The State Of Grayware On the PC

Checkers and Pogo writes "Grayware inhabits a murky area between pure malware and useful apps, and it's a growing problem. 38.1% of all malicious PC software falls into the grayware category, and so-called 'grayware 2.0' is targeting social-networking sites. Ars Technica's Jeremy Reimer notes, 'The "threat" of rogue applications like SuperWall wasn't immediately obvious: they seemed more like annoyances than real security risks. But as users entered more and more personal information into their Facebook accounts, it became clear that the possibilities for abuse were rampant. For example, because Facebook allows users to "tag" photos with the names of friends, it is possible for third-party apps to distribute photos that a user might only want to be seen by their inner circle of friends.'"

Goddamn BonziBUDDY

[eldavojohn]

Yeah, WinAmp was bad. But I'll never forget the day in college when my roommate downloaded and installed BonziBUDDY on my computer!

That goddamn ad injecting mal-ware sporting purple gorilla that was based on the dead soul of Clippy can rot in hell for eternity!

There's "free" as in gratis and libre and then there's a third kind of "free" as in wake-up-in-a-bathtub-packed-with-ice-minus-one-kidney free.

Re:Goddamn BonziBUDDY

Yes, but that was ADWARE, not true SPYWARE in the sense that it didn't ACTIVELY collect data
other than what you clicked on when it popped up ads 10 times per second.

Super annoying to be sure, but not (quite) the threat some made it out to be.
Although in this day and age some of the ads it would serve up could be trojans.

Rule of thumb - college buddies don't get admin access... not to my box, bed, bathroom, or toothbrush.

Re:Goddamn BonziBUDDY

[Sciros]

NOOOO stop bringing up BONZI BUDDY! What we thought would be an amusing evening of getting a purple gorilla to say things like "punch me in the testicles" and various "yo momma" jokes turned into a nightmare that can only be compared to when all the people in the beginning of Ghost Ship get cut in half by a cable and it looks really fake and lame but still gross. Only intead of a ship it was my computer, and instead of a cable, it was Bonzi. After much kung fu, I banished him from our dorm room, but he still haunts me in my dreams.

Re:Goddamn BonziBUDDY

[esocid]

Gator was a piece of shit too. I can recall stumbling upon that wondering how it got there and why and then taking the time to find out how to remove it completely. Awful.
In terms of facebook, which I'm contemplating removing all my pictures/info from and "deleting" my account, I remember going to kongregate, a flash game site, and discovering that it had some sneaky little trick of noticing I had a cookie from facebook and it sent some shit to my account. I quickly rectified that by changing all my privacy settings, since I rarely ever use it I hadn't noticed the updates to it.

Re:Goddamn BonziBUDDY

[AioKits]

Arrgh, Gator... Don't get me started. One place I worked (not gonna name it, could get in trouble), all the secretaries had that damned thing on their systems cause of the cute kitten cursors they offered. We'd have to take the machine and most the times just restage it to clean it and hand it back. A few days later, gator was back. They wanted their cute kitten cursors. Eventually the net admin for that facility just blocked the gator site outright. He was forced to unblock it when a score of unhappy secretaries descended upon administration wanting their 'harmless kitty icons'. "But they're kittens! Who doesn't love kittens?!" *sigh*

Re:Goddamn BonziBUDDY

[sm62704]

Yeah, WinAmp was bad

Ok buddy thanks a lot. Winamp is my second favorite media player (XMMS is my favorite). You made me RTFA.

In the heady days of the dot com boom, many software companies were happy enough to give out free software and trust that the money would somehow arrive later, magically (some, like the authors of WinAmp, would live to see this happen when their company was bought by America Online). Other companies released trial or demo copies of their software which could be unlocked for a fee.

That was the only place in TFA the word "winamp" appeared.

So what was/is so bad about winamp? Yeah XMMS is better but afaik it won't run in Windows.

Re:Goddamn BonziBUDDY

[crispin_bollocks]

My daughter, then 13, was a big fan of the purple gorilla, and had so many damn toolbars there was hardly any room for content in the browser. And let's not forget Gator!! "Dad, just click 'Allow' - that's what I do, it's quicker."

Re:Goddamn BonziBUDDY

[nexex]

Like this?

Re:Goddamn BonziBUDDY

[vimh42]

Wow, you just coined a great new term. 'Free as in kidney.' I must go use this wonderful gem.

Re:Goddamn BonziBUDDY

[dbIII]

That purple gorilla helped cost me a job. The user would complain about their computer being slow. I would remove the crapware and return the thing in a functional state. The user would see the gorilla was gone, get angry, load it on again and then complain that the computer was slow. This cycle repeated several times with the user getting more angry each time and when others backed me up became convinced that IT people have some sort of conspiracy to pick on users that dared to have something "fun" in the workplace. Unfortunately the user and immediate manager were also respectively slow and functionally illiterate (dyslexia was the excuse for the manager but the reality was more than that) and there was no budget for a machine capable of running the crapware in addition to the work software.

For the uninformed

[Ethanol-fueled]

These are the most popular examples of Grayware - avoid whenever possible:
-Norton anything
-Mcaffee anything
-Microsoft anything
-Myspace anything
-Facebook anything
-Sony anything
-iTunes
-"Quick"time
-Realplayer

Also:
-Never click on the duck
-Never click on the monkey
-Never click on the blinkenlights
-Never click on "yes" or "I agree" -If you still manage to get a popup, consult your country's extrortion laws

You've been warned.

There is no Dana, only Zuul.

[snarfies]

The article defines this "greyware" "vectors of attack." PROTIP: If the software has any sort of vector to launch any sort of attack on any machine, it is malware, pure and simple. Calling it "greyware" is a whitewash of some dark stuff.

5 pages

[esocid]

Ok, /.ers don't RTFA anyway but I'll sum up the 5 pages. History of malware...gator....trojans et al....there will always be malware that avoids detection...in the future mobile devices are going to be targeted more than they are now. Constantly updating browsers are good...yadda yadda...don't be stupid and be skeptical.
Tada!

Re:5 pages

[mikkl666]

don't be stupid and be skeptical Or, to be more precise, don't be a dick.

Re:5 pages

[PitaBred]

A virus isn't really in the same class as this malware. They're calling it "greyware" because it doesn't try to fuck up your PC, it adds "services" which are dodgy and expose you to all kinds of interesting privacy and security exploitation. The first viruses were almost purely destructive or annoying, there were no "ulterior motives" like there is with this malware that DID start with the Internet getting popular.

OH MY GOD !!

[OrangeTide]

For example, because Facebook allows users to "tag" photos with the names of friends, it is possible for third-party apps to distribute photos that a user might only want to be seen by their inner circle of friends.

I can't even conceive of a threat to national security larger than this!

Re:OH MY GOD !!

[spun]

I know! I mean, it's not like Nazi/Adult Baby BDSM parties are actually illegal. What do I care if my personal pictures of myself dressed as Hitler in diaper getting spanked by a fat cross dressing Eva Braun get distributed over the web? Sheesh, some people are SO whiney!

Re:OH MY GOD !!

[QuantumRiff]

Stop posting on slashdot, and go back to running your campaign for election please!

Re:OH MY GOD !!

[owlnation]

I know! I mean, it's not like Nazi/Adult Baby BDSM parties are actually illegal.

Well, Nazi things actually are illegal in a number of countries - Germany for example. I'd think there was a good possibility if you were a visitor to Germany, and the authorities knew you liked wearing nazi things, you'd at lest be detained for interrogation. Also, BDSM stuff is technically illegal in the UK (but then almost everything is illegal in the UK -- unless its the Brown (shirt) Government breaking the law, then it's perfectly ok)

Re:OH MY GOD !!

[RichardX]

>It's about damn time we made a law about people mentioning Godwin's Law.

And it shall be named... Hitler's Law.
Infinite recursion for great justice!

MOD PARENT UP

[dreamchaser]

Even coining the term 'greyware' is just a form of social engineering. "Oh it can't be THAT bad. I mean, it's grey, not black."

Malware is malware. If it looks like a duck and quacks like a duck, I call it a duck. There is no such thing as 'greyware'.

Re:MOD PARENT UP

Well, I was originally gonna post something about DRM being grayware, since there's an arguably useful thing (media) with something else harmful (DRM) piggybacking on it. But if grayware is a sham term, then I guess that just means that DRM really is malware.

Suck it, Sony!

Re:Mod parent up

[Klaus_1250]

I think the issue is that the list is a bit too long and some names should be explained.

I can vouch for McAffee and Norton. They both claim to be "included" for free in all kinds of packages (computers, ISP subscriptions) but in reality, they just ship you a 30-day trial version. What's worse is, that they are both overpriced, slow down your PC to such an extent it's like having a molasses filled harddrive, they're full of bugs (don't get me started), they just don't work (they're better in attracting malware than a honeypot) and deinstalling them ... (ah well, they time you had to do a clean Windows reinstall is at least over)

Re:Mod parent up

[OMNIpotusCOM]

That's simple, he was modded down because he spoke ill of Apple (iTunes). He may as well have called Ron Paul malware, said an "in soviet russia", or said that Microsoft had a good idea, because the same thing would have happened. I like to get those all out of the way in the same post when I know I have to violate a Slashdot bi-law.

Re:MOD PARENT UP

[jimmux]

To my knowledge, there isn't even such a thing as "blackware" or "whiteware". The latter sounds like a brand of undergarments.

Anyway, I would stay away from grayware, if only because the American spelling makes me cringe. Greyware on the other hand...

Shades of Gray

[suck_burners_rice]

If we're going to start using the term "grayware" to describe software that falls somewhere between a useful application and a piece of malware, then we need to start using the term "blackware" to refer to malware, and "whiteware" to refer to useful software. By the same token, some software could be "light gray ware," other could be "dark gray ware," et cetera. Whiteware that contains exploitable bugs should be termed "off-white ware" and security software which would otherwise be termed whiteware but could be used by a malcontent for evil purposes should be termed "whiteware with black polka dots." We could further extend this concept to include whiteware that could be dangerous if misused, such as software that controls a nuclear rocket; such software would be termed "redware." Software that helps the environment would be called "greenware." Now all we need is something for "blueware" and we can use the entire color space to describe a computer program.

Re:Shades of Gray

You forgot BROWNWARE, software that is pure shit.

Re:Shades of Gray

[RobertB-DC]

If we're going to start using the term "grayware" to describe software that falls somewhere between a useful application and a piece of malware, then we need to start using the term "blackware" to refer to malware, and "whiteware" to refer to useful software [...] We could further extend this concept to include whiteware that could be dangerous if misused, such as software that controls a nuclear rocket; such software would be termed "redware." Software that helps the environment would be called "greenware." Now all we need is something for "blueware" and we can use the entire color space to describe a computer program.

Don't be silly. This is a highly technical forum.

You have to include hex codes.

blackware = 0x000000
grayware = 0x808080
light gray ware = 0xC0C0C0
off-white ware = 0xE0E0E0
whiteware w/black polka dots = 0xFFFFFF + (0x000000 * $chance_of_exploit)
whiteware = 0xFFFFFF

redware = 0xFF0000
greenware = 0x00FF00
blueware = 0x0000FF

And of course:

tupperware = Varies by kitchen
underware = 0xyoudontwannaknow

"Greyware"? So let me get this straight . . .

[mmell]

If I rob a bank, I'm a felon.

If I'm hired to analyze security for a bank and use the knowledge I acquired during my analysis to rob the bank, I'm only guilty of a misdemeanor?

Re:"Greyware"? So let me get this straight . . .

[morgan_greywolf]

If I'm hired to analyze security for a bank and use the knowledge I acquired during my analysis to rob the bank, I'm only guilty of a misdemeanor?

That depends. Was she over or under 18?

Re:"Greyware"? So let me get this straight . . .

[geekoid]

Guilty? you weren't very good, were you?

Facebook apps = bad

[smithtuna33]

Not only are some of these apps extremely annoying, including advertisements next to games and etc, its now very common for them to use incentives (eg extra levels or whatever) to get people to invite all their friends to the application. facebook's devs addressed it in a blog post but it remains a problem. the whole system looked bad from the start, so i personally reject all applications that aren't facebook related. even so, its to the point now where i'm thinking of shutting down my account.

What were they thinking?

[dangitman]

For example, because Facebook allows users to "tag" photos with the names of friends, it is possible for third-party apps to distribute photos that a user might only want to be seen by their inner circle of friends.'"

Yeah, malware is bad, but if somebody thinks those photos are going stay "within their core circle of friends" when they post them on Facebook, they need their head checked. You know, people in your "circle of friends" have other friends too, that are in other circles of friends. They will surely get passed between the two groups. Even if that doesn't happen, somebody in your "circle" will have an insecure computer.

The bottom line is that if you think you can keep your photos private when posting them online, you are deluding yourself. An idea might be to not take them in the first place if you don't want them seen by others.

Re:What were they thinking?

[Don_dumb]

I am not sure that is entirely fair. Facebook specifically gives the option for each photo album as to whether you friends, your friends friends, or the whole world has access to your pictures on Facebook.

Your friends could of course download your pictures and then post to other people them themselves but that makes Facebook no less secure than emailing your photos out. The difference is on Facebook people don't go around recieving and forwarding the photos on, they just look at the albums, so I think that photos get passed between groups of friends less often than if they are distributed, of course it can happen quite easily and probably does. If your friends can see them in softcopy you have given up sole control over them. Nobody would transmit sensitive photos to their friends (they wouldn't want them to see them anymore than anyone else) and I don't think anyone I know would be stupid enough to upload those photos to Facebook either. I don't use Facebook's applications (like Superwall) but it is a great way to share photos that involve them (such as parties etc), I don't think it is unreasonable to ask that the applications my friends use respect my privacy choices on Facebook if Facebook itself respects them (I am not convinced that it does however).

The bottom line is that if you don't want others to see your photos, you probably don't want your friends to see them either.

The real bottom line is i keep getting distracted and I'm not sure what I am trying to say really.

Re:What were they thinking?

[Harin_Teb]

The real problem is not me posting pictures of myself, so much as someone else posting pictures of ME and then tagging me. Granted I think if your doing something stupid and let someone take your picture its your own damn fault, but when you are doing something innocuous (such as drinking water from the ubiquitous red cup) and someone posts a picture of it with the tag line "OMG underage drinking is teh funne$t!!1!" and my name attached to it, THAT can have serious repercussions... which are 100% undeserved.

and that is why I hate social networking sites.

You forgot:

[crhylove]

There's a few you forgot.

-All versions of Winamp after 2.81
-Adobe Acrobat
-AOL
-java
-99% of all "security" software (not just limited to Norton and Mcaffee, but those are the worst/most common!
-I'm sure I'm forgetting some more huge ones!

Also:
If you really want a very clean system, I suggest using Portable Apps (google it). Tons of great FOSS programs that will not touch the registry or do anything but run and only run when they are opened:

Pidgin
GIMP
Firefox 3 (Beta 5)
Open Office
Audacity
Sudoku
Texas Hold'em (Online and Free!)
UltraVNC
Infrarecorder (nearly as good as Nero now!)
Clamwin
Filezilla
Bonkenc
Virtualdub

Other than those programs, there are a few proprietary softwares that I must have, and there is sadly no open source alternative:

Winamp 2.81
uTorrent 1.5 (later versions are spyware)
Virtualbox
Urban Terror (though it is ioquake3, so I ALMOST trust it all the way (wish it was portable!)!
Joost
Cool Edit Pro 2.1
Sibelius
Dream Aquarium
Skype

And then there are a couple FOSS apps that I can't get portable versions of:
Mupen++
Zsnes

Using that list of software I can pretty much do ANYTHING on this machine, and I haven't had any spyware, malware, virii, or slowdowns at all.

Feel free to add whatever I forgot!!!