Slashdot Mirror

← Back to Stories (view on slashdot.org)

The State Of Grayware On the PC

Posted by Soulskill on from the not-about-an-alienware-knockoff dept.

Checkers and Pogo writes "Grayware inhabits a murky area between pure malware and useful apps, and it's a growing problem. 38.1% of all malicious PC software falls into the grayware category, and so-called 'grayware 2.0' is targeting social-networking sites. Ars Technica's Jeremy Reimer notes, 'The "threat" of rogue applications like SuperWall wasn't immediately obvious: they seemed more like annoyances than real security risks. But as users entered more and more personal information into their Facebook accounts, it became clear that the possibilities for abuse were rampant. For example, because Facebook allows users to "tag" photos with the names of friends, it is possible for third-party apps to distribute photos that a user might only want to be seen by their inner circle of friends.'"

11 of 132 comments (clear)

  1. There is no Dana, only Zuul. by snarfies · · Score: 5, Insightful

    The article defines this "greyware" "vectors of attack." PROTIP: If the software has any sort of vector to launch any sort of attack on any machine, it is malware, pure and simple. Calling it "greyware" is a whitewash of some dark stuff.

    1. Re:There is no Dana, only Zuul. by Anonymous Coward · · Score: 1, Insightful

      You really just lumped a lot of software (quicktime, for ex) into the malware catagory.

      I would distinguish between the INTENT of delivering a vector to be abused and the later discovery of a vulnerability in an otherwise usefull utility.

      Every block of code has a vulnerability. Paint the world malware and you'll miss the INTENT, which I would argue is at LEAST as important as the exploit itself.

  2. Re:Goddamn BonziBUDDY by Anonymous Coward · · Score: 2, Insightful

    Yes, but that was ADWARE, not true SPYWARE in the sense that it didn't ACTIVELY collect data
    other than what you clicked on when it popped up ads 10 times per second.

    Super annoying to be sure, but not (quite) the threat some made it out to be.
    Although in this day and age some of the ads it would serve up could be trojans.

    Rule of thumb - college buddies don't get admin access... not to my box, bed, bathroom, or toothbrush.

  3. 5 pages by esocid · · Score: 4, Insightful

    Ok, /.ers don't RTFA anyway but I'll sum up the 5 pages. History of malware...gator....trojans et al....there will always be malware that avoids detection...in the future mobile devices are going to be targeted more than they are now. Constantly updating browsers are good...yadda yadda...don't be stupid and be skeptical.
    Tada!

    --
    Absolute power corrupts absolutely. indymedia
  4. MOD PARENT UP by dreamchaser · · Score: 5, Insightful

    Even coining the term 'greyware' is just a form of social engineering. "Oh it can't be THAT bad. I mean, it's grey, not black."

    Malware is malware. If it looks like a duck and quacks like a duck, I call it a duck. There is no such thing as 'greyware'.

    1. Re:Mod parent up by Klaus_1250 · · Score: 2, Insightful

      I think the issue is that the list is a bit too long and some names should be explained.

      I can vouch for McAffee and Norton. They both claim to be "included" for free in all kinds of packages (computers, ISP subscriptions) but in reality, they just ship you a 30-day trial version. What's worse is, that they are both overpriced, slow down your PC to such an extent it's like having a molasses filled harddrive, they're full of bugs (don't get me started), they just don't work (they're better in attracting malware than a honeypot) and deinstalling them ... (ah well, they time you had to do a clean Windows reinstall is at least over)

      --
      It only takes one man to change the Wisdom of the Crowd to Tyranny of the Masses.
    2. Re:MOD PARENT UP by jimmux · · Score: 3, Insightful

      To my knowledge, there isn't even such a thing as "blackware" or "whiteware". The latter sounds like a brand of undergarments.

      Anyway, I would stay away from grayware, if only because the American spelling makes me cringe. Greyware on the other hand...

  5. Facebook apps = bad by smithtuna33 · · Score: 2, Insightful

    Not only are some of these apps extremely annoying, including advertisements next to games and etc, its now very common for them to use incentives (eg extra levels or whatever) to get people to invite all their friends to the application. facebook's devs addressed it in a blog post but it remains a problem. the whole system looked bad from the start, so i personally reject all applications that aren't facebook related. even so, its to the point now where i'm thinking of shutting down my account.

  6. What were they thinking? by dangitman · · Score: 4, Insightful

    For example, because Facebook allows users to "tag" photos with the names of friends, it is possible for third-party apps to distribute photos that a user might only want to be seen by their inner circle of friends.'"

    Yeah, malware is bad, but if somebody thinks those photos are going stay "within their core circle of friends" when they post them on Facebook, they need their head checked. You know, people in your "circle of friends" have other friends too, that are in other circles of friends. They will surely get passed between the two groups. Even if that doesn't happen, somebody in your "circle" will have an insecure computer.

    The bottom line is that if you think you can keep your photos private when posting them online, you are deluding yourself. An idea might be to not take them in the first place if you don't want them seen by others.

    --
    ... and then they built the supercollider.
    1. Re:What were they thinking? by Harin_Teb · · Score: 2, Insightful

      The real problem is not me posting pictures of myself, so much as someone else posting pictures of ME and then tagging me. Granted I think if your doing something stupid and let someone take your picture its your own damn fault, but when you are doing something innocuous (such as drinking water from the ubiquitous red cup) and someone posts a picture of it with the tag line "OMG underage drinking is teh funne$t!!1!" and my name attached to it, THAT can have serious repercussions... which are 100% undeserved.

      and that is why I hate social networking sites.

  7. Re:Goddamn BonziBUDDY by dbIII · · Score: 2, Insightful

    That purple gorilla helped cost me a job. The user would complain about their computer being slow. I would remove the crapware and return the thing in a functional state. The user would see the gorilla was gone, get angry, load it on again and then complain that the computer was slow. This cycle repeated several times with the user getting more angry each time and when others backed me up became convinced that IT people have some sort of conspiracy to pick on users that dared to have something "fun" in the workplace. Unfortunately the user and immediate manager were also respectively slow and functionally illiterate (dyslexia was the excuse for the manager but the reality was more than that) and there was no budget for a machine capable of running the crapware in addition to the work software.