Given Up to Spyware? 733
Khuffie writes "Wired has an interesting article about how some people have given up to spyware, knowing that the software they're installing virtually takes over their internet connection. What's even more ironic is that they claim it's a necessary evil for free software, when things like the Google Toolbar virtually replace Gator, and there are many spyware-free P2P programs available."
Link is incorrect (Score:2, Informative)
For the uninitiated... (Score:5, Informative)
Adaware [lavasoftusa.com]
Oh, and Linux [linux.org].
It's called apathy (Score:5, Informative)
Re:Link is incorrect (Score:3, Informative)
Hidden vs. Visible Costs (Score:5, Informative)
The cost of the privacy lost is invisible and (apparently) non-intrusive, while the cost of the time and effort is obvious and immediately quantifiable.
Think about how many times you've heard someone say things along these lines: "Can you believe I spent 6 hours cleaning spyware off my system and had to reinstall Windows twice? Then I had to find new software with a privacy policy acceptible to me, and it took hours to download and install it all."
Compare that to how many times you've heard someone say something like: "Wow! I had spyware all over my system. It was tracking my shopping and browsing habits, reporting my computer usage stats to ad agencies, and sending my IP and passwords to a scam company in Russia!"
The cost former is obvious to even the most ignorant users, while the cost of the latter requires much more insight and knowledge.
next time take a router, (Score:4, Informative)
open ports one at a time.....
just having a 1 port router will keep most of the fresh install vulnerabilities off line to the net, and allow you to get what you need.
Re:not me atleast! (Score:3, Informative)
Re:next time take a router, (Score:5, Informative)
Comcast is a monopoly where I and many others live. Let's hope the Supremes force them to open their cable lines to competitors. The result of them forcing BellSouth to do so has resulted (finally) in my recent switch to an unlimited local and long distance provider for $45/month.
Re:For the uninitiated... (Score:5, Informative)
Now a couple of things about those programs. I do install each and most importantly Run Them For Each User account on a XP PC. Adaware I believe has a larger database/scope and catches more things. Spybot is able to get things running in memory by running first thing on reboot. One other free tool that I find very useful is this [mlin.net] control panel applet that is what msconfig should be.
There are Many things that these programs do Not catch even when updated. I ran into reaIplay.exe tonight. I had to boot into Safe Mode command line to manually delete it. A couple of weeks ago I had to delete a file from an alternate Windows file Stream. There exists this netherworld of alternate data in XP that is not accessable via any of the regular tolls.
And the last thing I do is install Firefox and tell them to Use It Damnit or I'm upping the charge to a case per 500 infections.
Re:next time take a router, (Score:3, Informative)
They don't do tech support on the routers because they don't know how you've set them up. If your router is the cause of a problem (you've blocked all outgoing traffic, asked-for or otherwise, for example), they don't want to waste the time on you. That doesn't mean they don't support routers on their network (as in, routers won't work). They do. If you know your router is fine, next time lie to them. They can't tell.
I had a similar problem where my net connection would go down at night, and come back up during the day, making it completely useless to me (I'm at work during the day). After months of dealing with this and several technician visits, one finally decided to check the connections from the street to my house. Lo and behold, there was water damage at one of the connection points. During the day when it was warm, the connection would warm up and expand enough to work. At night when it cooled down, it would contract and lose signal. A 5 minute splice job later and everything worked perfectly. That was almost a year and a half ago, and I've not had any problems since.
I take it you've never had a DSL line. The infrastructure owners are required to allow others to sell their lines, but it results in no lower prices, no better service (tech support), and in fact causes even more problems by adding layers. When I was on DSL and had a problem, I first had to call my ISP (Speakeasy, who have some shady business practices regardless of the good geek press they get), who would then have to call my CLEC (Covad) if it wasn't Speakeasy's problem, and Covad would then have to call my ILEC (Verizon) if the problem was anything other than their DSLAM in the local CO. Verizon was quick enough to come out and solve any loop issues if it really was their problem, but you could literally spend days trying to figure out what was going on and where the problem was at (you're only allowed to contact your ISP directly; Covad and Verizon wouldn't even recognize me as a customer when I tried calling them directly). I'm not saying that the local monopoly of cable is any better, but in this one case I can know where the problem is -- if it's not my equipment, then it's Comcast.
Of course, Comcast's tech support is pretty much teh suck, anyway. Their extent of knowledge doesn't go past, "Did you reboot your modem?" If that doesn't work, you have to schedule a technician visit, in 4 hour windows, during working hours (ie, if you work a normal day job, be prepared to call in sick or late while you wait for the Comcast van to show up, typically at the very end of their 4 hour window).
Spyware in Developing Countries (Score:5, Informative)
A good internet connection is 8kbs and that's when the power hasn't failed or you have petrol for your generator and the phone system delivers a dial tone.
Even so, the 8kbps costs $200 a month in a country where an OK wage for a laborer is $2 a day -- when a job can be had at all.
When time after time I see 30-50 percent of that 8kbs bandwidth wasted by spyware, it really makes me angry.
Spyware hurts entire developing countries.
Re:Demand spyware scanning in your virus scanner. (Score:5, Informative)
The newest stuff is delivered by a trojan downloader, that also installs a keylogger--or several. The browser hijackers they install do one--or several things--to send you to their fake websites so they can steal your credit card, or even your identity:
-- They take over your HOSTS file so that legitimate urls are translated into THEIR IP addresses, not the real ones.
-- They add THEIR fake banking, paypal, amazon, etc. sites to your "trusted sites" list.
-- They may even change your proxy settings to accomplish or reinforce the same thing.
If you try to clean this crap off with AdAware or Spybot S&D, the trojan downloader--which also disable your AV software and/or Spybot--will NOT detect the trojan downloader, and it will reinstall the malware faster than you can clean it.
Some of these were spread the old fashioned way-- email attachments. Others used the Windows RPC 445/tpc buffer overflow exploit, or the latest IE IFRAME exploit, or one of the 16 other exploits out there for IE alone that MS has not patched.
This shit crossed a line about six months ago from being a commercially-oriented nusiance to being outright theft, run by the same criminals that run phishing scams.
I clean up PCs as a sideline, and the trend is very ominous-- the utility of the PC as a productive tool is threatened, as is the integrity and trust of the Internet.
Thanks, Microsoft. I'd like to see the Dept. of Homeland security take your ass to court for criminal negligence.
Re:It's called apathy (Score:2, Informative)
The computer club here at penn college does a 'windows cleanup' every sunday evening, and we usually pull around 15 student computers a night. On top of this, the college pays some of us to do the same during the week (I'm not sure how many they'll pull in a week as I'm not one of them, but there's always a few lying around in there). the usual stuff-- ad-aware, spybot, firefox, thunderbird, windows update, axe messenger, uPNP and such, and most importantly, teach them how to avoid getting more of the crap.
Costs the students nothing. Well, unless you count the tuition.
May be a bit off topic, but... (Score:5, Informative)
This is one of my two favorite parts from this article:
Of course the only "supported" way is through Add/Remove Programs, and NOT through the use of Spybot, etc.
And here is the second tidbit (also from the linked article):
Fucking Asshats.
Re:For the uninitiated... (Score:4, Informative)
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
[HKEY_LOCAL_MACHINE\Software\Mi
[HKEY_LOCAL_MACHINE\Softwar
[HKEY_LOCAL_MACHINE\Sof
[HKEY_LOCAL_MACHINE
[HKEY_CURRENT_USER\Software\Microsoft\Windows\C
[HKEY_CURRENT_USER\Software\Micr
[HKEY_CURRENT_USER\Software\
[HKEY_CURRENT_USER\Softw
[HKEY_CURRENT_USER\S
Re:But for the Grace of Gabe... there go ye? (Score:3, Informative)
I personally don't mind the loss of privacy in steam because it means I don't have to worry about lost / scratched media ever again (and I ALWAYS forget to make backups). That alone is worth it to me. Plus, I hate draggin my ass out to the store to buy games.
I compromise my system integrity regularly. When I patch the un-Steamed Unreal Tournament 2004 I don't dissasemble the binaries and make sure it's really not selling my computer's soul. When I go to windowsupdate.com I'm similarly compromising my security. Steam's fine, I don't mind a certain amount of privacy loss at all. But all these actions are no comparison to spyware.
Re:Somone get these ppl some free software! (Score:1, Informative)
Re:bad idea (Score:4, Informative)
How about not allowing me to mass-delete the 151,095 messages in my Spam folder? I'm sure as hell not going to manually delete them out of Gmail 100 at a time.
How about keeping messages dating back to September in my Trash folder, and messages dating back to October in my Spam folder, despite clearly stating that "Spam messages more than 30 days old will be automatically deleted" and "Trashed messages more than 30 days old will be automatically deleted?" How about when the combined messages in Spam and Trash are using 906 MB (91%) of my Gmail storage?
There's nothing I can do to purge them, unless I want to click through more than 1,500 pages worth of spam listings, waiting for each page of 100 spams to load, hitting Select All, and selecting Permanently Delete. It's not going to happen, and there's no reason anyone should have to do that. AOL's mail interface is more intuitive than this, for god's sake.
At Yahoo Mail, I can empty the entire Bulk folder permanently with one click and the drive space is immediately credited back to me. Sure, I don't get a gig of storage there, but seeing as how I have control over what does and doesn't get stored, I don't need it. Gmail is unusable to me until there is a way to mass-delete the contents of the Spam folder all at once.
ClamAV: Open Source Antivirus Scanner (Score:3, Informative)
In the long run it stopped being a problem when the hard drive Symantec's adware was installed on dropped dead.
Nowadays there's a much better virus scanner, very simple to use. For *nix boxes, for example to integrate with your email processing, there is Clam AntiVirus [clamav.net]. It's GPLed Free Software, has a great mailing list, its virus database is updated regularly. There is an automated tool called "freshclam" that gets database updates.
I use ClamAV when I download my mbox files from my hosting service. At one point I was getting 400 MB of email a day, almost entirely viruses, and clamav was very simple to use to delete the virus-infected messages, so the combination of legitimate mail and spam was just a couple meg each day.
For scanning your hard drive under Windows, there is a GUI program called ClamWin [clamwin.com], based on the clamav engine with the same virus database, and automatic updates. It's a very simple program, with a minimalist user interface. It's very easy to use and effective.
What I can't figure out though, is how to satisfy WinXP SP2's insistence I get a virus checker. It doesn't recognize clamwin as being one. I would imagine all the virus scanner publishers had to pay microsoft for the privilege of being a recommended virus tool. Or maybe it's just that Microsoft doesn't want to admit a Free Software solution is superior to any of the proprietary ones.
Re:It's called GET THE FUCK OFF ADMINISTRATOR (Score:2, Informative)
Re:Somone get these ppl some free software! (Score:1, Informative)
But I digress. A simple google for the name of the app, and 'spyware' often gives you a good clue. If the top results are all "spyware free", like, say, Shareaza, you've got a winner. If, on the other hand, like Kazaa, it returns a page that says "Is KaZaA spyware? Executive Summary: Oh, my! YES!" as the top result, generally you've got a program to avoid.
Amazing how 10 seconds time can save you hours of frustration.
Re:bad idea (Score:2, Informative)
Spyware-coding contract gigs on job boards (Score:3, Informative)
One that I remember specifically was on guru.com, where the client was asking for a program that would set the, uh, "user's" homepage to a URL to be specified by the client, and then prevent the user from ever changing it to anything else.
You would think the job board staff would forbid such contract offers from ever getting posted, but I'm pretty sure that once someone has paid for a recruiter account at one of the boards, that he can pretty much post anything he wants without ever having to get it reviewed or approved.
Re:Azureus doesn't.... (Score:3, Informative)
Seems there were sites distributing a spy/malware version of Azureus to people (this includes download.com, shame on them). I hope people wise up.
Just look at this user comment:
"one of the worst bittorent program I ever had. yes, this program can download fast, but it's filled with so many spywares. This program will kill your computer! made my pc ran like turtle and had to reformat it."
Have any of you had this problem? Not me.
It's sad that people would do this with GPL opensource code in an attempt to spread more crap to everyone.
Re:Someone needs to make spyware illegal (Score:3, Informative)
Re:Download.Com (Score:2, Informative)
Re:Demand spyware scanning in your virus scanner. (Score:1, Informative)
I've work at a bank for the security/frauds/money laundering department as an external consultant developping applications. Actually, my job had nothing to do with money laundering/frauds per see, I was just dev. support applications for them.
After talking to them many times, and listening around, you begin to realize something: everything we hate on the net is nearly all backed (obviously or covertly) by organized crime.
Internet Casino, Trojans, Spywares/Adwares, Scams, Phishing, etc.
I don't remember how many times they linked spywares companies to organized crime while looking for money laundering, frauds, etc. Often, the spywares companies don't even know they are being used, but they are. Most of the spywares makers are backed by anonymous donors and such, or enter deals with the org. crime fronts. They receive loads of cash to develop a spyware, and just cash in the money without asking.
The scenario is usually this: some young prodigy just finished college in computer science. They are approached by someone(or another company) that is looking to invest in a company that would do spywares. The young chap, seeing the sign of profit, start a company with some friends, and makes like 200k+ the first years out of college. 21-23 years old with that much money is a dream for many people, but it has a price.
I think we need courses about IT ethics and such. With so much plague on the net, it's easy to make quick and big money without thinking about the consequences.
So, now, as an argument, tell your friends: "If you support spywares, you support terror^H^H^H^H^H^H organized crime" (although the former would work better IMHO =)
Re:bad idea (Score:3, Informative)
Re:For the uninitiated... (Score:5, Informative)
1. Run AdAware SE, updated to most recent definitions. Detect 400+ hits (my record so far).
2. Run Spybot S&D, updated to most recent definitions. Detect 100+ hits AdAware missed, and reboot.
3. Wait 30 minutes whilst Spybot scans again, and turns up a solitary bit of Gator. Go through Spybot's advanced mode settings and clear out their Run tools to dump all sorts of run-on-start crud that Compaq/Packard Bell etc. stuck on there - bloated keyboard-multimedia-button utilities et al.
4. Run HijackThis! (which isn't really an antispyware tool, just a system startup editing tool with knowledge about really obscure system startup Registry keys and IE settings) and get rid of the really obscure spyware toolbars and other run-on-startup fun that AAW and Spybot missed.
5. Go through the root, Program Files and Windows directories manually and delete the 10+ dialers and other unwanted crap that's made their way into the system, plus hosts file.
No-one ever asked for this stuff to be installed on their system (and in case you're wondering why I believe them, take a look at this [benedelman.org]). I put it down to ActiveX exploits; inevitably, the worst infected systems I see are Win9x/Me systems which haven't ever had a Windows Update run. This routine - plus installing Firefox - usually helps fix their problems, but these shouldn't have happened in the first place. I don't blame Microsoft as much as I blame the prevaling culture that it is better to make more money than it is to have ethics - thus allowing for Gator/Claria [benedelman.org], WhenU [benedelman.org], 180solutions [benedelman.org], all the fake 'anti-spyware' vendors [spywarewarrior.com] et al. It's amazing that we can allow these people to go on.
Re:Such smart users! (Score:3, Informative)
Re:Reep the benefits (Score:1, Informative)
Well maybe that is why my OS X notifies me by default whenever a program is running for the first time (even upgrades) and asks me if I really want to run it.
Secondly, if I am actually installing something it will require an admin password even if I'm logged in as admin.
These things make it more noticiable if any malware programs attempt installation and these are default security features of Jaguar (I don't even have Panther yet).
Sure I could click yes and blindly put my password in, but it's not going to do anything invisibly in the background. This is why (at least with OS X) does not have problems with spyware (and lesser market share).
But hell... If people are just going to buy a new computer everytime they have spyware they might as well just put forth the extra bucks and get a mac.
Re:Someone needs to make spyware illegal (Score:1, Informative)
Kiosk mode was added somewhere in KDE 3x , support for it has been improving, although the best way to make a REAL kiosk is to mount
Re:For the uninitiated... (Score:1, Informative)
*BUT*
Trust me, you'll need to know a lot more 'common' registry points than those listed above. Those will catch trojans that are run as normal
It also won't save you against browser hijacking.
Finally, about 1/3rd of those registry targets don't exist in the NT product line (Win2k/XP). RunServices was added to Win9x because there was no Service model to use. So, that's another place your malware may hide itself (in the *real* system Services).
No, really, get AdAware and SpyBot S&D. They'll even patch up Internet Exploder so that your browser can't be hijacked.
Re:not me atleast! (Score:2, Informative)
Second, reporting back isn't the only issue with spyware. There's also pop-up ads, which just calls IE with a URL, and redirecting internet pages, as a proxy. A hell of a lot of report back software installs as part of IE, and thus if your firewall will let IE, it will let the spyware out.
I'll admit all those are less likely under Firefox use, but nothing stops spyware from firing up a hidden IE instance to report back while you happily use Firefox.
Malware Primer (Score:3, Informative)
That, couple with the Adaware and Spybot Search and Destroy, and I've had no problems whatsoever.
P.S. And it helps if you don't visit porn sites and download wares too