Given Up to Spyware? 733
Khuffie writes "Wired has an interesting article about how some people have given up to spyware, knowing that the software they're installing virtually takes over their internet connection. What's even more ironic is that they claim it's a necessary evil for free software, when things like the Google Toolbar virtually replace Gator, and there are many spyware-free P2P programs available."
bad idea (Score:3, Insightful)
What will it take to break the back of Spyware? Spyassassin?
PCB@
Yup. (Score:2, Insightful)
My guess is that they spend about a second looking for something on the net, and grab the first listing on Download.com.
The jewels are sometimes well buried, but worth far more than the dog shit on the surface.
Beatings for these people who refuse to educate themselves - of course, when your generic XP box gets owned in 2 minutes, I guess I can't blame them.
Marketscore (Score:3, Insightful)
How does Marketscore view encrypted packets? Is it just monitoring your keystrokes? I doubt they are cracking all your traffic.
Somone get these ppl some free software! (Score:5, Insightful)
Education (Score:5, Insightful)
TCO (Score:5, Insightful)
"Free software"? (Score:2, Insightful)
Re:bad idea (Score:4, Insightful)
Ron Bennett
Re:It's called apathy (Score:5, Insightful)
Someone needs to make spyware illegal (Score:5, Insightful)
All I can say is THANK YOU KDE for kiosk mode. I now have my parents surfing with a crap free computer, dynamic DNS, auto-updates, and has been running bug free for months now. 8)
"People are dumb" (Score:5, Insightful)
I work in the IT department at my college and 99% of the problems that students have in the dorms is spyware/adware related. I've seen brand new Dell computers literally slowed down to a halt as a result of the crap that has been installed on them within a few days. Students somehow manage to get used to the unbearably slow speed at which their 2-3ghz computers run at, never associating the slowness with the plethora of file-sharing programs, toolbars, and search tools they have installed on their computer.
So yeah, I can't believe that some people actually think that spyware is a necessary evil of free software. That paints a sad picture of the current state of the Internet, IMO. I want to say "People are dumb," but that wouldn be neither fair nor valid. People are simply uneducated in these matters and do not care enough to become educated.
Valid points (Score:5, Insightful)
No wonder many prefer spyware-infested Windows box to a clean Linux system - it's more convenient that way.
The other day I installed Firefox extension SearchStatus 1.0.4 - the main features being display of PageRan and Alexa rank of pages browsed. Of course soon afterwards I realized in order for it to work the extension sends all URL I visit to Alexa.com (and Google, which is indicated in their toolbar privacy-related help pages).
This is how convenience wins over privacy (I disabled the Alexa Rank only).
I've heard from several ISPs that some customers complain when all spam is blocked - they LIKE to receive spam because they're bored or like "specials".
Re:Marketscore (Score:5, Insightful)
If they are indeed "routing all internet traffic" through them, they may be operating as your proxy for HTTP and HTTPS. When you try to make a secure connection to a site, you tell them. They make an HTTPS connection to the site, their connection is encrypted to the site. The make an HTTPS connection to you. The connection between you and them is encrypted. They see the unencrypted data. So do you.
</wild speculation>.
Re:Somone get these ppl some free software! (Score:5, Insightful)
He's actually demanding spyware, despite his constant paranoia that the boogeymen are invading his machine. The idea of good, free software is completely foreign to the majority of users (in my experience).
Demand spyware scanning in your virus scanner. (Score:5, Insightful)
There may be some question about what the user wants and doesn't want, but that doesn't excuse antivirus manufacturers from dodging the problem. If the ability to prevent spyware from installing was ubiquitous (as are virus scanners nowadays) we'd be winning the war. Nobody should have to accept this as an industry practice; things have been getting way too lax with EULAs and intrusive copy protection methods as it is, but this is over the line and we should treat the people who distribute it as we would those who distribute viruses or worms.
These people are why spyware exists (Score:5, Insightful)
Just like Nigerian scams, enlarge your penis spam, etc.
SSL, man-in-the-middle, and admin access (Score:4, Insightful)
Of course, SSL has provisions against such proxying, which it considers a man-in-the-middle attack, but after five seconds it came to me that if Marketscore's proxy installs stuff on your machine as administrator, it's probably installing Marketscore's root certificate as well.
It's only strange to the Slashdot crowd... (Score:5, Insightful)
...because we know a lot about tech, and most people don't. We don't tolerate our computers being screwed over with spyware. But - it's only because we know what it is, how bad it is, and what's at stake.
But to put it in perspective - I'm sure a professional mechanic would think I'm exactly the same kind of lunatic if he were to have a look at the brakes on my van. I know there's a problem, and I haven't made it a priority to fix it. The mechanic (bein a pro and knowing what you can and can't get away with) would probably think I was insane.
Storage? Bah! How about the REST? (Score:1, Insightful)
Effective GUI, innovativeness, simplicity, speed, interfacing with Google, and lastly space do it for me.
Such smart users! (Score:2, Insightful)
Re:Formatting.. (Score:2, Insightful)
Re:next time take a router, (Score:5, Insightful)
You shouldn't need to get another piece of hardware to protect a computer that's perfectly capable of protecting itself, running the right software.
Performing workarounds for Windows is what leads to acceptance of worms (just buy a hardware firewall) what leads to acceptance of viruses (just buy an antivirus) and what leads to acceptance of spyware (just buy an antispyware) and what leads to acceptance of systems so bogged down by combinations of the above (just reinstall every 6 months).
It's a bit like living in a really bad neighbourhood and denying it's a problem. "Oh we're OK, we live in a safe area. As long as you put bars on all your windows, don't leave the house when it's dark, put up bullet proof windows, and don't make eye contact with the neighbours you're perfectly safe"
Apart from how it's broken, it works perfectly
Funny, but pertinent (Score:3, Insightful)
Re:It's called apathy (Score:2, Insightful)
Re:It's called apathy (Score:5, Insightful)
Re:But for the Grace of Gabe... there go ye? (Score:5, Insightful)
And we ask: can your system's integrity be that easily sold?
Oh fer $*#@ sake...
Look, if you're running closed-source 3rd-party binaries you've already compromised your system integrity. Just because they're from a (currently) reputable company doesn't mean the danger is in any way less than running (say) Bonzi Buddy.
Heck, it's the same even if you're running totally Open Source software! Unless _you personally_ have gone through every
At the end of the day we live in the real world. Cliché's aside this means a level of trust _must_ exist between the end user and the software vendor. Even the most rabid OpenBSD security nuts (not that that's a bad thing) implicitly trust the OpenBSD developers in choosing to run their code.
Steam is a different issue; it has nothing to do with "system integrity". Steam is useful from two perspectives:
Re:Somone get these ppl some free software! (Score:5, Insightful)
How is Joe User supposed to know Bearshare is spyware but eMule isn't?
Software writers need some sort of certification process with a familiar big ass logo that says "Spyware Free." Sort of how TrustE works, but you know, without all the sucking.
The problem just keeps getting worse. Marketscore shoots all your traffic through their proxies. What the hell is that about? They can just sift through EVERYTHING. If their proxies are slow, then all that money spent on that fat bandwidth connection is wasted. Most trojans arent this nasty.
Re:Reep the benefits (Score:5, Insightful)
We Mac and *nix users should worry about this. The Internet has gotten much worse over the last five years. The sad thing is that users think that this is part of the normal computing experience. They believe that it is okay for strangers to steal their credit card information. They believe that it is okay for their computer to dial long distance to shady places. They believe that whenever they browse the Internet, hundreds of popups should suddenly appear on the screen, and that software magically installs itself. The worst thing is that people are now starting to distrust free software, which will further set back the deployment of free, open-source software in many places.
It is sad and rediculous to see that the maker of the most common operating system in the world has failed at general security this badly. I would have never imagined a few years ago that Windows would get this bad. It's kind of like that Lion King scene (only analogy I can remember) when Simba returns to the Pride Land after leaving there for many years, watching the destruction of the land that he grew up in. Yet lots of users are still stuck in Windows land and don't have a clue about the outside world. They have been conditioned over the years, first to accept instability (2000 and XP fixed that), and now to accept insecurity. Something needs to change on the computing scene in the next year or so.
Re:Formatting.. (Score:2, Insightful)
There is a strong possibility that the reason may actually be that the design of the system is inherently more secure. I believe this to be true of some of the Unix-likes, and that category includes MacOS.
I don't believe at all that less popularity is responsible for the relative safety of the platform.
Re:Download.Com (Score:1, Insightful)
Comment removed (Score:3, Insightful)
Re:It's called apathy (Score:5, Insightful)
Like your experience with your grandparents, when I started to explain to them what had gone wrong and what I had done to fix it, they wanted to tell me, "I don't really care." I'm sure it would be uncomfortable doing what I did to one's grandparents, but I let those people have it. I told them that they'd better start caring because the sorts of problems they were experiencing could be prevented with a little bit of due caution. Further, since I never demanded payment and actively tried to turn down compensation (since these people are friends of the family), I refuse to fall into the trap of being obligated to repair their computers when they break them. Obviously, I can't teach all of them everything there is to know about computer maintenence, but I've managed to train several of them on the use of Ad Aware and on responsible internet use.
As an aside to that, I'd like to note that sometimes the problem isn't apathy, but nor is it strictly . I suppose it's a kind of ignorance, but it takes the form of naivety. These people don't realize that the offer for free games or assisted browsing aren't benevolent offers or even just benign advertisements. They trust that whomever has caused these offers to appear on their screen is dealing with them fairly. A little bit of cynicism is valuable in this case. The first thing I've taught my users is that if they haven't asked for something to appear on their screen, don't trust it; and if they haven't specifically sought a good or service, don't accept it.
reap the benefits (Score:2, Insightful)
Looking at how people have willingly giving up their Bill of Rights rights for extra "comfort", purchasing a SUV [gladwell.com] for that extra comfort, etc. A country of fat, spoiled, ignorant fools.
It's really not surprising how it's translating to rights on the computer and web.
Re:It's called apathy (Score:4, Insightful)
The difference is that cars inherently need periodic maintenance, whether you do it yourself or pay somebody else. Computers don't inherently get slower and less usable over time, and there are relatively simple ways to protect yourself from hostile software. I don't know much about cars, but if there were a way to eliminate the need for oil changes by slightly changing my driving habits, I'd certainly investigate it.
Re:It's called apathy (Score:5, Insightful)
There is a better word for it. Sucker!. People are suckers. Suckers are there to be fleeced. My friend had a poster that said "Life is tough, it's tougher if you are stupid".
To be honest I love suckers. The world needs the suckers to click on ads, punch the monkey, don't mail in the rebate, buy the shiny objects next to the loss leaders, etc.
The rest of us can take advantage of them getting fleeced by mailing in the rebates and only buying the loss leaders.
The suckers click on ads so I get free internet content and filter the ads out.
"Its amazing the threshold for bullshit some people put up with for computers."
Life's tougher if you are stupid.
Re:It's called apathy (Score:5, Insightful)
I've seen people get infested with spyware or viruses...and rather than fix the computer they just throw it away and get a new one.
Imagine if your car was running poorly... Had a flat tire, or the alternator was going... Rather than take the car to the mechanic (or fix it yourself) you just throw the thing away and buy a new one.
Re:It's called apathy (Score:3, Insightful)
Of course it does not help that the chattering classes continually sneer at the "intellectual elite" and bash the educated every opportunity they get. These days having an "east coast education" is out of fashion but listening to Toby Keith CDs all the rage.
Re:Mac OS X? (Score:1, Insightful)
Re:Somone get these ppl some free software! (Score:3, Insightful)
Perhaps I should call my mom, and tell her either I rationalize free software, or she installs FF... Hmmmm....
Re:It's called apathy (Score:3, Insightful)
People like to buy computers.
They're fun purchases and whenever you buy one it's nicer than the last one you had. The spyware is just an excuse.
Re:Azureus doesn't.... (Score:4, Insightful)
Re:Download.Com (Score:5, Insightful)
Gator says "free", Firefox says "free". To someone without access to additional information, there's nothing to tell them apart. To people that are savvy enough to not just install ramdom crap, it probably holds back adoption.
Since people don't care... (Score:4, Insightful)
Re:It's called apathy (Score:5, Insightful)
Re:It's called apathy (Score:1, Insightful)
To be honest I love weaklings. The world needs the weaklings to serve the strong.
The rest of us can take advantage of them getting f***ed.
"Its amazing the threshold for bullshit some people put up with."
Life's tougher if you are weak.
You can supply GOOD free software to Windows users (Score:4, Insightful)
What you do is buy one of those spindles of 50 blank CD-Rs, they'll cost you, what? 50 cents a disk or less.
Download the ISO of TheOpenCD [sunsite.dk], and burn it onto some of those CD-Rs.
Hand them out to all your Windows-using friends and relatives, pointing out that it's not only Free Software, it doesn't come with any spyware.
Urge them all to duplicate the CD for all their friends and relatives, and point out that such copying is not only legal, but encouraged, as I'm sure is documented in ReadMe files on the CD.
If you don't feel you can afford the cost of the blank CD-Rs, you can ask for a donation of a dollar or two to cover the media and your time.
Re:It's called apathy (Score:2, Insightful)
Re:Somone get these ppl some free software! (Score:2, Insightful)
It takes more time to convince them that there is no catch - "a better product for no money" seems too good to be true, so therefore it must be false.
One time I spent 30 mins trying to explain to a friend how linux was "free" - "but I saw it for sale it a shop..."
"you get nothing for nothing", except for open source!
Worrying trend (Score:2, Insightful)
How about signing blank checks for them? (Score:3, Insightful)
Somewhere recently I read (maybe it was here) that fraud resulting from phishing, spyware and the like was costing the credit card companies and banks ten billion dollars a year. That's pretty serious, much more serious than allowing a marketing agency to know what websites you like to visit.
Downloading Spyware? (Score:4, Insightful)
Of course it's perfectly possible to have Free Software without intrusive advertising. Ask Linus. Ask ESR. Ask RMS. Ask Vixie. Ask any of the millions of us around the world, who use and create Free Software! I don't see spyware in my kernel, my mail transport, my compiler, or my command scheduler. I don't see adware in my HTTP server, my FTP server or any of the clients I use with them. And if anyone tried to put it there, I'd just comment it right out of the source code -- and then post the diff files on the Internet, so other people could comment it out too. If I was feeling particularly bothered, I'd actually hack it right open, and make it post lots of bogus information to their servers. I'd post that hack far and wide, too -- and make sure the spyware authors knew I wrote it, so they would have proof of what I thought of them.
Just how difficult is it to block out this spyware, anyway? Can't you just patch the source, or edit the Makefile or whatever Windows uses in place of that, so the spyware portions don't even get compiled? Or do Windows downloads work somehow totally different to Linux and BSD ones?
Re:bad idea (Score:5, Insightful)
B-E-T-A.
Google adds stuff to gmail all the time, but whining about it on Slashdot gives little result. Drop them a mail.
I did about POP and SMTP, and they served up secure POP and SMTP when enough people suggested it.
Re:For the uninitiated... (Score:2, Insightful)
A Bimodal Culture?? (Score:3, Insightful)
I was recently in a situation where a guy I know, who actually makes money doing tech services by just consistently networking with people he knows, was working on a mutual friends computer while I was in the area. Kinda hanging around, only paying minimal attention (I don't like to advertise any skill with tech matters, it makes for boring conversation and tons of stupid requests) allowed me to see this guy make some serious errors and oversights, eventually ending with me having to fix the guy's computer so we could listen to this CD a friend brought over. (Somehow he borked it good.) This experience was enlightening for a few reasons:
1) I normally assume people know how to use their computers. It isn't hard, I taught myself everything I know (including programming skills due to demand at previous employers), and wouldn't consider myself supremely educated in CS, but very literate, or versed if you will. Call it computer intuition, or just simply common sense and some experience.
2) People really don't want to know. I hadn't realized this, but explaining things to my friend in very broad detail, after this other guy made some 'obvious' mistakes, only provoked the dullest interest, no real attention what so ever.... yeah, just happily oblivious.
Basically, it is just odd how something so simple can be so flagrantly disregarded by a great majority of people, when the slightest bit research or inquiry on their part could save a ton of time and headaches. But people are just different. I, for one, and probably many of the people here, find it stimulating to do some research on an author when we have finished a book, or on the information contained in an article, or the history of some discovery. The internet and other mediums provide us with a hand-crafted Discovery Channel-style special on any given topic as we choose them. We find this stimulating and helpful in providing conversation fodder for the future. And then there are people that would rather have the Discovery Channel compose their special for them, or, worse yet, ABC or NBC educate them about the modes and methods of CSI or Law & Order.
There is definitely an increasingly bimodal culture in this country (and possibly the world) along lines similar to these, the 'Tell Mes' and the 'Findout For Ourselves' or something similar to that. It is interesting, and should have increasing effects on politics and the economy. I am interested to see what develops.
You are obviously not married (Score:3, Insightful)
At least she was willing to use Mozilla, so the problem was not as bad as it could have been, but when her WinXP laptop started crashing recently, I scanned it, and found a bunch of spyware. "WurldMedia" seemed to be the main problem.
I asked her if she would scan the laptop herself once a week or so. "But that's your job" she said. "But..." I protested. "Who do you come crying to when you pop a button off your clothes?" she replied.
So I have accepted the job as WindozeXP administrator for my wife.
You need scare tactics (Score:4, Insightful)
-ReK
Knowingly faulty brakes == Drink Driver (Score:4, Insightful)
You know there's a problem with your brakes, and you choose to ignore it?
This is *worse* than the people who have zombified PCs spewing spam, and don't care; it's on a par with drink-driving.
It wouldn't be a problem if you were the only person at risk from such dangerous behaviour. Heck, some people might suggest it was a good way of cleaning up the gene pool. Unfortunately, like the drink-driver, you aren't alone on the road.
Do us all a favour, and get your brakes fixed, or at least have the grace to wrap your van (and yourself) round a lamppost on some unused road in the middle of nowhere.
(Okay, I'm aware that this probably sounds sanctimonious- my apologies for not phrasing it better).
People like that should be shot (Score:1, Insightful)
It's like those whiny bitches in the AOL and Netzero commercials. "I don't want to take responsibility for my actions, I don't want to enable a firewall, I don't want to run a spam filter, I just want it to work, so because I'm a lazy asshat, can you just go ahead and do that for me m'kay?"
I still get CodeRed and Nimda attempts. How old is that garbage? People are uneducated. That's why they still try to hit me. Because they don't know. Or care. Or both.
Now working in IT Security, from my perspective these people are even worse. Paraphrasing the asshat student who had spyware but didn't care, "This sucks. I can't even browse the web. The IT people are more annoying than this spyware ever was." Until you work in IT, ASSHOLE, you have to understand and abide by the rules and realize why spyware/adware/viruses/etc are so god damn terrible. They are NOT good things. And it's people like you that keep garbage like that perpetually circulating on the Internet.
And to the lady who doesn't have a virus scanner because her subscription ran out, screw you too. There are free alternatives out there.
Yeah, I've installed kazaa, grokster and other p2p crap that installs spyware. First thing I do is S&D or AdAware them off my system because the programs work just fine without the spyware. Most people don't know that and most people don't care.
I have a strict policy on my network. If you are found to have any nasties on your system, access to the Internet from your machine is taken away. There's only so much you can do before people piss you off enough to take such measures. And then people call you network nazi because you're doing your job. IT (and IT Security more specifically) is a very underappreciated field.
Re:Azureus doesn't.... (Score:2, Insightful)
Re:Azureus doesn't.... (Score:3, Insightful)
Or just formatting and reinstalling behind a firewall till all the patches are in?
Re:Download.Com (Score:5, Insightful)
Being a zealot about a thing is fine, but not at the cost of being pragmatic. A computer is just a tool, and sometimes Windows works and sometimes Linux works. As simple as that.
Re:Azureus doesn't.... (Score:4, Insightful)
There may have been other ways, but the reformat is still the quickest and easiest in some cases. The people I feel real sorry for are the ones who don't even know how to reformat and end up buying another computer (yes, I have met people who have done this).
Re:Azureus doesn't.... (Score:5, Insightful)
This statement is not founded upon facts.
I work in tech support. These days spyware calls are the largest number of calls we get. Let me tell you a sampling of the problems we face:
1. Customer's system is slow, gets loads of popups and shutting it down takes ages.
2. We try starting it up in safe mode after shutting down non-essential services via msconfig. Many times, though not all, mouse and keyboard freeze and we are unable to proceed in that mode. (No I didn't stop MS services)
3. We uninstall all suspicious programs from control panel (after researching and confirming they are indeed malware). Sometimes it takes the crap out, sometimes it just comes back.
4. It is reported that (though I am not sure) that there is a symbiotic relationship between some spyware and trojans. So if you take a spyware out and the trojan is still present, the trojan pulls back the spyware the next time you go online and similarly spyware pulls back trojan if you take trojan out.
5. Some customers lose internet connectivity. Depending upon the savvy-ness of the customer, we may sit from half-an-hour to 2 hours fixing their Winsock - walking them through registry settings, deleting winsock keys, adding TCP/IP protocol, etc.
You can see that by this time, we have spent quite some time with the customer. And this assumes that everything has gone smoothly. However, in real life, what happens is:
"Sir, please click your start button and then click run."
"I can't find Start button. Oh there it is. Now what is it you wanted me to click?"
and so on...
6. Sometimes, spybot and adaware find hundreds of problems/critical objects (as they call them). You fix them. But the system is still slow. There are no popups but performance is still atrocious. What do you tell the customer now?
7. Repair install or restore *does not* fix the problem. Spyware is insidious enough to remain there.
At this point the customer gets very frustrated. He has typically spent several hours on the phone, first with his ISP and then with us spread over a period of several days sometimes.
I would never call such a person lazy!
So at this point he just wants the problem fixed. Throw the PC out the window or reformat. Clearly, reformat is much less painful than going through hours of registry cleanups, reboots, waits, frustration and lost productivity.
Morever, these people aren't stupid, they just don't know about computers. Lack of knowledge of a particular field does not equal stupidity. For example, many of our customers are doctors, economists, journalists, etc. (One was a very nice old lady trying to get her email working so she could email her grandkid serving in Iraq).
Hence it is my considered opinion that to call people stupid or lazy without having more information is incorrect.
Re:Azureus doesn't.... (Score:3, Insightful)
Re:bad idea (Score:1, Insightful)
Oh you meant B-E-T-A not beta, sorry.
Re:It's called apathy (Score:3, Insightful)
Well, that's good that you're not interested in learning about these other things, because it's a waste of time. It's better to trust other people to worry about it, like me. I'm starting a new business with some innovative products that I think you really need for your gas supply. My premier product, "GasImprove", will improve the efficiency of the natural gas usage in your house by 214%. This will save you a lot of money in your gas bills. How does it work? Don't worry about that. Trust me, it works very well. Just give me a call, and have your credit card ready. I'm offering a limited-time offer of only $999.99, so get yours while you can!
I also have a device for your car which will double your fuel efficiency. How does that work? Don't worry about it. You can trust me. It's only $499.99 if you call now!
Re:Azureus doesn't.... (Score:1, Insightful)
Re:Download.Com (Score:3, Insightful)
Have you tried Video Lan [videolan.org] it works on any OS - Even Windows [videolan.org].