Slashdot Mirror

← Back to Stories (view on slashdot.org)

Study Notes Decline in Internet Spyware

Posted by ScuttleMonkey on from the big-decline-still-big-dissapointment dept.

Zoner12 writes "LiveScience magazine is running an interesting article about a new study detailing the extent and seriousness of spyware on the Internet, finding that it is still prevalent but declined significantly. The scary statistic is that 1 in 62 websites visited distributes malware. Kind of disheartening that this is a decline."

2 of 94 comments (clear)

  1. Interesting view on market self-regulations by dada21 · · Score: 5, Insightful

    Whenever we find something new, we look to how we can make our lives better with it. Some people can use this new product or service to save them time or money, and others will use this new product or service to directly make money. Look at the TV, the VCR and now the Internet.

    I truly believe that Spyware has always had a market provision for it -- to find a way to capitalize on this "new" medium. Initially spyware may have been created by the big media companies -- Prodigy, AOL, Compuserve and the rest. They never had any opportunity to really sell the informaion of their users, so most of them gave up the flagrant "violations" of user privacy. Of course ISPs likely still have ways to make money on user information, but not like they thought they would.

    Spyware was then taken over by individuals and foreign companies who might have been duped into thinking there was a profit. Most spam comes in from out of the U.S., but the value of spam has decreased majorly in the last year -- not due to laws or government regulations but through the end user finding ways to avoid even seeing spam. I think by next year spam will decrease greatly and in the next 5 years we'll have forgotten it entirely.

    Spyware is now on that last phase, as well. With firewalls and spyware-detecting software, the power of spyware is decreased majorly. As operating systems are released that are aware of spyware and the implications of being known as a spyware-enabling operating system, manufacturers will take a big step in combating spyware before the fact, rather than after the fact. Yet the spyware will be beaten down by market choices not by government action or mandates.

    By the time the law is created, it is already outdated. 10 years from now SPAM and spyware laws will still be on the books, but the market will have provided users with the proper way to fight it. As the next generation of users is accustomed to requesting information in the the way they want it, spyware companies and spammers will have to find new ways to make a profit: they won't be able to trick the next generation as easily.

    Yet along with the market ending spyware, the market also seems to be trying to find ways to destroy the previous financial structure of information -- advertising. I use Google AdSense to monetize most of my sites, but it would never truly pay the bills. If I didn't have people volunteering money, I'd have to look into new ways to pay for my time. I actually prefer not to charge for information, I'd rather get my thoughts and opinions out in the market so that I can back up my billable rate by offering people the knowledge that I spend a lot of time researching my businesses. Having to find a new way to pay for media you want (TV, music, whatever) will be the unintended consequence of our market decision to get rid of all advertising and ad-ware type of programs. It'll be interesting to see how quickly the market recovers, though, as it always does: to give the best balance between the needs of party A (the producer) and party B (the consumer).

  2. Info on IE vs Firefox by tito13kfm · · Score: 5, Interesting
    From the actual study

    http://www.cs.washington.edu/homes/gribble/papers/ spycrawler.pdf

    For comparison, we also crawled and examined the new set of 45,000 URLs that we generated in October. During this crawl, both browser configurations observed a significantly lower number of drive-by download attacks than we found in May. For example, in May, 5.9% of the crawled URLs performed cfg y attacks and 1.2% of sites performed cfg n attacks; in October, these percentages dropped to 0.4% and 0.6%, respectively.

    We also examined whether the Firefox browser was susceptible to drive-by installations. We found that only 0.08% of examined URLs performed a drive-by download installation, but all of these required user consent in order to succeed. We found no drive-by attacks that exploited vulnerabilities in Firefox.

    Basically what they did was see spyware that was installed by just visiting the website, with firefox no spyware was installed without any user interaction, and only 36 pieces got installed after the user agreed to it. This is from a sampling of 45,000 sites.

    On IE, in October, 180 sites installed spyware with no user interaction, and 270 installed spyware with user interaction.

    One of many reasons I use firefox.