Spyware becomes increasingly malicious

Wed Jul 14 07:46:15 UTC 2004

> Most of the lastest versions appear to install themselves using the
> ByteCode Verifier vulnerability in the Microsoft Virtual Machine.
MS do not publish full system specs, and they use undocumented features
themself.

So, what other companies are doing? Yes, correct, they are experimenting,
searching for  the undocumented features.
They found it, and no one can separate bugs and undocumented features.

These are all results of MS approach _I am doing everything myself and do
not want others to compete with me_.
Ok, so please do not complain on those who uses your undocumented features,
undocumented API (and ohh, it is not my API, it is a bug... as they are
saying now). Are you sure that it is a bug, but not a backhole created by MS
for themself? I am not.

> Fully patched systems don't get the stuff installed.
Or - after others found this backhole, they decided to seal it. You can not
prove that it is a bug, as I can not prove that it was a feature.

Any undocumented API is not different from a bug - it is just something
which is not documented but exists.

> I'm sure the authors are working on newer injection methods....
Just as MS is working on new undocumented API's. Of course, they are -
hackers, spyware designers and MS developers... I do not see a difference.

> Though the blame might be placed on Microsoft for having a flaw in
> their code, this wasn't part of any IE feature.
Please, specify a difference between 'flaw in the code' and 'backhole
created for their own purposes'. If they claim 'our developers use only
specified API' and 'we specify and document every system call and every
function which can be used legally, from technical point of view', then I
agree. But they never did and never would. if they do it, they lost their
monopoly. Result - full zoo of pets, pests, and other animals in every home
computer running Windoze.

May be, this particular feature was a bug, I can agree - but I do not see a
difference (still).

> >I do not blame MS, but what about spyware on MAC-s - is it so easy
> >to write and install spyware there?
>
> I don't really want to get into the argument of why people choose
Sorry, it was a _technical_ question - is MAC OS known as having pests and
ad-ware in the comparable numbers (if any)?

> microsoft products to attack, but if someone was going to choose
> a product to attack, from which they were going to try and make
> the most money/impact off of, do you think they would choose the
> product with the largest user base?  I think that's the case here.
> It would be a poor business decision not to, and these people are
> definetly out to make as much money as they can off of these
> exploits.
>
> >This is 100% legal at this point (and even if it is not legal,
> >who bored about it outside of USA? No anyone!).
>
> It really shouldn't be legal.  It is someone gaining unauthorized

Hmm. Is it legal for MS developers (for example, office developers) to use
undocumented APIs? What's a difference? What does it mean 'access' - you
open my web page, and your IE download my GIF file - is it authorised (my
GIF is installed into your computer)? You allow Active X to run, even if
ActiveX can install software - it is enough to be authorised. These is
common sense  - if there is a road, it is authoruised to hike it (except if
there is a closed gate or an angry dog on the way). At least, it is common
sence on 90% of the world.

Of course, we can create many laws making common sense useless, but do not
expect anyone outside to follow it. Internet is not located inside, so - you
can make a conclusion. MS provoked people to search for undocumented
things - it is common sense which say me that it results in my home computer
making unpredicted actions - and I can not blame spyware writers, I should
blame MS writers... (I do not like spywriters, anyway, but they are making
their business..)

> access to computer systems and altering data on those machines.
> Not to mention that people are profiting from these intrusions.
Of course, they are. MS is profited from undocumented API's, as well. Where
is a difference?

>
> -Brian