The EFF's Year End Review The ACLU's This Year in Civil Liberties Amnesty International's Anual Report (video) [more inside]
Did you install a Windows patch Tuesday? Listen, and understand. That mystery update is in there. It can't be uninstalled. It can't be reasoned with. It doesn't feel pity, or remorse, or fear. And it absolutely will not stop, ever, until you are assimilated.
UAE phone company pushes BlackBerry update with embedded spyware. The United Arab Emirates phone company Etisalat recently sent out a firmware update to its BlackBerry-using customers, billed as a “performance enhancement patch”. After customers reported the patch degrading their handsets' performance and draining their batteries more rapidly, a programmer examined it and found that it contained spyware from a US company, which could be remotely activated to forward all emails and text messages to a third-party server. [more inside]
Online communities to become more 'all-encompassing.' If you join the SHC community on Sears.com, all web traffic to and from your computer thereafter will be copied and sent to a third party marketing research firm - including, for example, your secure sessions with your bank! The Sears.com proxy will send your logins and passwords along with a cleartext copy of all the supposedly secure data. But wait, it gets better: you can only view the true TOS once the proxy has already been installed. [more inside]
FBI's CIPAV nabs first victim: Former Timberline High School student is the first (known) person to be caught by the FBI's secret spyware program, known as CIPAV (Computer and Internet Protocol Address Verifier). Wired broke the story Wednesday, then received a form letter from the FBI in response to a few key questions. (more inside)
Google turning to the dark side? From the article: In short, Google and Dell have teamed up to install some software on Dell computers that borders on being spyware. I say spyware because it’s hard to figure out what it is and is even harder to remove. It also breaks all kinds of OpenDNS functionality. At the end, I’ll tell you what we’re doing about it.
'Thanks to FlexiSpy, I finally figured out my wife was cheating on me with my brother,' he claims. 'My life is so much better.'
Google earlier this year joined Harvard, Oxford, Consumer Reports, Sun Microsystems, and Lenovo to Stop Badware and will now begin warning searchers of dodgy websites. Badware means spyware, malware, and adware. If you got the Google warning too late, cleanup with AdAware and Spybot Search and Destroy.
Scientific American looks at the Rise of Crimeware Crimeware, or malware with criminal intentions is increasing exponentially. "My company scans 13 million emails a day, and of that email we stop between 3 million and 10 million messages a day because they contain some kind of malware [malicious software]. Of the malware we're seeing, 99.9% is crimeware--something where the bad guys are trying to steal money from the end user. We're detecting one to five new species of virus a day and seeing 100 to 200 new phishing sites appearing every day." Take a look at who's getting attacked. What can we do about it? (PDF report by DHS on crimeware)
"To tell the truth ... I'm sorta surprised they haven't caught me yet," The Washington Post ran an interesting interview with a botmaster, a young man who made serveral thousands of dollars a month installing XXX spyware on machines that he controlled. He installed the software on the machines of people he did not know by hacking into them remotely. The lenghty article included a partial photo of the botmaster along with vauge descriptions of the small midwestern town where the man lives, and was published with the understanding that the man's identity would be kept secret. Someone should have told that to the person that manages photos at the Washington Post. An estute reader over at Slashdot was able to locate some extra information stored in the picture's metadata including the photographer and the location the picture was taken, Roland, Oklahoma, a town of less than 3000 people. Whoops.
Dale Begg-Smith is being called the "golden boy of the slopes" by the Australian media after winning gold in the Turin Winter Games. However, when asked about his business, which has reportedly earned him millions of dollars and enabled him to buy a Lamborghini, Begg-Smith became "..vague about its nature." "It's complicated," he said. "We make the technology for companies to monitor their online advertising campaigns." What is emerging now is that Begg-Smith's companies, AdsCPM and CPM Media, are linked to home page hijacking, spyware, porn redirectors, and other unsavory internet practices. A quick WHOIS of AdsCPM.com reveals that the same IP address is shared with porn domain names and websites that are notorious for distributing spyware. Bloggers using the Wayback machine have turned up similar information. Is he a willing spyware merchant who has now reluctantly been bought to our attention, or a legitimate internet entrepreneur?
Unexpected Features in Acrobat 7: A company called Remote Approach offers a feature to PDF authors to allow them to track the dissemination of their documents. Linux Weekly News reports, "After doing a little research, we found that Adobe's Reader was connecting to http://www.remoteapproach.com/remoteapproach/logging.asp each time we opened the document."
I often say that blogs are currently where the web was in 1998, with history repeating itself only this time with blogs. The latest sign: spyware and viruses are now being transmitted via blogs, specifically, random blogs on blogspot.com, found via the "Next Blog" button. Remember, just because a delightful purple gorilla wants to read blog entries to you doesn't mean you should click on him.
Microsoft AntiSpyware Program Hit by Trojan. Microsoft's Antispyware isn't out of beta yet, and already the virus writers are on the attack. "The Bankash-A Trojan shuts down the AntiSpyware program and then logs keystrokes in hopes of stealing passwords from users. The Trojan is triggered when the user opens the malicious e-mail attachment."
Everyone hates spyware (even MS is getting into the anti-spyware game) for a whole host of obvious reasons, but someone out there must like it, right? One person tracked down the people that love it so much they've given millions of dollars in funding for spyware companies. That's over $100 million to make more spyware. If you check out the portfolio of some of these investment firms (1, 2, 3, 4 and even the dude in charge of The WELL is in on it?!) there are quite a lot of everyday brands funded by the same group that fuels such great software as the uber evil Gator.
For those that use SpamAssassin, you may have noticed a degrading service since January 2004. As usual, Google has the Answer - it seems a spammer paid $200 an overly helpful geek on Google Answers to detail exactly how SpamAssassin works... I wonder if said geek ever got the money?
RealOne without the spyware The BBC, being a public service broadcaster, are forbidden from advertising. However, their internet streams are in Real format - the player of which is not known for being ad-free. The BBC have done a deal with Real to provide a "clean" version of RealOne (Windows only) - only available from the above link.
Ad Aware 6 released. The long awaited (at least for me) king of spyware detectors is now available for download.
Is the Ad Aware project dead? Luckily the SpyBot application is still being updated and its still free.
Your Internet Connection Is Not Optimized! Are the ever-popular fake error message banners illegal? The people involved in the current class action suit against Bonzi Software (makers of the infamous BonziBuddy and several other programs that have been classified as Adware/Trackware and accused of being Spyware) believe so.
Hooray! Great news for those who love to communicate - Microsoft have released a new version of their popular Windows/MSN/.NET Messenger software! So, let's glance at the new features: there's a great new look with a spinny logo thingy, and... and, erm... well... it's had some features removed... like the ability to use third-party add-ons... and, oh but wait, there's new pop-up advertising and alleged spy-ware! Oh...
If Earthlink starts killing pop-up ads will a trend emerge? I hate pop-up ads, but they must have some effect because I see more and more. I can see the logic in Earthlink's attempt to gain customers by promising to block pop-up ads, but will it have an effect? I can get other pop-up killers without getting it from Earthlink. Why don't they address spyware and attack web advertisers where they live?
Comet Cursor not Spyware claim founders. Just Crapware! "The information we were logging was completely useless, except for charging sites for cursor impressions," said Rosen, who pointed out in Lavasoft's forums that Comet Systems is a company of programmers, not marketeers. "You may believe that our software is buggy, in which case you may conclude we're lame, but we're not running a direct marketing business like some of the other malware/adware/spyware companies on your list," Rosen wrote.
Hollings privacy bill really a trojan horse for spyware and data miners? But Hollings' bill should outrage Internet users just as much as Brilliant Digital's spyware. For while it talks a good game about protecting "sensitive" information, the truth is that it would place a congressional stamp of approval on precisely the kinds of practices that purveyors of spyware are eager to engage in.
Kazaa lite (read: "sans spyware"). An alternative for kazaa users concerned with recent findings, and don't want to bother with spyware sniffers.
hacked product? or justified option?
hacked product? or justified option?
New AdAware (Free) out. Not associated with them in any way, shape or form. But it's still one of the best spyware killers out there.
Brillian Digital has quietly attached its software to Kazaa and plans to remotely "turn on" people’s PCs, welding them into a new network. CEO sez a pop-up box will give people a chance to turn it off. Users who've accept "terms of service" already distributed with Brilliant’s and Kazaa’s software are already agreeing to let their computers be used without any payment at all.
Netscape Phones Home Yet another major software vendor snoops on users. Netscape, the former darling of the anti-Microsoft movement, captures search terms that users enter on third party sites if users have set the search tab in the sidebar to load a site other than Netscape's own search engine and sends information back to Netscape. Can you trust your own system anymore?
Are you using VX2? If you are, you probably don't realise it. It's a piece of spyware hidden with Audiogalaxy that "collects some information from online forms that you fill out". Time to update the Adaware reference file again.
File sharing apps may contain a trojan. It seems some versions of Grokster, Limewire and reportedly Kazaa contain a trojan called W32.DlDer Troja. Whilst I am aware that these apps often install scumware, this seems more serious.
Law enforcement and intelligence agencies now have access to software that can remotely record every keystroke and see every file on a target PC.
Law enforcement and intelligence agencies now have access to software that can remotely record every keystroke and see every file on a target PC. Data Interception by Remote Transmission (D.I.R.T.), developed by Codex Data Systems (you need a username and password to get past the opening screen) can supposedly see through PGP, firewalls, whatever you throw at it apparently. Only works against Win95 so far, but that won't last. Is this hogwash or something crucial?
Could sharesniffer be the reason I'm getting so many more netbios attempts on my ADSL machine recently?
Excellent, in-depth analysis of "spyware" used by insidious and horrible software entities such as RealPlayer. Written by my hero and yours, Steve Gibson.
Spyware Control Act introduced. Senator Edwards is worried about certain companies spying on you. Now, these companies might be forced to tell you what information they send back to their servers. (via grc)
The Anatomy of File Download Spyware. A nice report on the "spyware" present in downloading utilities like Netscape/AOL's "Smart Download", NetZip "Download Demon", and RealNetworks "RealDownload". It's true, we are all being watched.
The original programmer of the Broderbund/Mattel "spyware" explains that it's actually NOT spyware. This topic was originally discussed on MeFi in this thread.
What in the hell is it going to take? Broderbund/Mattel puts spyware in kids reading programs... [/.]
This is scary as hell. I'd like someone to explain to me how this ("update-dll.exe") is any different than "Back Orifice" or "Backdoor G7"? Aren't these guys violating the law? Where's the FBI when we need them?
The Spyware Infested Software List. All programs on this list surreptitiously report back to a server telling either what you've been doing or what is on your computer. It's quite a list. I don't understand why Navigator isn't on there, though. Navigator's "What's Related" feature does exactly the same thing.
Forget about privacy on the net. If you thought that being tracked by Doubleclick was a grosse invasion of privacy, imagine what it would be like if your employer was given open access to your home computer.