Slashdot Mirror

← Back to Stories (view on slashdot.org)

Interview With an Adware Author

Posted by kdawson on from the warming-up-for-the-botnet-era dept.

rye writes in to recommend a Sherri Davidoff interview with Matt Knox, a talented Ruby instructor and coder, who talks about his early days designing and writing adware for Direct Revenue. (Direct Revenue was sued by Eliot Spitzer in 2006 for surreptitiously installing adware on millions of computers.) "So we've progressed now from having just a Registry key entry, to having an executable, to having a randomly-named executable, to having an executable which is shuffled around a little bit on each machine, to one that's encrypted — really more just obfuscated — to an executable that doesn't even run as an executable. It runs merely as a series of threads. ... There was one further step that we were going to take but didn't end up doing, and that is we were going to get rid of threads entirely, and just use interrupt handlers. It turns out that in Windows, you can get access to the interrupt handler pretty easily. ... It amounted to a distributed code war on a 4-10 million-node network."

13 of 453 comments (clear)

  1. Sometimes we forget. by jellomizer · · Score: 5, Insightful

    That the people who makes IT Guys lives difficult and annoying are indeed IT guys.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    1. Re:Sometimes we forget. by Anonymous Coward · · Score: 5, Insightful

      Im pretty sure that the majority of cops that became criminals were the hardest to catch. They know all the tricks and what other cops/detectives will be looking for.

    2. Re:Sometimes we forget. by fph+il+quozientatore · · Score: 5, Insightful

      [Sometimes we forget t]hat the people who makes IT Guys lives difficult and annoying are indeed IT guys.

      Or lawyers.

      --
      My first program:

      Hell Segmentation fault

    3. Re:Sometimes we forget. by snl2587 · · Score: 5, Insightful

      Difficult? Maybe, but for freelancers who collect a check every time they "fix" an infected computer (read: fiddle around for a while and ultimately end up reinstalling Windows), these crapware authors are the reason they can stay in business.

    4. Re:Sometimes we forget. by feepness · · Score: 5, Insightful

      Can we throw away the idea of a "throw away society"?

  2. I hate it when people venerate/elevate scumbags by elrous0 · · Score: 5, Insightful

    Some serial killer goes and and murders dozens of innocent people; and we reward him with veneration, books written about him, endless press coverage, etc. Scumbags don't deserve our respect, our veneration, or polite treatment.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:I hate it when people venerate/elevate scumbags by Anonymous Coward · · Score: 5, Insightful

      Damn right, dave. However, it's hard to deny that someone who writes malicious code that directly targets (ignorant) consumers may very well be treading on morally bankrupt territory.

    2. Re:I hate it when people venerate/elevate scumbags by Grishnakh · · Score: 5, Insightful

      So if I buy a door that happens to have a lock with a flaw, it's the fault of the lock maker that my stuff gets stolen? Sorry, but no, the fault lies solely on the shoulders of the thief. Windows has many problems, but all the fault for exploiting it is on the malware authors.

      I disagree.

      If you buy a door that has a lock with a flaw, and the lock maker knows about this flaw and does nothing about it and continues to sell this same flawed model for many years, making billions of dollars of profit, while people like you keep getting your stuff stolen, there's two parties at fault: 1) the thieves, obviously, since they stole the stuff, and 2) the lock maker, because they sold you something they claimed to be secure and which would protect your stuff from thieves, but which really wasn't, and they knew about it.

      When assigning blame for things like this, you have to look at the big picture. For a single instance of criminality, it's usually just the criminal's fault. But when the criminals keep using the same tricks over and over to commit their crimes, you have to look at what's enabling them. In the case of MS, they shoulder a lot of blame, because they, for decades, have put features ahead of security, even though they own the lion's share of the market and any security flaw has the most potential for damage because of that. Finally, because users have known about MS's crap and keep buying it, users also share part of the blame, for continuing to purchase MS's shoddy products, although this is mitigated partially because of MS's manipulation of the market to keep themselves in a position where it's difficult to get by without their product (for instance, because many important software products like AutoCAD only work in Windows).

  3. Chilling by bbbaldie · · Score: 5, Insightful

    I am now more convinced than ever that it is impossible to secure Windows.

    1. Re:Chilling by El+Lobo · · Score: 5, Insightful

      The same guy says in another interview in CNET that it would be pretty easy to find ways to implement the same in OSX (where they are actually experimenting) and in many Linux distros, but nobody pays a shit for that. They can get a lot of cash for pressing their brains to find exploits for hundred of millions of computers than what they would get to find exploits for some thousands in more exotic OSs. Easy like that. A so complex thing like a OS with millions of lines of code will necessarily ALWAYS have a couple of thousand possible holes, be it BeOS, MistOs, NetBSD os whatever. You only need the will (or the cash).

      --
      It's time to realise that Abble's products are the biggest abomination these days. Just say NO to the dumb iAbble way!!
  4. Sadly, no. by lucas_picador · · Score: 5, Insightful

    From the article:

    In their licensing terms, the EULA people agree to, they would say "in addition, we get to install any other software we feel like putting on." Of course, nobody reads EULAs, so a lot of people agreed to that. If they had, say, 4 million machines, which was a pretty good sized adware network, they would just go up to every other adware distributor and say "Hey! I've got 4 million machines. Do you want to pay 20 cents a machine? I'll put you on all of them." At the time there was basically no law around this. EULAs were recognized as contracts and all, so that's pretty much how distribution happened.

    Um, no. Unconscionability is a pretty ancient principle of contract law. People joke about signing away their first-born child in an unread EULA, but they understand that it's a joke: that term would never be enforced by a court, because allowing contracts of adhesion (like EULAs) signed by non-lawyers in casual circumstances to extract those kinds of concessions from the parties would result in the complete breakdown of society.

    So when this guy (and his bosses) talk about how there was "no law around this", they're not fooling anyone, least of all themselves. If I buy a bus ticket and on the back there's some fine print stating that by riding the bus I've agreed to let the driver break into my house and take anything he wants, guess where the bus driver ends up if he tried to exercise his contractual "rights"? In prison. Which is where this guy belongs.

  5. there are comments here threatening violence by circletimessquare · · Score: 5, Insightful

    so let's educate some of you:

    we capture someone like frank abagnale, and we go all sharia law on him, as a lot of you propose, and leave him as a bloody stump

    then what?

    well, there are other frank abagnales out there. how do we detect them and capture them? well, the frank abagnale you just beat to a pulp: he would have made a good tool to do that, ya think?

    luckily, in real life, this is exactly what the feds and the banks did. in real life, you capture and use highly intelligent crooks to... drum roll please... capture more highly intelligent crooks. get it?

    law enforcement is hard grinding work, it doesn't happen like "death wish" or "dirty harry". i know in some of your justice league of america fantasy lives, delivering justice with a fist and a gun is the way to go. but we'd like to talk about reality, ok?

    so to review:

    1. we can have justice your way, and beat adware authors to a pulp, or
    2. we can have smart justice, and listen carefully to mr. adware author's words, and use those words to catch more adware authors

    get it? see the difference? do you want to pursue justice? or do you want to beat people up?

    these are mutually exclusive activities, despite your dimwitted fantasy lives

    now go crawl back under your rocks mouth breathers. nobody who is actually going to catch and punish cybercriminals in this world is going to think like you do

    even the most vile amoral serial killer is useful to keep alive and listen to. simply for matters of brain analysis and psychological study. or, we could put a bullet in his head, scrambling the abnormal brains, and having nothing useful to catch more vile amoral serial killers

    dumb violent justice leaves a dumb violent society that knows nothing about the smart and truly vicious criminals in their midst

    smart justice is about studying smart criminals, and using them against each other

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
  6. or the cops still on the force... by SuperBanana · · Score: 5, Insightful

    Im pretty sure that the majority of cops that became criminals were the hardest to catch. They know all the tricks and what other cops/detectives will be looking for.

    What about those that use color of law? It's not terribly surprising that the FBI only receives about 200 complaints of color-of-law, and doesn't investigate, much less prosecute, a single one.

    Simply being a police officer offers enormous immunity from the general public accusing you of crimes, and further means that most of your fellow officers won't "rat" on you (instead of being disgusted at your behavior and bringing disrepute to the supposed "profession.")

    --
    Please help metamoderate.