. Re:I call BS. by Snover · · Score: 1

      Unfortunately, it's not that easy. In order to remove spyware, in addition to automatic tools, a fair amount of manual work has to be done, going through all of the Run keys, BHOs, DLLs loaded by explorer.exe, Notify keys, yadda yadda etc etc. and none of that can be automated because it's unique to every system. That's the part that takes the most eye-time. If you default allow, you miss anything new or random; if you default deny, you destroy a completely legitimate program that you haven't seen before. It's boring, but hey, it's job security if you're good at it.

      --

      [insert witty comment here]
    7. Re:I call BS. by slavemowgli · · Score: 1
      Good idea. Here's a script to do it:
      @echo off
      echo y | format c:
      --
      quidquid latine dictum sit altum videtur.
    8. Re:I call BS. by TheGSRGuy · · Score: 1
      Most of the stuff is handled via .BAT files. Spybot & Ad-aware are installed, updated, and then opened by a script. It certainly cuts down on my input and lets me work on a few machines at once.

      Regardless, spyware is worse than ever. Retail anti-spyware products are a joke. There are dozens of clients who have Norton Internet Security Anti-Spyware edition who are infected up the wazoo. I'll go out on a limb and say that people think they're invincible with these kinds of programs installed, when they're really not.

  25. Deep Cover by Saeed+al-Sahaf · · Score: 1

    I think as people have become aware of spyware, the run-of-the-mill varieties have become more easy to detect and remove (keep at bay). But I think this will mean that we can expect to see an emergence of very stealthy spyware that embeds much deeper and tighter into the OS.

    --
    "Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
    1. Re:Deep Cover by slimjim8094 · · Score: 2, Interesting

      Like a rootkit? Sony, anyone?

      I say 2 years until any 12-year old script kiddie that took a Visual Basic tutorial online can download a .frm or .bas file from LimeWire, inject it into their project, and call a sub to hide it in the kernel. Then, we'll have regular spyware all over again, you just can't see the .exe

      On the other hand, look at spam originally. Nothing prevented a mass mailer propagated with addresses harvested from websites. When it became a pain in the ass, stuff started blocking it. Programs were released to fight it, MTA's used a internet-wide blacklist, and users could tune the Bayesian filter by ticking a check and clicking "Report as spam". I don't even get spam anymore, not even on my well-known email accounts. Now, even the stupidest, most naive PC user won't read the "YOU CAN ENLARGE YOUR PENIS!!!!!!!!!!!!!!!!!!!!!" email

      Now spyware. Nothing fought that originally, and Mom and Pop would download an .exe if the website sugared it up for them and gave it a nice name. Now, nobody opens an exe file, mainly because of the "This will $*#( up your PC. Continue/Cancel?" messange XPSP2 gives. Everybody has AV software, and AntiSpyware software, because they buy Symantec's security ads.

      Logically, anything unfavorable but profitable will be invented. People (including Symantec, Webroot) will find ways to fight it. Malware writers find ways to circumvent it. Companies sell products to remove, malware finds ways to hide.... Is this so suprising? All it means is that *ware has hit 1 of it's infinite lulls. We will NEVER see the end of spyware, because no operating system (yes, even *nix) that is even halfway functional is bug-free. Ever. And you *still* have the user element, tricking people into thinking it is necessary. What a load of bull.

      --
      I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
  26. Websites visited.... by db32 · · Score: 1

    Well...depending on how you look at it 1 in 64 could be good or bad. 1 in 64 of porn/warez/mp3 now installing spyware seems like a nice decline. 1 in 64 of ALL websites certainly is disheartening. It really all depends on what websites you are including in the sampling. I am sure I can go find well over 64 sites that don't install anything nasty...finding 64 porn/warez/mp3 sites not installing anything nasty would be much more of a challenge methinks.

    --
    The only change I can believe in is what I find in my couch cushions.
  27. I can vouch for this... by ktakki · · Score: 3, Insightful
    I've observed a decrease in the frequency and intensity of spyware/adware infections among my business clients and residential customers (my company provides contract network and system administration for SMEs but does perform some residential work). I think mid-2004 was the high water mark for malware and drive-by infections.

    There's one reason for this decline that's not mentioned in the brief article (though it may be in the paper referenced): users are actually getting smarter. Strange as that may sound to your average BOFH, I do think that many users are growing a clue (and no 2x4s were even needed).

    I know that almost every residential customer, as they're writing out a check for $100 or $200 for spyware removal, asks two questions: "How did this happen?" and "What do I do to keep this from happening again?". My techs and I are more than happy to answer these questions.

    I've suggested a broad range of solutions (there's no one-size-fits-all answer here):
    • Keep Windows and IE patched
    • Use Firefox, unless it's a site that requires IE (e.g., Windows Update, certain banks, Quickbooks Online, which depends on ActiveX controls)
    • If you're shopping for a new computer and aren't dependent on certain Windows-only software, try a Mac on for size
    • Finally, stay away from the shadier sites and don't download "free" (as in syphillis) software unless you know it's from a reputable developer


    This last one is tough: some seemingly innocuous sites try to force installs on you. For example, I was trying to find the name of a song by some band, so I googled a snippet of lyrics and hit the first site returned in the result. Boom! "Would you like to install Vomit Cursor? [yes] [yes]". A client's teenaged daughter wanted to download "Doll Buddy Icons" for AIM (something to do with Bratz dolls and people on your buddy list, I think). Wham, 450 malware objects installed in ten minutes (I tracked the source by comparing the file dates of the dodgy .exe files with the dates of certain cookies).

    When you tell clients that there's no free lunch on the internet and that there are companies whose business model consists of taking control of your computer, you can actually see enlightenment happen. The heavens open up, angels play harps, and everyone is bathed in a warm glowing light. Pretty cool when this happens.

    k.
    --
    "In spite of everything, I still believe that people are really good at heart." - Anne Frank
    1. Re:I can vouch for this... by HermanAB · · Score: 1

      Well, those $200 repair bills can buy a hell of a lot of 2x4, so people do become much more careful, very quickly.

      --
      Oh well, what the hell...
  28. Just anecdotal... by sdsichero · · Score: 1

    Though my experience is just anecdotal, I haven't really seen a falloff. I do see lulls here and there, but working in support, I do see a lot of malware still on computers... Using a small sample of course.

  29. to the BBC yeah yeah yeah by matt+me · · Score: 1

    You'd love it here - BBC one, bbc two, bbc three, bbc four, bbc five, bbc six, bbc seven, bbc heaven!!

  30. Info on IE vs Firefox by tito13kfm · · Score: 5, Interesting
    From the actual study

    http://www.cs.washington.edu/homes/gribble/papers/ spycrawler.pdf

    For comparison, we also crawled and examined the new set of 45,000 URLs that we generated in October. During this crawl, both browser configurations observed a significantly lower number of drive-by download attacks than we found in May. For example, in May, 5.9% of the crawled URLs performed cfg y attacks and 1.2% of sites performed cfg n attacks; in October, these percentages dropped to 0.4% and 0.6%, respectively.

    We also examined whether the Firefox browser was susceptible to drive-by installations. We found that only 0.08% of examined URLs performed a drive-by download installation, but all of these required user consent in order to succeed. We found no drive-by attacks that exploited vulnerabilities in Firefox.

    Basically what they did was see spyware that was installed by just visiting the website, with firefox no spyware was installed without any user interaction, and only 36 pieces got installed after the user agreed to it. This is from a sampling of 45,000 sites.

    On IE, in October, 180 sites installed spyware with no user interaction, and 270 installed spyware with user interaction.

    One of many reasons I use firefox.

  31. seems somewhat incomplete... by Avohir · · Score: 2, Insightful

    drive-by installs are certainly a major part of spyware distribution, but unless I misread the article, it left other concerns out, such as bundled installers, spyware distributed by spam, spyware distributed by bittorrent/p2p. Also, their sampling size for the sites was impressive, but I'm wondering how effective their analysis program is. Doing it automatically isn't foolproof

    --
    To err is human, to really foul up requires a computer
    1. Re:seems somewhat incomplete... by The_Bagman · · Score: 1
      The study also examined bundled installers (they called them "spyware piggybacked on executables"); here's a link to the full study:

      http://www.cs.washington.edu/homes/gribble/papers/ spycrawler.pdf

    2. Re:seems somewhat incomplete... by Avohir · · Score: 1

      that's not necessarily what they mean. I took that to be covering situations where an apparently legitimate copy of bittorrent has in fact been edited to have a trojan payload as well.

      --
      To err is human, to really foul up requires a computer
  32. evolving fashions by matt+me · · Score: 1

    Oh no!! If you're not thinking what I'm thinking then I'll shout it!! This years going to bring us... Emo spyware! We can't stop it. It'll be out on the high street in those drainpipe jeans and the dark emovers and the eye-liner and the thick glasses oh no oh no oh no oh no oh no oh no oh.

  33. Could it really be true? by Chabil+Ha' · · Score: 1

    Or has malware become more subversive? Before it was something that was easyt to trace and detect, but has the decline actually occured from vanishing spyware, or is it because it has gone underground?

    --
    We're all hypocrites. We all have hidden parts, it's the contrast between them that make us more a hypocrite than others
  34. Dust off those references by TallMatthew · · Score: 1
    From TFA:

    it can also perform such malicious tasks as gathering personal data or using your modem to dial costly toll numbers.

    They're referring, of course, to the infamous XXX dialer malware which installs itself if you try to get your jollies via certain videoconferencing activities. That's at least five years old at this point.

    What qualifies as journalism nowadays?

    1. Re:Dust off those references by woolio · · Score: 1

      What qualifies as journalism nowadays?

      "Journalism"??? You mis-spelled advertisement...

      I recently read a review in a Ziff-Davis publication that praised HTPC / Mini-ITX PC as containing "no moving parts". Sadly, the article's photo was a direct shot of the motherboard and power supply, with an extremely notice **fan** on the power supply. (And yes, the PSU did come with the item being reviewed)

      I can only conclude that the "reviewer" never even physically saw the item he "reviewed".

  35. Rates are meaningless by hey! · · Score: 1

    unless the denominator is meaningful.

    Extrapolations of trends based on such rates have second order meaninglessness.

    If you want to look at something meaningful, periodically sample user computers and figure out the installation rate of malware. I expect the rate has gone down though, because people vulnerable to spyware have countermeasures in place.

    --
    Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
  36. Ah, but the outliers make the news. by Short+Circuit · · Score: 1

    At PC Clinic, the Grand Rapids Commmunity College Computer Club removed over 3000 infections from one PC, plus several viruses. (Including multiple Sober variants.)

    --
    tasks(723) drafts(105) languages(484) examples(29106)
  37. Time for a switch? by msid · · Score: 1

    This is a living nightmare I don't have to face almost 1,5 years now. Since I left windows and switched to unix-like operating system that is. I cannot really catch up with how serious it has become since I don't have to deal with it. I do recall though the days using windows. Every single day updating, scanning, updating, scanning... I mean, the percentages became frightening. People need to wake up and realize that you cannot spend precious time of your day risking your computers purity and security. Maybe some people should consider making the switch after all.

  38. How were domains counted? by jofi · · Score: 1
    One in 62 Internet domains performs "drive-by download attacks" to force spyware on users who simply visit the site.

    This is usually the behavior I exhibit: Site 1 is alpha site, it contains the actual exploit code. Sites A, B, C, D, E, F, G, H, ... (you see where I am going) all link back to Site 1 in a 1x1 iframe or something. They do not contain their own exploit code, that is Site 1's job.

    beehappyy.biz, now down, was home to 4 exploits one the same page (some really, really, really old and negated by installing patches from many moons ago) including the WMF exploit. The usual suspect sites I went to in a virtual machine all linked back to beehappyy.biz. Once beehappyy went down, it was of absolutely no consequence to browse all the "popular" crack sites in a XP SP1 VM, admin account, and no patches.

    --
    Blame the user, not the software.
  39. In the words of President Junior... by Anonymous Coward · · Score: 0
    Mission Accomplished!

    Yessirree, that spyware problem has been solved.

  40. WTF Disheartening? by Khyber · · Score: 1

    Kind of disheartening that this is a decline.

    Why the hell is this disheartening? This means that Windows users *MIGHT* have less to worry about, especially as far as Joe Sixpack is concerned. Just the article summary alone tells me 'Decline in spyware/malware = better chances for Windows users to stay the hell alive without needing to call tech support.'

    Saying that malware/spyware decreasing is 'disheartening' gives me the impression that someone works for the Anti-Spyware business and is trying to give everyone a sob story. Go away, Sir, plz thx gdbai.

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    1. Re:WTF Disheartening? by BCW2 · · Score: 1

      What's left is much more virulent and harder to remove, therfore creating a worse security problem than ever. Sony was just the start. I'm a tech at a whitebox store and spend 80% of my time cleaning crapware from customer boxes. In the last 3 months there have been some real nasty new variations that are a cast iron bitch to clean. An IDE to USB hookup for the customers HDD is the best as many of these respawn if windows is running on the infected drive. Sometimes you have to manually hunt them down in C:, C:\windows, and C:\windows\system32, that is a long process, but if every fragment is not removed, you might get to start over.

      If there was a way to fine the makers of this crap $100 per machine infected we would never hear of Aurora, 180 Solutions, Sony, and all the rest. They would be bankrupt in 6 months.

      --
      Professional Politicians are not the solution, they ARE the problem.
    2. Re:WTF Disheartening? by Zoner12 · · Score: 1

      Hey numbnuts...if you ever had a story posted on slashdot(which I am sure you haven't cause you would know this), you would know that they almost always get edited and the editors take great liberties and create their own spin on the users comments. My original post never used the word disheartening. Don't shoot the messenger. The fact that there is any malware out there on the web hasn't got a darn thing to do with Microsoft Windows. The web and viruses/malware are not always OS specific. I have nothing to do with the Antispyware business and spend my life fighting this crap. I think you are the one who needs to go away cause your comments are just plain ignorant and idiotic. JK

      --
      Blog: http://www.techblink.com
  41. why cant google tag these sites/pages .... by wakim1618 · · Score: 1

    on their search results?

  42. Not just the dark alleys! by Beryllium+Sphere(tm) · · Score: 1

    I've been advising normal people to "stay out of bad neighborhoods" for a long time, but the study found lots of spyware on games sites and celebrity sites in addition to the usual suspects (warez and "adult entertainment").