Slashdot Mirror

← Back to Stories (view on slashdot.org)

Interview With an Adware Author

Posted by kdawson on from the warming-up-for-the-botnet-era dept.

rye writes in to recommend a Sherri Davidoff interview with Matt Knox, a talented Ruby instructor and coder, who talks about his early days designing and writing adware for Direct Revenue. (Direct Revenue was sued by Eliot Spitzer in 2006 for surreptitiously installing adware on millions of computers.) "So we've progressed now from having just a Registry key entry, to having an executable, to having a randomly-named executable, to having an executable which is shuffled around a little bit on each machine, to one that's encrypted — really more just obfuscated — to an executable that doesn't even run as an executable. It runs merely as a series of threads. ... There was one further step that we were going to take but didn't end up doing, and that is we were going to get rid of threads entirely, and just use interrupt handlers. It turns out that in Windows, you can get access to the interrupt handler pretty easily. ... It amounted to a distributed code war on a 4-10 million-node network."

3 of 453 comments (clear)

  1. Re:Sometimes we forget. by Thelasko · · Score: 4, Informative

    Im pretty sure that the majority of cops that became criminals were the hardest to catch. They know all the tricks and what other cops/detectives will be looking for.

    *COUGH*

    Allegedly

    --
    One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
  2. Re:Sometimes we forget. by MobyDisk · · Score: 5, Informative

    Talented computer repair techs can stay in business just fine. But yes, the adware/spyware boom caused an explosion in the repair field too.

  3. Re:Sometimes we forget. by symbolset · · Score: 5, Informative

    You don't "fix" a computer. You reinstall, it should only take 20 minutes tops. Of course, you should not be an idiot and not let it get that way to begin with. Regardless of your overinflated salary you are throwing away money. Dumbass.

    Look, I'm not a stranger to making an ass of myself on slashdot, but I still get to point out when other people do it. Sure, from a good image I can flash a 40GB SATA 3.0 drive in 3 minutes flat and the user is up and running. Add five minutes and I can restore today's user data from their good backup. That's not the common experience in the field because they have no good image and seldom have backups. In 20 minutes on the same drive you can install Windows if you have SP3 media. You still can't get all the updates, install the system drivers, install the accessory drivers, do a reasonable security software install and user configuration in 20 minutes. You definitely can't restore their user data, nor their critical apps. It just can't be done.

    If the typical consumer were willing to pay his tech to come out and set him up properly, and visit him and make a good image semiannually, maybe. If they bought spares, better still. But they usually won't. Usually they won't call for help until they've borked it good and don't have backups. Most people if you gave them a button that booted their computer from an "emergency backup" spare drive, would crash their main system, then the emergency backup, and then call for help.

    And some of them, oh, God I wish it were not so, utterly rely on some system running Windows 95 that hasn't been updated since because it was set up for them a decade ago and it still works and they bought into a system with no migration path.

    --
    Help stamp out iliturcy.