Spyware becomes increasingly malicious (let's return to reality)

• Previous message (by thread): Spyware becomes increasingly malicious (let's return to reality)
• Next message (by thread): Spyware becomes increasingly malicious (let's return to reality)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----
First of all, even if OS have not any caveats, it will not protect it from
spyware/adware. if I want to install my 'Cool-Search' into million of
computers, all I need to do is to write fancy game, and offer it 'free of
change' in exchange of 'Allow to show you ads once / day'.
That's all - you will have everything installed explicitly.
-----

Not necessarily true.  Security/permissions plays a major part in the
effectiveness of adware and spyware.  A majority of consumer Windows
OS's run with the default login as an admin user.  When a user chooses
to install "Cool-Search", their user rights allow for registry changes
and alterations of system libraries, which cause ads to display when
using IE.

Can this be prevented by running Windows as a non-privileged user,
yes.  But people want to install their "Cool-Search" and
non-privileged users can't install anything.

When using OS's other than Windows, users can install their own
binaries, but they do not have access to modify the system binaries. 
Then can still browse with the system wide Mozilla/whatever, but their
actions will not have the ability to alter anything that will allow
for ads to be served when browsing, or for browsing habits to be sent
to a third party.

User information is still vulnerable, and the potential is still
there, but a single user's infection/installation will generally not
have the same impact on the system.

-b

On Wed, 14 Jul 2004 23:52:27 -0700, Alexei Roudnev <alex at relcom.net> wrote:
> 
> Ok, let.s return to reality (sorry for moving this thread into the OS
> related flame).
> 
> First of all, even if OS have not any caveats, it will not protect it from
> spyware/adware. if I want to install my 'Cool-Search' into million of
> computers, all I need to do is to write fancy game, and offer it 'free of
> change' in exchange of 'Allow to show you ads once / day'.
> That's all - you will have everything installed explicitly.
> 
> But 'hidden' installation makes it much more easy for spyware, and is (in
> general) a very big evil. System must distinguish between 'USER' mode (use
> applications but do not change system behavior) and 'INSTALL' mode
> (install/delete/add software, processes and so on). In many cases, system
> must ask password to do any such action. (If you know MS, you can image
> which nightmare is to implement it -- I worked with IDS such as Osiris and
> had a fun, guessing what system decide to change today. But it is not a
> problem in most other OS).
> 
> Second, but even worst, problem is absense of ANY system interface showing
> you, what is starting, stopping and running. It is not any problem to remove
> spyware, from common point of view - just open 'list of running processes'
> and 'Startup list' and uncheck everything you do not want to see. Problem -
> such interface does not exist, is not possible because of complexity (there
> are milluions ways of starting anything) and can not trace a history of
> processes (because of, again, extra complexity, unlimited usage of 'classes'
> and 'objects' and 'pluginns' and 'toolbars' and so on). Anyway, good 'change
> history' system could easily revert such changes back so that instead of
> very complex 'adaware' scaners we will have just 'change history, revert ?'
> button.
> 
> Third is more easy for ISP - if we can not fight with bad software, fight
> whith those who got a profit using it. For SPAM - ok, there is not ANY way
> to stop sending spam (fort now), but any SPAM advertices someone, and this
> someone is always 100% identified - so fight (limit, flood by calls,
> overload by false information, etc) SPAM benefitiants, learn them do not
> purchase 'We will send your advertice to 10M people over the world'. The
> same in case of adaware. For spyware, fight those who receive information
> back - by any way.
> 
> ----- Original Message -----
> From: "John Underhill" <stepnwlf at magma.ca>
> To: "Niels Bakker" <niels=nanog at bakker.net>; <nanog at merit.edu>
> Sent: Wednesday, July 14, 2004 1:12 PM
> Subject: Re: Spyware becomes increasingly malicious
> 
> >
> > Ok.. but has BSD been attacked on the scale that MS code has? I would
> argue
> > no, not even close. Do you believe BSD is invulnerable to attack? Hardly..
> > Unless you want to go back to text based browsers and kernals that fit on
> a
> > floppy, it is extermely difficult to eliminate all vulnerabilities in the
> > code of a sophisticated OS. The more complex the system, the easier it is
> to
> > break, and with the level of automation currently expected by most users,
> > this requires a very complex build.
> > Could MS be made more secure, of course. Do I think they are actively
> > working on the problem, yes. If Novell or Mac had risen to the top of the
> OS
> > heap, would they be catching all the viruses now? I think they would.
> > Really, my point was not to argue this, but that there is no justification
> > for malicious code, that you can't simply pawn it off on MS as being the
> > real problem. By doing that, you are saying that people creating spyware
> and
> > viruses are not culpable for their actions, that they should be allowed to
> > create havoc and destroy systems, because really they are only leveraging
> > 'features' built into the operating system.
> >
> >
> > ----- Original Message -----
> > From: "Niels Bakker" <niels=nanog at bakker.net>
> > To: <nanog at merit.edu>
> > Sent: Wednesday, July 14, 2004 3:31 PM
> > Subject: Re: Spyware becomes increasingly malicious
> >
> >
> > >
> > > >> Sorry, it was a _technical_ question - is MAC OS known as having
> pests
> > > >> and ad-ware in the comparable numbers (if any)?
> > >
> > > * stepnwlf at magma.ca (John Underhill) [Wed 14 Jul 2004, 19:45 CEST]:
> > > > This is spurious logic. You are suggesting that Mac is a more secure
> > > > operating system, and I would suggest that it is probably far less
> > > > secure, because it has not had to withstand years of unearthing
> > > > vulnerabilities in the code.
> > >
> > > It has.  Darwin is based on years of development in BSD code.
> > >
> > >
> > > -- Niels.
> > >
> > > --
> > > Today's subliminal thought is:
> >
> 
>

• Previous message (by thread): Spyware becomes increasingly malicious (let's return to reality)
• Next message (by thread): Spyware becomes increasingly malicious (let's return to reality)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]