 |  |
You know that feeling you get when your friends or family see you do something on your computer that they’ve never seen before?
If you haven’t had this opportunity, here’s where you start.
If you have, then you know that you’re feeling like the world’s coolest power-user when this happens. Knowledge is power! Here are five Microsoft Windows XP tips that will get you/keep you schoolin’ your friends and family.
Two-thirds of IT managers named spyware as the number one threat to their networks’ security in 2005, a survey released Monday said. The poll, conducted by security firm WatchGuard on the Seattle-based company’s Web site in December, revealed that 66 percent of the managers and administrators surveyed thought that spyware would pose a greater threat this year than either viruses or phishing attacks.
About the same number — 65 percent — said that between the three threats of viruses, phishing, and spyware, their network were least protected from spyware.
Even so, the IT leaders complained that neither their company’s executives nor their users understood or respected spyware’s potential damage. A majority of 54 percent, for instance, said that execs were keeping their eyes on viruses as the major threat, while only 38 percent said executives were backing efforts to put spyware at the top of the security focus list for the year.
Additionally, almost three out of four IT managers said that more than half their users don’t know what spyware is.
One of the things you will hear about spyware is that “it keeps free software free”. The spin doctors and apologists go on about how you are able to install software for free because of the advertisements. To hear spyware companies tell it, they sponsor these poor, starving software developers out of the goodness of their hearts.
That is not entirely accurate. It is not, in fact, accurate in any way.
Spyware and adware makers want to install their software by any means they can come by, legally or otherwise. Once installed, they want it to remain installed regardless of the wishes of the computer’s owner and they want it to run the entire time the PC is running. The fact is that installing a free program usually is not worth the hassle of dealing with a third party spyware or adware bundle. It is not a fair trade.
A fair and equitable exchange would be if the adware/spyware ran only when the free program which installed it was running. No spyware does this. Instead, it runs as soon as the PC starts up, often with the use of cleverly hidden start up entries.
This confuses me. If the deal is that the user has to endure the spyware in order to use the free software, then why does the spyware not close down when the user is not using the free software? That is the deal: free software in exchange for dealing with ads. The deal is not supposed to be a never-ending barrage of pop-up ads in exchange for the occasional use of a free program. That is not a fair trade.
Another fair exchange would be that the adware/spyware be removed entirely if the “user” decides to remove whatever free software installed it. However, every time this is suggested, the spyware makers dismiss it out of hand. What I would like to know is: “why?”.
If the free program is no longer installed, why is it still being sponsored? The “user” permitted the adware or spyware to be installed only in exchange for using the free program. That assumes that the “user” was properly informed about the presence of the adware/spyware in the first place. Why should the sponsor software remain if the sponsored software is removed? That makes no sense.
One argument put forth is that removing the spyware when one free program is removed might interfere with another free program which installs exactly the same spyware. That is absurd. Assuming someone did actually install two separate programs which bundled the same spyware and then removed one of them, the remaining program would just reinstall the spyware the very next time it was run.
When the free program is removed, the spyware should be removed right along with it. However, no spyware maker will do that voluntarily. They are not interested in a fair and equitable trade. They just want their spyware installed and running by any means necessary.
Now, on to those software developers who decide to sell their users out to the adware and spyware makers.
You will hear the most heartwrenching stories from these developers, as they try to explain to their users why the newest version of their software has begun to set off virus alarms. They will say that no one paid for the upgrade to the pro version. They will say that no one clicked the “donate” button. They will say that, to keep up with their development and hosting costs, they had no choice but to bundle the spyware.
All of that may be true but it is not the whole truth.
The truth is that spyware and adware companies pay large amounts of money to have their software distributed. Some of them even create their own “free” software just so that they can bundle their own spyware or adware into it. Claria did exactly that with their Gator password manager and Precision Time Manager.
The “free” software developers will say that they bundled spyware into their products because not enough people spent the 30 bucks to upgrade to the pro version. If that is the honest truth, then why isn’t their software designed to remove the bundled spyware, as soon as it has generated thirty dollars worth of advertising revenues?
For that matter, why do these developers even need third party adware at all? Simply embed an advertising banner directly into the program’s main window. As soon as the program has shown the user thirty dollars worth of ad banners, it can remove the advertising module automatically.
If all ad supported software worked this way, I imagine that most software would be ad supported. I also imagine that most users wouldn’t mind the arrangement one bit. The cost of the program would be paid for without the users ever having to pull out their credit cards. It would be a fair and equitable trade, something we do not have now.
The sad thing is that these developers would make a hell of a lot more money if they followed this much more consumer-friendly route. I don’t know what the going rate is for a bundle install of Claria’s ad serving software. Whatever it is, I’ll bet it isn’t thirty dollars per copy. If the developers of Kazaa and other spyware-ridden programs started doing this, the problem of bundled spyware would disappear virtually overnight.
The moral of this ramble is this: ad supported software is not free! “Free” assumes that you receive something of value in return for nothing of value. The spyware makers and distributors are well compensated while all you receive are pop-up ads. Not a fair trade at all.
Anti-spyware company Webroot Software Inc. Monday announced what it claims is the industry’s first automated spyware research system. Called Phileas, the system relies on bots–computer programs that perform tasks in lieu of a person–that continually crawl the Web, looking for spyware, adware, and the sites that host such software. Webroot plans to use the information gathered by Phileas to develop anti-spyware products that can better address new threats.
Like the antivirus industry, anti-spyware companies have traditionally developed signatures to block spyware. These are created by comparing the files on spam-infested machines against those on clean machines.
“That’s very labor intensive,” explains Richard Stiennon, VP of threat research at Webroot. “The name of the game in the anti-spyware business is to somehow have as close to 100% of all spyware identified and signatures written for it as we can get. And that’s an unachievable task because the spyware writers are extremely active. They show up for work in the morning and write new versions of their spyware every day. So you have to find it as soon as it’s out in the wild.”
Automation, he contends, is the answer. He estimates that one hour of automated research equals 10 work-days of manual research. When first tested in October of last year, the company identified more than 20,000 sites that made spyware available. By February, Webroot plans to have more than 100 bots active, scouring up to 10 sites a second.
Microsoft also has included a measure of automation in its new anti-spyware product, which appeared in beta form last week. Windows AntiSpyware includes a community reporting function called SpyNet that shares information about newly discovered threats to better immunize other members of the network.
Stiennon observes that automation is a necessity, given the proliferation of spyware.
“The spyware industry is only going to grow because it’s so tremendously profitable for the spyware writers and distributors,” he says. “So we have to try to find it as quickly as we can.”
Security researchers warned this week of a vulnerability in most Web browsers which could potentially allow scammers to launch phishing attacks from pop-up windows on trusted Web sites.
The vulnerability arises when an Internet user opens browser windows for both a legitimate Web site and a malicious site at the same time. Because of an old functionality that exists in most browsers, the malicious site can potentially display information in a pop-up window from the trusted site, according to Secunia Research.
The vulnerability has yet to be exploited but could present a very effective method for launching online fraud scams, often known as phishing, Secunia Chief Technology Officer Thomas Kristensen said Thursday.
While most users do not intentionally visit malicious Web sites, they often stumble upon them by following links, making it relatively common for Net surfers to have browser windows open for both legitimate and malicious sites at the same time, Kristensen said.
This could be a particularly dangerous situation if exploited to display misleading information on a pop-up window from a legitimate bank Web site, for example, he warned. Even if savvy users check for a the yellow “lock” icon on a Web site, signifying encryption, the pop-up could still display content from the malicious site, he said.
“This could be a surprisingly effective way to seduce or trick people into doing something,” Kristensen said.
The vulnerability affects almost all browsers, including Internet Explorer (IE), Mozilla, Firefox, Opera, Konqueror, Safari and Netscape, the researcher said.
Secunia, based in Copenhagen, went public with its warning Wednesday, after saying that it had alerted browser vendors of the vulnerability months ago.
Microsoft said Thursday that it has investigated the report, and customers who use Windows XP SP2 and follow its advice on spoofing attacks are at a reduced risk.
The functionality described in the report allows a Web site to open or re-use a window without displaying the address bar. However, SP2 users will see a status bar in the pop-up window, allowing them to look for the yellow lock icon and confirm that the site is valid, Microsoft said.
Opera has also included measures to mitigate the vulnerability in the latest beta version of its software, Kristensen said.
He acknowledged that by going public with the warning he was also alerting Internet scammers to a new opportunity, but said that he felt the public should be aware of the threat since not all browser vendors had been responsive.
“We thought it would be better to openly talk about this and we are giving advice on how to mitigate it,” Kristensen said.
http://security.itworld.com/4341/041209popupvulnerable/page_1.html
