Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Plot To Hijack Your Hard Drive

Posted by ryuzaki0 on from the avast-me-harties-pop-ups-rollin-in-from-the-south dept.

An anonymous reader writes Business Week Online examines the business practices of spammers and pop-up advertisers, using much-maligned Direct Revenue as an example case. The article discusses the history of the company, their rocky road through good and bad times, and what they're willing to to get your eyes on their ads." From the article: "Among Direct Revenue's alumni, pride over technical cunning mingles with regret for exasperating so many computer users. After waffling on the issue during a long interview, one former Dark Arts wizard sighs and sums up his version of the company credo with an elegiac observation by abolitionist Frederick Douglass: 'Find out just what any people will quietly submit to and you have found out the exact measure of injustice and wrong which will be imposed upon them.'"

34 of 181 comments (clear)

  1. Here's how to stop it... by gasmonso · · Score: 5, Informative

    Complain to the companies that advertise with these methods. If you see an ad for Delta airlines, write them a letter complaining. Bitching to the advertising company is useless because they don't care... they're getting paid from someone else. Now the companies advertising through them are getting paid from you... and they will listen eventually.

    Also, use a router, firewall software, Antivirus, and Firefox. Haven't any issues ever.

    http://religiousfreaks.com/
    1. Re:Here's how to stop it... by andrewman327 · · Score: 4, Informative

      Believe it or not, companies really do read their snail mail. I have gotten more for my $0.39 than I ever could have gotten through e-mail or even telephone calls. If you feel passionately about this, e-mail me. I am interested in starting a group to pressure people to stop advirtising this way.

      --
      Information wants a fueled airplane waiting at the hangar and no one gets hurt.
    2. Re:Here's how to stop it... by Anonymous Coward · · Score: 5, Funny

      If you feel passionately about this, post your mailing address. For some reason I've gotten the message that people don't value their e-mail as highly as snail mail.

      (TWAJS)

    3. Re:Here's how to stop it... by jimicus · · Score: 4, Insightful
      Also, use a router, firewall software, Antivirus, and Firefox. Haven't any issues ever.

      When having sex with a potentially infected prostitute, wear three condoms and wash your gonads in bleach afterwards.

      Alternatively, don't sleep with infected whores.

      (Mods: I am not trolling. I am pointing out the absurdity of having to use so many layers of security when an alternative OS would solve all those issues without the need for so many layers of security. It's a joke. Laugh.)
    4. Re:Here's how to stop it... by bigtreeman · · Score: 3, Insightful

      I see an issue is the operating system allows this software to be hidden
      and become unremovable. Apart from not giving root access does Linux
      have any mechanisms for users to avoid this pitfall. This type of
      addware could in the future be installed and run in user directories.
      BSD can be configured to only run applications installed in $PATH
      can Linux do similar, could Linux stop it if targeted?

      --
      Go well
  2. Who buys this stuff? by ZachPruckowski · · Score: 5, Informative

    I mean, I think the real problem is that people will buy stuff from ads that randomly pop-up on their computer. And worse, those ads are the most effective kind?? I mean, if we could get people to wise up and not purchase sketchy stuff from spam or adware, then evil companies would stop making it.

    1. Re:Who buys this stuff? by Anonymous Coward · · Score: 5, Funny

      Your post advocates a

      ( ) technical ( ) legislative (x) market-based ( ) vigilante

      approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

      ( ) Spammers can easily use it to harvest email addresses
      ( ) Mailing lists and other legitimate email uses would be affected
      ( ) No one will be able to find the guy or collect the money
      ( ) It is defenseless against brute force attacks
      ( ) It will stop spam for two weeks and then we'll be stuck with it
      ( ) Users of email will not put up with it
      ( ) Microsoft will not put up with it
      ( ) The police will not put up with it
      ( ) Requires too much cooperation from spammers
      (x) Requires immediate total cooperation from everybody at once
      ( ) Many email users cannot afford to lose business or alienate potential employers
      ( ) Spammers don't care about invalid addresses in their lists
      ( ) Anyone could anonymously destroy anyone else's career or business

      Specifically, your plan fails to account for

      ( ) Laws expressly prohibiting it
      (x) Lack of centrally controlling authority for email
      ( ) Open relays in foreign countries
      ( ) Ease of searching tiny alphanumeric address space of all email addresses
      ( ) Asshats
      ( ) Jurisdictional problems
      ( ) Unpopularity of weird new taxes
      ( ) Public reluctance to accept weird new forms of money
      ( ) Huge existing software investment in SMTP
      ( ) Susceptibility of protocols other than SMTP to attack
      ( ) Willingness of users to install OS patches received by email
      ( ) Armies of worm riddled broadband-connected Windows boxes
      ( ) Eternal arms race involved in all filtering approaches
      ( ) Extreme profitability of spam
      ( ) Joe jobs and/or identity theft
      ( ) Technically illiterate politicians
      ( ) Extreme stupidity on the part of people who do business with spammers
      ( ) Dishonesty on the part of spammers themselves
      ( ) Bandwidth costs that are unaffected by client filtering
      ( ) Outlook

      and the following philosophical objections may also apply:

      (x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
      ( ) Any scheme based on opt-out is unacceptable
      ( ) SMTP headers should not be the subject of legislation
      ( ) Blacklists suck
      ( ) Whitelists suck
      ( ) We should be able to talk about Viagra without being censored
      ( ) Countermeasures should not involve wire fraud or credit card fraud
      ( ) Countermeasures should not involve sabotage of public networks
      ( ) Countermeasures must work if phased in gradually
      ( ) Sending email should be free
      ( ) Why should we have to trust you and your servers?
      ( ) Incompatiblity with open source or open source licenses
      ( ) Feel-good measures do nothing to solve the problem
      ( ) Temporary/one-time email addresses are cumbersome
      ( ) I don't want the government reading my email
      ( ) Killing them that way is not slow and painful enough

      Furthermore, this is what I think about you:

      (x) Sorry dude, but I don't think it would work.
      ( ) This is a stupid idea, and you're a stupid person for suggesting it.
      ( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

    2. Re:Who buys this stuff? by roman_mir · · Score: 3, Funny

      The problem in this topic is the answer to Stephen Hawking's question in one of the previous topics: it is all about demographics. The more people there are on this planet, the more likely we are to have extremely smart people, who will push us to the stars, and the more likely we are to have extremely dumb people, who will buy anything from a popup ad.

      --
      You can't handle the truth.
    3. Re:Who buys this stuff? by fermion · · Score: 3, Interesting
      Which is to say that if we wish to control people, we must always push them to edge and see if they fight back. For most people, they simply do not have the suffucient level of cynism to fight against these attacks. I think it is sweet.

      It is like all these meaningful parents feeding thier kids junk, buying them junk, not knowing any better because why would the government let stuff be sold to kids if it weren't safe? All these people buying SUVs, driving them inappropriately, and then complaining that they roll over. All these people smoking in the last 40 years, and now complaining they have been taken advantage of. The first reports on the harm of smoking were published in the 19th century folks. The list goes on. We have to hassle anyone named Muhamod for out own safety. We have to get rid of all guns for our own safety. We have to allow all conversations to be monitored for our own safety. God and his appointed prophets will save us, we don't need to think.

      --
      "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
    4. Re:Who buys this stuff? by Schemat1c · · Score: 3, Interesting

      Then the obvious answer to both is that we need to work on bringing that low-end up to somewhere more reasonable. Such that a basic American education (eventually internationally) includes that sort of basic common sense.

      The government very clearly saw what happens when you have a well educated youth during the 60's. The fact that public education has been on the decline since those days is no accident.
      It is much easier to control a populace which is fat, dumb and happy. They got the first two down, now they just need to figure out the happy part and their job is complete.

      --

      "Nobody knows the age of the human race, but everybody agrees that it is old enough to know better." - Unknown
    5. Re:Who buys this stuff? by SolarCanine · · Score: 3, Funny

      now they just need to figure out the happy part and their job is complete.

      Which makes the War on Drugs so much harder to understand...

    6. Re:Who buys this stuff? by mmalove · · Score: 4, Interesting

      You don't have to buy something from the pop up ad. There exists a phenomena most marketers are aware of, that when you have several brands of a product to choose from, most people narrow their choice down to a grouping of 2-4, usually by "hunch" or "intuition", before making any drill down comparisons. It's a compromise of search breadth vs search depth. The pop up's main goal is to preprogram their brand as one of your intuitive choices - if you happen to click and purchase directly then that's an added bonus.

      As for stopping the local infection version of the pop up - write a letter to your congressman. Tell them that instead of worrying whether or not gays can be gay, or a dissident can burn a flag in protest of his governments actions, maybe they could write a quick law that makes it illegal to install software on another machine without the owner's explicit consent. Then the websites that distribute this shit will have fines to pay, sucking the profit right out of the whole scheme.

      (Oh noes, a spammer might lose his job!)

      Here's an interesting website, not sure if they read the letters sent but at least it's a start:
      http://www.congress.org/congressorg/home/

      --
      You can get 15 minutes of fame, but you can go down in history for infamy.
    7. Re:Who buys this stuff? by phantomlord · · Score: 4, Insightful

      The government very clearly saw what happens when you have a well educated youth during the 60's. The fact that public education has been on the decline since those days is no accident.

      Who do you think taught the last couple generations? Perhaps these "well educated youth" suffer from a bit of hubris and decided they knew better than everyone else so they introduced new teaching methods which they thought would be better and those methods have failed. Nah, educated people would never claim that they have a new solution then admit a failure of their own making when it doesn't work out, lets just immediately jump to a nationwide conspiracy. Who's fault is it this week, the Free Masons or the Illuminati?

      --
      Don't leave your mind so open that your brain falls out. Don't close it so much that you cut off the blood.
    8. Re:Who buys this stuff? by Chysn · · Score: 4, Insightful
      It is much easier to control a populace which is fat, dumb and happy. They got the first two down, now they just need to figure out the happy part and their job is complete.

      Fat, dumb and happy is okay; but fat, dumb and afraid works, too.

      --
      --I'm so big, my sig has its own sig.
      -- See?
  3. Re:Naive by ScottLindner · · Score: 4, Insightful

    Intelligence and virture are not the same thing.

    --
    Slashdot.. where people join together in deliberate ignorance.
  4. Even the spyware people acknowledge their evil? by jamestheprogrammer · · Score: 5, Insightful

    From the article:
    From early on, a small group of programmers at Direct Revenue focused on how to protect their employer's programs once they were lodged in a computer, current and former employees say. The team called itself Dark Arts after the term for evil magic in the Harry Potter series. One of the biggest threats Dark Arts addressed came from competing software. The presence of multiple spyware programs can so cripple a computer that no ads manage to get seen.

    In my opinion, spyware that purposely damages other software without user consent(even if the target software is spyware) is really just a virus, trojan, or something like that. Seriously, these people need to just chill out and stop screwing with everyone's PCs.

    --
    "You teach a child to read and he or her will be able to pass a literacy test." - President George W. Bush
  5. When will people learn? by andrewman327 · · Score: 4, Insightful
    TFA describes their "pride over technical cunning." I never thought about those people trying to bypass my popup or spam blocker actually being proud of their spawn.



    Also from TFA: "Spyware rakes in an estimated $2 billion a year in revenue, or about 11% of all Internet ad business, says the research firm IT-Harvest. Direct Revenue's direct customers have included such giants as Delta Air Lines (DALRQ ) and Cingular Wireless. It has sold millions of dollars of advertising passed along by Yahoo. And Direct Revenue has received venture capital from the likes of Insight Venture Partners, a respected New York investment firm."


    People need to learn to stop following links that anger them! If no one purchased goods and services from these irritants, they would lose their 11% market share and slowly go away. I subscribe to Netflix, but I would never follow one of their links from a popup.

    --
    Information wants a fueled airplane waiting at the hangar and no one gets hurt.
  6. In the end.. by mr.cbaker · · Score: 5, Interesting

    In the end, Google knows how it's done. I find I much more often induldge in either clicking on or glancing at an unobstrusive (and generally relevant) google ad than I do any annoying popup which causes me nothing other than to feel contempt for the company who pulled it on to my screen. Sneaky and dirty marketing is just distasteful, and they should know that it reflects poorly on the company and the product. I suppose it still works well on people like my grandmother, who believe they are in fact the 5000th visitor.

    1. Re:In the end.. by harlows_monkeys · · Score: 4, Insightful
      In the end, Google knows how it's done

      Google isn't above questionable behavior, though. Look at their new payment service. Basically, if you are selling something, you can put a link on your order page that lets your customer use Google to handle the payment. Sounds pretty cool, right? However, one of Google's requirements is that you have that link on every ordering page of yours, and they require that the link includes the image they supply from their server. You can't make a local copy of the image on your server. You have to reference the image on their server from your page.

      What this means is that everytime someone buys something through your site, even if they don't use Google to pay, Google gets a hit on that image. So, Google gets an accurate count of how many people visit your order page, and gets their IP addresses.

      If they correlate that with searches from the same IP address, they are getting a hell of a lot of valuable information.

  7. Windows assumptions rampant by Anonymous Coward · · Score: 4, Insightful

    I love how these articles talk about "your computer" as if everybody in the world is running Windows. They don't even mention that Mac and Linux users don't have these issues. Just a little mention that there is an alternative, is that too much to ask??

  8. 'four hours of my life back' by ic4x0r · · Score: 5, Interesting
    "You people are EVIL personified," Kevin Horton wrote around the same time. "I would like the four hours of my life back I have wasted trying to get your stupid uninvited software off my now crippled system."

    indeed! these people should be held liable for the damage done and time wasted. it's unpleasant to think that there are actually people behind obnoxious spyware, and that they think that pissing people off is the best way to get them to acknowledge the adverts and buy whatever they're selling.

  9. How to make a dent by Demon-Xanth · · Score: 3, Interesting

    Make the companies (and thier owners) liable for the cost of fixing the PCs they infect, and allow people to take these companies to court over the cost of repairing thier PCs.

    People on slashdot could hire eachother at $50/hr to fix eachother's PCs. And setup a revenue stream of about $200/week each. Even if 1% of 1% do it, with 1,000,000 PCs, that means that 100 people are sucking down a total of $20,000/week. I doubt the ad revenue from infecting 1M PCs is $1M/year.

    --
    If you think education is expensive, you should try ignorance -- Derek Bok, president of Harvard
  10. Re:Naive by bunions · · Score: 5, Funny

    As with all other things, the answer to your quandry has already been answered in a Simpsons episode.

    Critic: "How do they sleep at night?"

    McBain: "On top of a huge pile of money, with many beautiful women."

    --
    there is no need to sign your posts. this isn't usenet. your username is right there above your post. stop it.
  11. The Real Goal by Kazrael · · Score: 3, Interesting

    The real goal of this type of advertising is not necessarily to get you to buy from them. Most of us, especially the computer savvy ones, would never buy from a popup add. But the simple fact is, we've seen them. We notice them, judging by the comments on /., which means the advertisers have done their job. They are getting a company's name and/or product out and NOTICED. Cingular and Netflix could make 0$ in sales from popups, but they certainly can claim they have been viewed by more users and more times due to this type of advertising. Coke doesn't put a purchasing phone number on their TV commercials (comparable to the ability to click on a popup directly to a sales site), yet plenty would say that Coke simply having commercials increases recognition and/or sales.

    --
    Development notes at http://devscribbles.blogspot.com
  12. Google ads hold the record by Sycraft-fu · · Score: 3, Informative

    As only ads I've ever bought anything from. The reason is they are the only ads that are around when I'm thinking of something. We needed an Optura Xi camera for work. So I punched in "Optura Xi". Lo and behold there's a link to B&H on the right hand side offering it. Clicking it took me not to their front page, but to the camera itself. 5 minutes later it was a done deal.

    I'm not going to buy from random popup ads, they are never selling what I want when I want it. It's not just that Google ads are onobtrusive, they are relivant. They are what I searched for and they generally take me right to the product page.

  13. weird by kook44 · · Score: 5, Interesting

    I interviewed at Direct Revenue about 18 months ago. It's funny to hear thier version of what they do - they simply call it "contextual ad-based marketing". The whole place seemed very sketchy and unprofessional. When the sketchy manager walked me past the group he called "forensic computing" - I instantly knew I was in a spyware factory. I met with some other sweaty, twitchy geek who asked me to solve some algorithmic/data-structure type problem. He was very persistent and specific - harping on the minor details. After I got out of there, I realized he was actually tring to get ideas for a problem he was working on - not tech-ing me for the position. Told the equally shady recruiter to f-off & turned them down for another offer. Glad I did it, but I'm shocked that they are the focus of an article on BW. Surprised they're even still around...

  14. EULA's Share The Blame by BeBoxer · · Score: 4, Insightful

    I've said it before, and I'll say it again. EULA's are a big part of this problem. Specifically, the way above board software forces users to accept pointless pages of legalese. It serves no real purpose, but trains users that it's OK, and in fact expected, that they should click through some agreement whenever they want to run a new program. But while the 'legitimate' software companies don't really get any benefit from the EULA's, the spyware folks depend on them to keep themselves out of jail. These fsck'ers would all be in jail without EULA's providing them cover. And if only spyware was making users click through pages of legal mumbo jumbo, users might actually stop and take notice.

  15. Education! by Kouroth · · Score: 3, Informative

    Education is going to be the most effective way to put a stop to spam and other addware. There must be a massive campaign to teach people what spam is and how to stop it. Videos that come up when you first load a new computer should be included to explain spam and how to prevent it. Work places need to spend time explaining to employees what to avoid. Schools of all grades need to teach people about safe internet use. If the campaign was big enough it'd help a great deal, maybe even stop it all together. The problem is that people ARE clicking adds, they ARE buying junk from spam adds! If they no longer clicked adds, deleted all spam with out looking at it, I'd bet it wouldn't pay any more. Laws won't do it, attacks against spammers doesn't work. Our best way to fight it is to stop people from making it profitable. Once the money goes the adds will go too.

    --
    Thermal depolymerization - Lazy recycling.
  16. It's a little deeper than that by njdj · · Score: 3, Insightful
    Find out just what any people will quietly submit to and you have found out the exact measure of injustice and wrong which will be imposed upon them.

    The quotation is the general principle, which enables you to understand a lot of different things, some of which are more important than others. It explains, for example, why the American people are subject to the Patriot Act, DMCA, and eternal copyrights. None of these have much in common with either of the things youi mentioned.

  17. Here's how to REALLY stop it... by emil · · Score: 3, Informative

    Don't browse the internet as Administrator on Windows, ever. Don't even browse as a "power user" - create a restricted user (no install or registry change privileges).

    If you are going to browse while logged in as Administrator, right-click on your browser, select "Run as" and run it as a less-privileged user.

    In general, always run as a restricted user, and use "Run as" to elevate privilege of software that requires it (cd burning, etc.). Leave Administrator alone.

    If you have no firewall, examine the services that you have running (right-click My Computer, manage, services). Look up every running service (on google or whatnot) and make a decision to shut it down or leave it operating.

    Also, ensure that your SYSTEMROOT resides on an NTFS filesystem. If it's on FAT, none of the above will help you.

    Firefox helps, but this works better.

    1. Re:Here's how to REALLY stop it... by bunions · · Score: 4, Insightful

      that's a huge pain in the ass, as I'm sure you realize, and almost certainly overkill. Neither I or any of my friends has gotten a virus or malware for the last several years by following these 4 E-Z Steps:

      (1) Do not use IE or outlook
      (2) Do not click on shit indiscriminatly. Only run programs from places you trust.
      (3) Do not trust places like crazyivansdiscountsoftware.com.ru or hotthrobbingboobies.com.za
      (4) If you need penis enlargement or prescriptions, go to a doctor. If you need porn, go to the usenet.

      --
      there is no need to sign your posts. this isn't usenet. your username is right there above your post. stop it.
  18. Remember.... by NalosLayor · · Score: 3, Insightful

    The key thing to remember in all this is that when it comes to advertising, you aren't the customer, you're the product. Cows can't complain to the farmer that the slaughterhouse isn't sanitary.

    As someone else said, you can complain to the people who buy the ad space, but like cattle, that's likely to be just as effective. Therefore, the only thing you *can* do is fight, with alternative browsers, adware removal tools, good browsing habits, and by warning the rest of the, ahem, herd.

    If we make the product unsavory, we can run the slaughterhouses out of business!

  19. Jiu Jitsu by beeblebrox · · Score: 3, Interesting

    I hereby propose a DRCFMSS:

    Direct Revenue Customer Funds Misallocation Screen Saver

    Basically, a virtual-machine-like sandbox that runs a DR-infected IE "clicking" on ads popped up as the "user" (networked spider/p2p agent) "browses" around, comparing notes with other agents and causing view and click fees to be charged to the asshat corps that pay DR for ads.

    You can even choose to participate in specific campaigns: "Hey folks, we're 'doing' Vonage this week!".

    Then you can also compile nice tables to show the same asshats how much of their ad budget was pissed away in this fashion.

  20. Re:A linux user wants to know by crabpeople · · Score: 3, Insightful
    Ah a spyware apologist how gay.

    "But frankly I don't see the problem. I guess I have always had a soft spot for scammers. They are such nice evidence of evolution in action. If you been infected by spyware that is natures way of telling you are to stupid to breed."

    are you high? You condescending elitest asshole. News flash *EVERYONE* who is not a knowledgable computer user gets spyware. It doesnt matter where you go or what you do, all it takes is one misclick and BAM. owned. Calling people who get spyware stupid is like calling people who get sick because they went to the mall stupid. IT HAPPENS. How dare you take the side of spyware companies and spammers. You can't honestly say youve never gotten any spyware, no family members or friends have gotten spyware, and that your some kind of a master for running linux. OOO yeah your so fucking special arent you. God damn it people like you need to be punched in the face. Soft spot for scammers indicates to me that you probably are a scammer. And i hate spammers and scammers so much it boils my blood... They have no honour.

    "But even worse then the people that install this crap hoping to get something for nothing"
    Sort of like when i download a file from sourceforge?

    "Pity is that in our society it is the stupid who breed the most."
    Translation: I think im smart and thats why i dont get laid

    god damn spyware apologists...
    * awaits -1 troll* i dont care because it had to be said.

    --
    I'll just use my special getting high powers one more time...