I've been a firm believer in Ad-aware, but now it looks like my mother in law has been hit by some search-tool related malware, similar to CWS, that puts porn links in her favorites and changes the homepage and Ad Aware apparently can't see the thing. I've advised her to stay offline until I can hunt down the latest, greatest solution.
I'm still not entirely clear how companies can disseminate spy/ad/malware like this and not be prosecuted for it. If Ad Aware can classify and eliminate it then it should not be hard to track down where it comes from and deal with it at the source. I do not personally understand what the distinction is between *ware and a virus or a trojan. Many variant like CWS are actually called "trojans" in news stories, yet their authors are known people and they are even openly gunning at other browsers without any fear of legal recourse, save for some brave new bits of legislation that look as though they may prove as effective as the war on spam. Some people are claiming that porn ferreted onto their machines by spyware have gotten them fired, divorced, or even arrested. Even if that last link is just a convenient alibi, there's no excuse for it even being a possibility.
The Utah lawsuit appears to approach the issue from the angle of "unfair affiliate profits". The spyware in question waits for a browser to go to overstock.com and then displays popup ads. Overstock.com argues this is wrong because they don't receive a commission on the ads. This is simply insane: I have yet to see a murder case hinge upon the killer's ability to squeeze the victim's family out of market share.
The thing that burns me the most is that when I started doing google searches to research the problem for this post, I didn't see a single dissertation as to the legal ramifications of malware. The only search results I get from Google on this subject are web pages for spyware cleanering "solutions". I love the false hope here that if you install this probably-free peice of software, it will "plug up" that hole that's letting all the spyware in. Or else that if you get into the routine of using Ad Aware, Spyhunter, and Kaboom every week that you'll be set for life. What we are discussing are legal computer viruses. It will take these sleaseballs all of 12 hours to sidestep whatever back-lines defenses you indulge in.
There are also quite a few myths perpetuated that people use to remain in a state of denial about this whole travesty:
Myth #1: "You have to agree to install the software and click 'ok'"
This isn't true: most *ware gets installed through browser hijacking nowadays. Even if that were true, it's like saying that vacuum cleaner salesmen have the right to kick you out of your house once you've invited them in. And/or steal your bank data, and/or litter your house in porn (forget the mailbox) and they have no legal obligation to leave your home; you have to outwit them out with the help of some service that may or may not be free.
Myth #2: "You can't get porn malware unless you are a porn-browsing perve to begin with"
Well, my mother in law doesn't browse porn. She does remember what website she visited when her troubles started however, and it was some faux search page. The same url was in a dozen places in her registry by then. What got added to the favorites and the desktop however were porn websites and dialers.
Myth #3: "You'll be safe if you just remain security concious"
I won't even go into the issue that the very act of securing your machine can introduce vulnerabilities. The fact of the matter is that we are not all sysadmins. If you happen to be a competent sysadmin, you are probably the only one in your family. Everyone else in your family will want you to clean their computers every tuesday from that which they cannot defend themselves: and let me tell you, this crap is much easier to prevent than to clean up after.
If you are a sysadmin, you have to compete with the powers of outsourcing. You simply cannot afford to either clean up after your friends and relatives, or act as their personal administrator and keep them from tripping over themselves. They also can't afford to pay you or anyone else to do this for them.
I go back to the home-owners analogy. A door lock and deadbolt will not prevent a determined attacker from getting into your home. It will slow them down, and ideally a law-fearing society will keep you safe. Remember: once there is a national disaster in your area, get a weapon, you're door locks are meaningless.
The same is true here. Since there appear to be no legal ramifications to this form of hacking and hijacking, every computer user must suddenly become a hardened security expert to remain in control of their property. That is as much of a political/legal failure as it would be to ignore prosecuting for trespass or breaking and entry. Neither your house nor your computer should have to be a fortress.
So what I would like to know is: When will breaking into somebody else's computer system be considered a criminal offense?
Posted by jesse at May 25, 2004 12:07 AMGet SpyBot S&D. AdAware misses a bunch of stuff. When I ran them both on a system once that I knew was horribly infected, AdAward found about 150 entires/files, SpyBot about 300. Granted, neither could get rid of the underlying dialer that was screwing with the system, but at least SpyBoy detected it.
Posted by: Jake at May 25, 2004 11:02 AMThanks Jake, for the short term at least, but you know this is just like spam. Next week when she needs her computer cleaned again there will be newer versions of malware than there are versions of Spyboy.
Posted by: Jesse Thompson at May 25, 2004 01:59 PM