Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security Operating Systems Privacy Software Windows IT

Every 5th Call At Dell Is Spyware-Related 559

prostoalex writes "Financial Express quotes a Dell executive saying that spyware is installed on roughly 90% computers out there. Right now 20% of all Dell phone support calls are spyware-related. University of Washington research this March published a moderate estimate of 5.1% PCs running spyware."
This discussion has been archived. No new comments can be posted.

Every 5th Call At Dell Is Spyware-Related

Comments Filter:
  • Okay (Score:5, Funny)

    by Anonymous Coward on Sunday October 17, 2004 @05:42PM (#10552480)
    I think it's probably somewhere in between 5% and 90%...
  • Comment removed (Score:4, Insightful)

    by account_deleted ( 4530225 ) on Sunday October 17, 2004 @05:43PM (#10552481)
    Comment removed based on user account deletion
    • by account_deleted ( 4530225 ) on Sunday October 17, 2004 @05:49PM (#10552524)
      Comment removed based on user account deletion
      • Re:Well 10%.... (Score:5, Informative)

        by GoRK ( 10018 ) on Sunday October 17, 2004 @06:08PM (#10552661) Homepage Journal
        Well as for Mac's -- I don't know if it's part of the culture of the things or what, but there are TONS of mac appps out there that "phone home" to an extent that is generally not tolerated in PC software. A lot of apps even spew network traffic when they start/while they are running to enforce licensing between machines on the LAN. Rather than protest the vendors' applications, though, the community responds as it typically does -- with a ~$10 app named "Little Snitch" that catches this activity. I have never tested it either, but I kind of wonder whether or not "Little Snitch" phones home also...
        • Re:Well 10%.... (Score:5, Informative)

          by halowolf ( 692775 ) on Sunday October 17, 2004 @08:03PM (#10553193)
          I use my firewall as a snitch. Not only do plenty of apps phone home but so many of them that do still work perfectly well despite being blockaded from the internet. I do however get quite annoyed by applications that you configure to not use the internet that then still go ahead and try to access the internet.
          • Re:Well 10%.... (Score:3, Insightful)

            by dasunt ( 249686 )

            I use my firewall as a snitch. Not only do plenty of apps phone home but so many of them that do still work perfectly well despite being blockaded from the internet. I do however get quite annoyed by applications that you configure to not use the internet that then still go ahead and try to access the internet.

            App: Time to phone scumsuckingspywhere.com at port 12231

            Firewall: Sorry, I can't let you do that. *writes log message*

            App: How about phoning scumsuckingspywhere.com at port 80?

            Firew

            • Re:Well 10%.... (Score:3, Informative)

              by halowolf ( 692775 )
              Actually it goes something like this:

              App: How about phoning scumsuckingspywhere.com at port 80?

              Firewall: Sorry, I can't let you do that. *writes log message*

              Me: *Viewing logs* Ah, another spywhere program blocked!

              While there are global settings blocking common ports, network access must also assigned to individual programs before they are allowed to access the network, otherwise they are blocked! Plus there are port controls on the individual programs themselves should I so wish it, and wish it I
              • Re:Well 10%.... (Score:3, Interesting)

                by dasunt ( 249686 )

                While there are global settings blocking common ports, network access must also assigned to individual programs before they are allowed to access the network, otherwise they are blocked! Plus there are port controls on the individual programs themselves should I so wish it, and wish it I do.

                Nitpick:

                If it is a software firewall on the same machine, there are ways to circumvent it. I don't know of any spywhere that does so at this moment, but that doesn't mean it will stay that way. What happens whe

            • Re:Well 10%.... (Score:4, Informative)

              by Bios_Hakr ( 68586 ) <xptical@[ ]il.com ['gma' in gap]> on Monday October 18, 2004 @03:41AM (#10554720)
              Most, if not all, of the Win32 firewalls block based on the program name and location. If coolapp.exe tries to access the internet, it can't. It can try all the ports it wants; it won't get through.

              Some of the better ones even recognise \myapp\iexplorer.exe as being different than \yourapp\iexplorer.exe. Even if someone tried to write an app named the same as one allowed to access the internet, they still couldn't get through.

              I am worried, however, about an app using system calls to route itself through explorer.exe without actually launching it.
    • Re:Well 10%.... (Score:5, Insightful)

      by JPriest ( 547211 ) on Sunday October 17, 2004 @05:51PM (#10552539) Homepage
      And 20% of them may be calling Dell for help, another 20% or 30% calls their ISP instead.
    • by Frater 219 ( 1455 ) on Sunday October 17, 2004 @07:45PM (#10553102) Journal
      This just goes to show what security folks who have to deal with ordinary, average users have been saying for quite some time now: spyware is the #1 security problem for the ordinary Windows user today. Break-ins, worms, and viruses are all nasty problems indeed, but they do not cause the level of sheer aggravation and suffering that spyware does.

      A worm outbreak today is an acute disorder -- the bulk of the damage is done in one day, even a handful of hours or minutes. Even though recovering a business or department from it can take longer, the outbreak itself burns through the vulnerable population pretty quickly, and starves itself. Spyware, because it's rooted in long-standing bad security practices both by Microsoft and by Windows users, is a chronic disorder -- it doesn't just shut you down for a day or so; it degrades your online life over a long, nasty time.

      To extend the analogy perhaps too far: A flash worm is like Ebola: it kills its victims quickly and messily and leaves a disgusting corpse. Everyone knows when it's in town because of the gory sacks of flesh lying around the streets. Spyware is like cirrhosis of the liver. It comes from doing something bad over a long period of time. It doesn't spread to others materially, though long-term excessive drinking (which causes it) can "spread" memetically in a population, as do bad Windows security practices. And, eventually, it causes the affected organ to be overwhelmed and just shut down.

      The spyware situation today is one created by a nexus of influences:

      • Bad security design in Microsoft Windows,
      • Absent security education for the ordinary user,
      • The unethical business practice of contract date-rape, and
      • Negligent refusal on the part of law enforcement to respond to electronic trespass offenses in other media, such as e-mail spam.

      The first two are well-known and I will not address them further. The latter are not.

      What I call contract date-rape is the evil represented by so-called "end-user license agreements" and other documents which purport to represent agreements between software publishers and computer owners. The unethical business practice of software publishers is as follows: The computer owner buys a piece of software and installs it, only to find that it is designed so that it cannot be run without "accepting" an "agreement" which waives the owner's rights -- such as resale rights, rights to a refund for defective merchandise, or even free-speech rights. Then, when the software does something harmful and the owner seeks recourse, he is told that he "consented" to whatever harm was done, simply by the act of using what he purchased.

      It is contract date-rape which puts the lie to that old FUD about open-source software: "But whom do you sue when it breaks and doesn't get fixed?" The owner of a computer using proprietary software under a Microsoft-style EULA does not have any enforceable rights against the publisher. Windows does break in many ways that Microsoft doesn't fix, but nobody is suing Microsoft for it. Why? Whether the EULA is in fact legally binding or not, both Microsoft and computer owners regard it as leaving Microsoft with no obligations.

      (Of course, software was not always sold on "as-is" terms that were intended in law for used and defective products. Nor was it sold on terms that used copyright law as a cudgel with which to deprive users of rights such as fair comment and resale. Contract date-rape is not an endemic problem of proprietary software; it is one that proprietary software publishers have chosen for themselves.)

      And it is the methodical use of contract date-rape which leads to the situation we have with spyware today. Spyware gets into a computer owner's property unannounced, alongside some piece of (presumably) desired software. It is a Trojan horse in the original sense -- sooner or later, it bursts open and out pour the soldiers of the enemy, who go about merrily burning w

      • by mosel-saar-ruwer ( 732341 ) on Sunday October 17, 2004 @08:47PM (#10553403)

        The spyware situation today is one created by a nexus of influences:
        1) Bad security design in Microsoft Windows,
        2) Absent security education for the ordinary user,
        3) The unethical business practice of contract date-rape, and
        4) Negligent refusal on the part of law enforcement to respond to electronic trespass offenses in other media, such as e-mail spam.

        I can't argue with 3) or 4). But as for 1) [and it touches a little on 2)], we've been running Windows NT & Windows 2000 for more than five years now, and we've NEVER had a SINGLE piece of spyware installed on any of our systems. [Never had a virus or a worm either, although I hope I didn't just jinx myself by saying that.]

        You know why? BECAUSE NONE OF OUR END-USERS LOG ON AS ADMINISTRATORS!!! That's it - it's that simple. They don't have Administrative rights, and they can't install spyware [or viruses, or worms]. [Of course, yours truly installs the latest security patches as soon as they appear, and has always had all of his users behind a fire wall, but that's not the important point here.]

        If you surf the web as an Administrator [Root] on OSX, or if you surf the web as an Administrator [Root] on Linux, you're every bit as prone to this stuff as any Microsoft user surfing the web as an Administrator [or you would be, if those operating systems had large enough market share for the spyware people to be bothered with writing spyware for them].

        • I tried (Score:5, Insightful)

          by bluGill ( 862 ) on Sunday October 17, 2004 @09:18PM (#10553528)

          I tried to set my friends up that way. It isn't hard, XP comes with that ability, even in the home version. Setting up is easy enough. Making it work is another matter though. Nearly half of the programs my friends want to run do not work correctly without administrator rights. This includes software for XP from Microsoft!

          In the end I gave up, ideally they wouldn't use the administrator account except when needed, but practically their computer didn't work without it. Switching users takes time and is a pain. Not hard, and it doesn't take long, but annoying enough that I can't call it a solution.

          Remember this is a home environment, not a work environment. They don't have someone checking out software from various competitors to see if it meets requirements. If Best Buy sells it they buy it, and expect it to work. (note that you can almost never return software after finding out that it doesn't work without administrator rights)

        • Not quite (Score:3, Interesting)

          If you surf the web as an Administrator [Root] on OSX, or if you surf the web as an Administrator [Root] on Linux, you're every bit as prone to this stuff as any Microsoft user surfing the web as an Administrator [or you would be, if those operating systems had large enough market share for the spyware people to be bothered with writing spyware for them].

          Not quite. I don't know about OS X, but I know in GNU/Linux the user must manually set an executable bit before a binary can be run. You can't automatical

        • If you surf the web as an Administrator [Root] on OSX, or if you surf the web as an Administrator [Root] on Linux, you're every bit as prone to this stuff as any Microsoft user surfing the web as an Administrator [or you would be, if those operating systems had large enough market share for the spyware people to be bothered with writing spyware for them].

          Wrong. I see this allegation all the time from people who never use the system in question, but OS X has this wonderful notion that you ought to consen

      • by DongleFondle ( 655040 ) on Monday October 18, 2004 @03:54AM (#10554760)
        "This just goes to show what security folks who have to deal with ordinary, average users have been saying for quite some time now: spyware is the #1 security problem for the ordinary Windows user today. Break-ins, worms, and viruses are all nasty problems indeed, but they do not cause the level of sheer aggravation and suffering that spyware does."

        I absolutely agree with you that spyware is without doubt the most grevious problem afflicting home Windows user today. However, it is not only the shear numbers of spyware and lack of unified solution to these problems that makes spyware the critical problem it is, but the threat and damage that can be caused by spyware, in my opinion far exceeds what I would consider aggrevation.
        Although I am a fulltime workstation administrator for a tech company and often times pick up home user workstation support on the side and they are almost always problems related to spyware. I recently agreed to work on a women's computer that was no longer able to connect to the internet as well as set up a home wireless network for her. She told me that it was "her daughters toy and as long as she can get connected to the internet and chat at night it keeps her daughter out of her hair" they both remain happy. The daughter is 13 years old and has taken to chatting with her friends at night, passing around links to salacious little horoscope programs, gossip programs, ad nauseum . . . After two hours of working on the computer I had removed over 500 instances of spyware (files, reg keys, programs, etc NOT INCLUDING COOKIES!). My obvious diagnosis was that Windows XP home needed to be reloaded but for now she could get back on the internet. When I returned a week later after recovery disks had been obtained there was even more spyware than before & a mysterious bridged internet connection that I assumed was being used to turn the machine into a slave for God knows what. Additionally, I found approx. 5000 illegal song downloads (automatic prison time there), limewire and kazaa and an AIM add-on that was keeping documented records of all IM conversations. I quickly learned that this could not possibly have been the daughters choice as the one converstation I opened while investigating revealed explicit discussion of sexual activities. To me, the potential for abuse in this case goes far beyond the loss of data, or even identity theft. A hacker with access to this machine would be able to know all of this girls personal information, name, address, appearance, school schedule and what place her volleyball team achieved at districts. Needless to say, I did my very best to try to educate this women about the dangers of these surfing habits even referencing the recent /. article claiming 1 out 5 children were solicitated in various forms on the internet last year, but I'm pretty sure I wasn't able to get throught to her about the dangers of the predatory social engineering that can take place through the internet these days. Spyware has the potential to pose a much bigger risk than most people believe because it opens the door to rootkits, social engineering, etc. when it is allowed to run amok in this manner.
      • Well, yes and no (Score:3, Insightful)

        by Moraelin ( 679338 )
        Generally a very good post, and I aggree that the cult of the EULA should die. And that blaming the _victims_ instead of the criminals is a sick joke already. But I do have a couple of minor objections:

        "The spyware is there on that disk because Microsoft security is bad, yes."

        Actually, no. Yes, I know, it's slashdot. Daring say that there's something (e.g., AIDS or world hunger) which MS isn't to blame for, is bad for your karma. Blaming MS for _anything_ rakes in the big karma points on /. Sad.

        Now Micro
        • by ajs318 ( 655362 )

          "Only log in as root to install programs or other admin tasks."

          Alternatively, assuming $HOME/bin/ exists and is in your path, start the process with PREFIX=$HOME ./configure to install there. You may also need $HOME/lib if you hit dependency issues.

          Try to picture an alternate universe where the Unix fragmentation never happened, and Microsoft never happened, so all computers run Unix. Now picture Joe Average, on his shiny new Unix home computer. Let's also imagine that enough sense has been hammered i

  • Hello (Score:4, Funny)

    by Anonymous Coward on Sunday October 17, 2004 @05:44PM (#10552487)
    This is Dell(hi). We are not able to being helping you with Spyware this time. Your Dell service is not including that. Do not be cursing at me, sir! Your attitude is having me upset! You must be finding a local person to be helping you.
    • Re:Hello (Score:5, Funny)

      by Stevyn ( 691306 ) on Sunday October 17, 2004 @06:01PM (#10552611)
      "Thank you, come again."

      -Apu
  • In that case... (Score:3, Interesting)

    by Pig Hogger ( 10379 ) <pig DOT hogger AT gmail DOT com> on Sunday October 17, 2004 @05:44PM (#10552490) Journal
    In that case, Dell should make available for download a "patch" that will scan for known spyware and remove it...
    • Re:In that case... (Score:3, Insightful)

      by Scoria ( 264473 )
      Education, not a mythical patch, is the answer. Computer users are too often instructed to select "yes" by default; instead, perhaps we should encourage them to read the prompt with incredulity and then apply their best judgment. There is no patch for complete end-user competence.
    • by metlin ( 258108 ) * on Sunday October 17, 2004 @06:01PM (#10552615) Journal

      Funny thing, I read that article and a popup for spyware comes up, defying even Firefox's popup blocker. Ironically, the popup said that the computer has spyware installed.

      Eh.

  • by w42w42 ( 538630 ) on Sunday October 17, 2004 @05:47PM (#10552508)
    Or they would if this were really a problem for them. Makes one wonder.
  • by l0ungeb0y ( 442022 ) on Sunday October 17, 2004 @05:49PM (#10552519) Homepage Journal
    ... and that would be limited only to Dell customers under warranty or some sort of service package who actually bother to call for support. I would consider it safe to suspect that the actual percentile of spyware infested PC's to be more on the order of 60-70%.

    Remember, people only call when they are aware of a problem.
    And even then, most people will "get by" until the problem is so pronounced they are forced to do something about it.
  • by Stevyn ( 691306 ) on Sunday October 17, 2004 @05:49PM (#10552522)
    Alright, I'm just some guy who fixes computers for friends occasionally, but I like statistics too. When my friends call me a geek for using Linux, I always retort "Guess when the last time I had a problem with spyware?"

    I think Dell is going to do some small case studies of selling the average user a machine loaded with linux and see if it becomes cheaper to support them.
    • haven't you heard? Linux *IS* sypware!
      dont believe the hippy-left-wing-pinko-commie-hype!
    • It's not cheaper (Score:5, Insightful)

      by rsilvergun ( 571051 ) on Sunday October 17, 2004 @06:21PM (#10552729)
      because you can't pawn your tough cases onto Microsoft. A typical OEM support call follows 3 stages: 1) clean boot 2) run Adaware 3) sorry, run your restore CDs or call Microsoft. Plus, there are _tons_ of tricks to getting free tech support from Microsoft, and many OEM techs are happy to let you know what to say/do.

      Oh, and if your customers buy new hardware and it doesn't work, you can't pawn them off on the manufacturer (no Linux support, you see). Yeah, hardware Dell didn't sell you isn't supported. Try telling that to the average jerk who just bought a $30 dollar digital Camera. He's not gonna care if you support it or not, and he's just gonna get pissed and buy a Windows PC next time.

      You're underestimating the value that $50 bucks buys an OEM.
    • by grotgrot ( 451123 ) on Sunday October 17, 2004 @07:01PM (#10552939)
      When my friends call me a geek for using Linux, I always retort "Guess when the last time I had a problem with spyware?"

      I have been using DOS then Windows since 1984 and have never had spyware or a virus either. In fact I don't even run checkers constantly, just every few weeks to double check. (And for the record I have been doing Linux since late 1991 and not had anything there either).

      If you are prepared to put the time and effort into it, it is all pretty easy. You don't blindly run or view stuff from other sources, you don't steal software (if you don't have the originals then you have no idea what you are actually getting), you pay attention to the dialog boxes that various programs display etc. Heck I even read the contents of those dialog boxes with legal agreements in them before clicking Ok or Cancel. Most people just don't do that, and as a result their computers end up with more "helpful" software than they otherwise anticipated.

      To say that Linux by design is invulnerable is nonsense. It doesn't take too much to infect an individual user (remember they aren't reading those dialog boxes either). And notice how on many Linuxen, when you try to run an admin tool on your ordinary user desktop, prompt for your (sudo) or the root password and which then leaves a key icon in your panel. That is one thing that can be abused to go from ordinary user to root. In many cases a piece of malware could probably just prompt and the average user would type in the necessary password.

      Quite frankly I don't know the answer. Signing stuff doesn't work. User education is futile - why should someone have to know about the internals of their computer, operating system, access and authorisation models? It probably comes down the programmers and user interface. Every time the software has to ask a question, it is being stupid. We need to continually work on the software meeting the user's goals without needing to be babysat, and especially without them having to make these decisions all the time.

      • "Quite frankly I don't know the answer."

        I know the answer, and the answer is fixed functionality, ala something like WebTV.

        Joe Average goes to the store and buys himself a PC-Appliance, it has a webbrowser, an email client, an office suite, media players and whatever else you like, but none of these things are upgradeable at all. The core OS and application space is on non-writeable media. The only things that can be written to the appliance by the end user are document files. No exececutables or script

      • look. you don't need root access to put spyware on linux.

        demonstration:
        put spyware in some directory that looks innocuous,
        like ~/.gnome
        then get the shell to execute the following command:

        echo ~/.gnome/spyware \& | cat .xinitrc > tmp$$ && mv tmp$$ .xinitrc

        bam! instant spyware. It can interface with the Window manager (and pop up internet ads in konqueror or whatever), it can monitor keystrokes, mouseclicks, and even send a picture of the desktop to a remote location.
    • Last week the local news had a fluff piece on spyware. My wife asked "What's spyware?" I answered that it was a bane of my existence at work but something we'll never worry about at home.
  • Due to awareness? (Score:5, Insightful)

    by fembots ( 753724 ) on Sunday October 17, 2004 @05:49PM (#10552523) Homepage
    From the article Spyware-related phone calls now make up as much as 20 percent of all help calls, compared with just 1 percent to 2 percent in August, 2003

    Is this because users are now more aware of the existance of spyware, rather than the actual 19% increase?

    For instance, in 2003, Joe-granpa probably didn't know/care why his modem's blinking non-stop, but he does now.
  • numbers? (Score:3, Insightful)

    by reidconti ( 219106 ) on Sunday October 17, 2004 @05:50PM (#10552528)
    90% may be high. 5.1% is ridiculously low.

    90% of Windows machines connected to the Internet is absolutely believable. I don't know anyone who hasn't gotten some. I've never had a virus on any machine, but got spyware on a Windows box by accident when the little "yes/no?" box pops up while I'm typing in a password (hit enter just at the wrong time...)
    • That's entirely believable. I worked at a GW call center for several months and I'm dead certain 90% of the computers people contacted me about had spyware or virii on them even if it wasn't directly related to the issue. Keep in mind most of the businesses that buy these things are going to have their own IT - those don't call for help.

      What's hilarious is the way techs are told "document everything" and "don't fix spyware and virii issues" but then get chastised (and even written up) if their average goes
  • by orionpi ( 318587 ) on Sunday October 17, 2004 @05:50PM (#10552530)
    Windows XP includes may common features with spyware:
    * slow down the systems
    * phones home to centeral servers
    * long click though eula the nobody reads
    * pushed on unwitting consumers
    * claims to improve system security
    * only avaliable on PC
  • by Anonymous Coward on Sunday October 17, 2004 @05:50PM (#10552534)
    ... and get rid of it if you do...

    Spybot Search&Destroy http://spybot.safer-networking.de/ [safer-networking.de]
    and Ad-Aware http://www.lavasoftusa.com/software/adaware/ [lavasoftusa.com]

    BTW, be sure to update the definitions or you're going to miss a lot of spyware.
    • by 2TecTom ( 311314 ) on Sunday October 17, 2004 @06:36PM (#10552823) Homepage Journal
      IMHO, Spybot & Ad-Aware are both absolutely necessary as is HijackThis:

      http://www.spywareinfo.com/~merijn/downloads.html [spywareinfo.com]

      I support quite a few home systems. Currently, the majority of my time is spent cleaning spyware and virus infestations. After installing Ad-Aware, HijackThis and Spybot, my clients stop having problems. As well, a working virus scanner is important. I've encountered several systems where the virus scanner has been deactivated. Therefore, I've been putting the EICAR test virus on all my systems.

      http://www.eicar.org/anti_virus_test_file.htm [eicar.org]

      Spyware used to be most bots from hackers, now it seems it's all marketing crap from big business. Isn't greed grand?
      • The fourth spyware tool I use is Bazooka Spyware Scanner [download.com]. While it won't actually clean any spyware it detects a TON of stuff missed by Ad-aware and Spybot and does it in about .1 seconds on modern PC's. It then links you to precise step by step instructions on how to clean the infection. The stuff Bazooka finds is typically stuff you have to reboot into safe mode in order to clean.
  • Wow (Score:5, Funny)

    by Aroma 7herapy ( 814263 ) on Sunday October 17, 2004 @05:51PM (#10552536)
    A "nation wide poll" "consisting of 724 internet users"...

    They really went the distance to get the results they wanted...

    • Re:Wow (Score:3, Informative)

      by cliffy2000 ( 185461 )
      Actually, assuming that it was fairly done, it'll have a margin of error of approximately 3.7% [(724^-.5)*100%]. Not bad, I say.
  • by digitalsushi ( 137809 ) * <slashdot@digitalsushi.com> on Sunday October 17, 2004 @05:51PM (#10552538) Journal
    Techs should feel lucky there's yet another thing out there creating a job market for them, whether they're still based in the USA, or shipped off to another country. You know, I thought Dell had the worst Dell tech support for sure, but I had to call Dlink last week to clarify on something, and I got into an argument from India about what was written on the configuration page of a cheap office router. It's up in the air -- The Dell tech couldn't read, and the Dlink tech said what I was reading was not possible. Hrm.
  • by The_Bagman ( 43871 ) on Sunday October 17, 2004 @05:53PM (#10552552)
    It actually says 5.1% of computers were infected with one of Gator, SaveNow, Cydoor, and eZula - just 4 out of the hundreds of spyware programs out there.

    It didn't answer how many of the computers were infected with any spyware program, just those four.

  • Hmm... (Score:3, Funny)

    by rampant mac ( 561036 ) on Sunday October 17, 2004 @05:56PM (#10552572)
    Using Mac OS X on my desktop: $65. (Government employee discount)

    Using Linux as a file server at home: Free.

    Using Solaris in our data-center: Pricey.

    Not having to put up with viruses, zero-day exploits and assorted other bullshit: Priceless.

    Apple, Sun & IBM make Microsoft look like the Red Sox, a lot of talk with zero action backing it up.

  • by theparanoidcynic ( 705438 ) on Sunday October 17, 2004 @05:56PM (#10552581)
    Where are the antivirus companies? This shit has gotten to a bigger problem than virii ever were and behaves in much the same way. Still, your fancy $70 "internet security" package won't touch it.
    • by user no. 590291 ( 590291 ) on Sunday October 17, 2004 @05:57PM (#10552589)
      The antivirus companies claim that removing spyware will get them sued, becuase they'll be committing libel by lumping it in with viruses. In reality, they just want to create a separate product, which is just a virus scanner with a different set of signatures, and charge each user a second time.
      • by Maul ( 83993 )
        Symantec is actually being sued by a spyware company because Norton AntiVirus detects their software as "adware." IIRC, NAV doesn't even actually remove that software, it just detects it.
    • Both Norton AV 2004 + 2005 and McAfee's current stuff sport spyware detection as a new feature over the older version. Granted, their removal process is god-awful, but even their $40 on the shelf software will detect most spyware programs and can actually remove some.
    • They're only slowly getting involved. Most "spyware" is actually "foistware", amazingly poorly written and stupid software installed with another potentially useful package but that is designed to report your behavior back to some central site, usually an advertising business of some kind.

      As such, most installations of foistware were voluntarily accepted in some way by a fool clickin on an "I accept this software" click button, and the virus companies are very reluctant to start ripping it out by the roots
  • by chickenwing ( 28429 ) on Sunday October 17, 2004 @06:02PM (#10552620) Homepage
    I wonder if this [slashdot.org] policy is still in effect ("Dell To Techs: Don't Help Customers Remove Spyware").

    By the way, I love the "Your browser has blocked a popup" image over the article text. Really helps in the journalistic integrity department.
  • Internet Exploder (Score:3, Interesting)

    by simetra ( 155655 ) on Sunday October 17, 2004 @06:04PM (#10552634) Homepage Journal
    All of these machines are shipped with their operating system exposed to the evil internet via Internet Exploder. Perhaps they'll start shipping with some other browser as default?

    The only reason I give a rip is because I have relatives who buy these machines and end up whining about it to me. Hmph.

  • by Arctech ( 538041 ) on Sunday October 17, 2004 @06:13PM (#10552690) Journal
    ...I fully concur with that estimation, if not higher.

    At least 8 of the 10 computers that I fix follow this routine:

    Update and run AV program, if possible.
    Install Adaware, update, run.
    Install Spybot S&D, update, run.
    Run CWShredder.
    Fire up a HijackThis! log and manually remove the leftovers.

    I'm getting pretty damn good at filtering out the hijackthis logs, too.

    Seriously, if you familiarize yourself with spyware removal, you could make a killing on the home PC market. Manufacturers won't help you with spyware. It's getting to the point where the retail chains and PC shops won't deal with it either; they'll simply offer you a format/reinstall.
  • Prevention (Score:5, Insightful)

    by aking137 ( 266199 ) on Sunday October 17, 2004 @06:22PM (#10552735)
    I run a small IT company supporting customers on-site to help them with their computers, and spyware is now a new source of income for us. It very often just takes a quick look in the process list or a double click on the IE icon.

    But avoiding spyware on the whole is very simple, and comes down to a few simple steps, based on prevention is better than cure, i.e. it's better not to get something bad at all, than to get something bad and then have to get rid of it.

    Make sure their computers are behind some kind of hardware or software firewall which blocks all incoming TCP connection requests. Yes, there is more to it, but this one step is a huge improvement on not having a firewall.

    Install another browser such as Mozilla Firefox, and show them how to use it. Only use Internet Explorer for specific sites that you trust, if it has to be used at all. Remember that many users need Flash and Java, so consider installing these as well to stop them going back to IE as soon as they hit a site requiring one or the other.

    Spend a few minutes educating your users about malicious software. Explain that a computer simply follows instructions with little concept of good or bad, and that it only takes a double click on one file containing such instructions (eg a .exe file) to contaminate the system.

    Yes, there's more: software updates, strong passwords, encryption, using more secure software and all the rest of it. Unfortunately most of our users aren't interested in becoming computer security experts. If you can get those three above points hammered in, and let them know that that there is more to securing their computer, you're making a big step in the right direction.

  • by karmaflux ( 148909 ) on Sunday October 17, 2004 @06:31PM (#10552796)
    When I was a Dell tech, we had to refer to spyware as "third-party software" and we were not authorized to recommend tools for removal. Of course, I would just tell them to run spybot and pray for rain, but if a supervisor would have caught me doing that I'd've likely been fired.

    What the hell do they expect to happen, when they won't let the techs solve the problem?
  • Comment removed (Score:5, Informative)

    by account_deleted ( 4530225 ) on Sunday October 17, 2004 @06:39PM (#10552831)
    Comment removed based on user account deletion
  • by antdude ( 79039 ) on Sunday October 17, 2004 @06:39PM (#10552833) Homepage Journal
    See this forum discussion [broadbandreports.com] on BroadbandReports. On my office Dell Dimension 8250, its support program (support.exe) phones home. I consider this a spyware.
  • by HangingChad ( 677530 ) on Sunday October 17, 2004 @06:41PM (#10552844) Homepage
    I've never scanned a Windows PC connected to the internet that wasn't loaded with spyware, trojans and every evil thing that creeps on the net. Even when those PC's were in places with fairly good network security.

    There's one ultra Death Star customer and they got a virus from a security camera server installed by a contractor. ROFL! Soon as they plugged it in it went nuts infecting other machines.

    Five percent...hahahahaha!

  • Very true... (Score:4, Interesting)

    by jehnx ( 556498 ) on Sunday October 17, 2004 @07:16PM (#10553004) Homepage
    I work at my school (Cornell Univ.) in the Information Technologies department taking calls and basically doing technical support for folks who don't know anything about computers. Our ratio of spyware questions to any other questions is definitely at LEAST 4:1. It gets real old, real fast. Thing is, we're not allowed to give advice on what spyware removal tools to use, which makes it that much harder. The problem never gets fixed, and we just get more and more repeat calls.
  • by agressiv ( 145582 ) on Sunday October 17, 2004 @07:34PM (#10553061)
    I'd venture to say that most non-tech savvy computers have some sort of spyware/adware installed. Why do these people get it?

    1) They accidently click on something they didn't mean to, because of a popup. It goes downhill from there, since many spyware programs act like virii and have some friends join the fray.

    2) Users that hit porn sites. These are the black hole of spyware, and while I've told them "stop looking at the porn and you wont get this crap", and they say they don't, yet I see their Internet Explorer history and its just filled with porn urls.

    While my parents are largely #1, I've switched them to firefox and its gone down dramatically. I still catch them using IE for things like OWA and a few other IE-sites (and they will re-use the browser window to do other things).

    I simply got tired of deal with them calling me about "CoolWebSearch" and tons of other junk that pisses me off.

    I use Internet Explorer *and* firefox to browse the web, and I never get *any* spyware - I just know what to look out for. I'd say at least 80% of the people out there don't.

    It also helps if you surf the web as a non-priveldged account - those are, for the most part, invulnerable to spyware. Just as none of you would use any web browser on linux as root -

    agressiv
  • HP Pavilions (Score:4, Interesting)

    by Esion Modnar ( 632431 ) on Sunday October 17, 2004 @08:00PM (#10553181)
    I used a recovery CD for an older HP Pavilion (a client's, not mine, I wouldn't own such a piece of trash), to re-install the box back to factory "fresh." No surprise, but some Wild Tangent (a known spyware maker) programs were included as part of the install. (Mini-rant: seems nobody sells computers with a Windows CD anymore, arrrghgh! Bastards!)

    It's pretty bad if your grandmother downloads and installs some screensaver with this shit on it, but HP should not be doing this to its customers. Having to deal with a recovery CD is bad enough, without having to clean out the extra "value added" shit (aka sweetheart deals that make them mo money). HP is stabbing their customers in the back.

    (Unrelated to this, kinda, but when I was ordering this recovery CD from the HP drone on the phone, I asked him the price.
    He said "between $20 and $40."
    So I said, "Can you be more specific?"
    He said, "I'll need the model number first."
    So I gave it to him and said "So what's the price?"
    "Between $20 and $40, depending on the model number."
    "I just gave you the model number! What's the price?"
    "You need to order it first."
    "Tell me the price first."
    "You need to order it before I can tell you the price."
    "You mean you can't, or won't, tell me the price?"
    "Just order it, and if you don't like the price, I'll cancel the order."
    "Fine. Whatever."

    I ended up ordering it anyway, but I have never seen such a stupid system where you can't know the price until you order.)

  • Simple equation (Score:3, Interesting)

    by onyxruby ( 118189 ) <onyxruby AT comcast DOT net> on Sunday October 17, 2004 @08:36PM (#10553354)
    How long until the support costs of spyware outweigh the partner benefit payments? Once this equation is clearly on the "right" side, Dell and other companies will get serious about anti-spyware legislation. Until then, they will continue to support half-ass measures like we've been seeing from Congress.
  • by alcedes ( 822974 ) on Sunday October 17, 2004 @08:41PM (#10553375) Homepage
    I actually made a good amount of money from removing spyware from people's computers. Since I have a full time job and really did not need the money I did at some point give it up. It was the same group of people that were getting infected over and over again. For some reason I could never educate them on how it got on there.

    Gator used to be one of the worst ones.
  • installed spyware (Score:5, Interesting)

    by fawlty154 ( 814393 ) on Sunday October 17, 2004 @08:44PM (#10553391)
    I find it ironic that half of the stuff that Dell ships on their prebuilt computers makes computers run ust as slow as a lot of spyware. I know that when clients of mine buy a new Dell computer, they're disappointed at how slow it runs. Reformatting the HD always makes the computer run 10 times+ faster.
  • by FooAtWFU ( 699187 ) on Sunday October 17, 2004 @08:53PM (#10553425) Homepage
    Remember this article [slashdot.org]?

    Dell does not endorse the use of spyware removal software and cannot provide support on these products.

    Well, nice to see it coming around to byte you, eh, Dell?

  • by thephotoman ( 791574 ) on Sunday October 17, 2004 @09:02PM (#10553461) Journal
    I whore out my tech support services to the floor where I live, and this is the case in every room with a Windows computer. The first computer I went to was my RA's compueter. She'd switched to Firefox a month earlier after hearing about the tabbed browsing, but hadn't installed Spybot and AdAware yet, so she still had 2 years' worth of spyware on her computer. When I fixed it, she was willing to do anything for me. Too bad that I already have a girlfriend, and I'm not the cheating kind.
  • Anecdote (Score:3, Interesting)

    by Jaysyn ( 203771 ) on Sunday October 17, 2004 @09:02PM (#10553464) Homepage Journal
    My SigOther works at a Dell corporate call center & she tells me most of the calls lately are for WinXP SP2.

    Jaysyn
  • by meme_police ( 645420 ) on Sunday October 17, 2004 @09:16PM (#10553519)
    ...I work for GE and 30% of our tickets are for malware. But on top of that every machine I visit is infected so I also end up running Spybot or our internal tool.

    I'm just glad that I normally don't run Windows at home.

  • by AndroidCat ( 229562 ) on Sunday October 17, 2004 @09:17PM (#10553524) Homepage
    While all the various trojans, viruses, worms and bots aren't exactly spyware (but can be used that way), I'm sure that all the MyDoom, Sasser, Doomran, etc get lumped into Dell's total.

    There's someone who does an organized scan of my ISP's IP space every morning at 8:42 and 9:42 EDT. When I have two DHCP IPs, both get hit with an average of eight bots each trying ports 5554, 1023, 9898 and 445. The IPs it comes from are usually Korean or Japanese. When I listen at the ports, they try various exploits on bots which do listen on those ports to download their own bot software.

    I suspect that "8:42 Zombie Charlie" scans a lot more than my ISP's space. So it looks like someone is running a very organized and *punctual* effort to harvest a whole lot of botted machines for unknown purposes. Joy. (Actually, it's kind of fun. I wrote a sound effects program from my firewall, and I drink my coffee listening to the chorus of sounds as the ports are checked. Too bad I can't arrange to be checked a little earlier in the morning.)

  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Sunday October 17, 2004 @11:37PM (#10554096)
    Comment removed based on user account deletion
    • If I had read your claim about most 'slow' computers being crippled by spyware half a year ago, I'd have thought you were overly cynical or exaggerating.
      This is, however, exactly what happened to my wife's computer. While we're a Mac household, her employer lent her a computer a few months ago, to be able to use a web app that only works using IE6. Being vaguely aware of all the malware on Windows, I told her not to use the Windows machine for email, assuming web browsing was relatively safe. However, after
  • by B747SP ( 179471 ) <slashdot@selfabusedelephant.com> on Monday October 18, 2004 @12:30AM (#10554254)
    As my little bit of a contribution to the growing problem of invasive advertisements, spyware, worms, etc, etc I've been writing a series of articles on the problems, and how to deal with them (basically pushing Firefox, Thunderbird, Ad-Aware, Spybot S&D).

    I have a great (and true) anecdote about a Professor who inadvertantly splashed pr0n up on a 4m x 4m screen before an audience of MBA students, managers and Execs, but I don't have a good anecdote for the spyware and phisching parts of the series.

    Have you (or do you know anyone) who has been caught out by (i) a keylogger or similar spyware or (ii) a phisching attack, either of which caused some quantifiable loss (ie: $$$ got pinched from their online back account, identity re-used somewhere else, etc, etc)

    All I need is a short email description so that I'm quoting a valid/verifiable source instead of making things up.

    I'd appreciate an email from an actual victim please, I'm happy to cite your name or be anonymous as required. Thanks.

    about:me I'm a geek who works at university, becoming increasingly frustrated at the last year or so's worth of worms, phishing and general microsoft-induced hell and I'd had some degree of success at getting myself published on a range of geek topics. By no means a journalist or anything like that though!

  • by bLanark ( 123342 ) on Monday October 18, 2004 @06:35AM (#10555023)
    Well, I guess that this must cost Dell a fair amount in support costs. I've got no idea what the volume of calls is, but it must be great - and 20% of them to do with spyware? It *must* affect their bottom line.

    Maybe they will begin to ship machines with a more secure initial configuration. They might start wit some changes suggested by last month's article at The Register [theregister.co.uk].
  • by msoftsucks ( 604691 ) on Monday October 18, 2004 @08:21AM (#10555544)
    I've been looking into ways to remove the profit incentive from the spyware guys. These morally challenged cruds monitor your web browsing habits and then sell that info. What if that info was full of bad entries? Like increasing the junk to valid signal ratio?

    What I envision is a screen saver that we load on all the machines we can get our hands on. This screen saver then contacts these spyware sites and uploads random info. The aggressiveness could be controlled by the user, allowing it not to flood any Internet connection. The screen saver could have spyware lists, just like anti-virus software that could be updated. Imagine having millions of pcs uploading junk to coolwebsearch. How long would you say these guys would stay in business? Would those that are buying this info continue to do so even if it full of garbage?

    Obviously this would be OSS, but we could license it in such a way as to allow folks like Dell to preload this and set it as default.

    So folks, what do you think? Is this the way to kill these guys or is the recent criminalization enough to stem the tide?

Hotels are tired of getting ripped off. I checked into a hotel and they had towels from my house. -- Mark Guido

Working...