Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How Much Harm Can One Web Site Do?

timothy posted more than 9 years ago | from the depends-on-what-os-you're-running dept.

Privacy 501

Ben Edelman has written extensively on issues including censorship and spyware. He's got a very interesting piece on his site now about who profits from spyware, and how much spyware can be installed on a Windows XP machine when the user simply visits a single Web site using Internet Explorer.

cancel ×

501 comments

Sorry! There are no comments related to the filter you selected.

not much... (5, Informative)

domenic v1.0 (610623) | more than 9 years ago | (#10910620)

if you use another browser like Firefox?

Re:not much... (3, Informative)

Moridineas (213502) | more than 9 years ago | (#10910636)

not much, if you are decently patched (he mentions at the very end the exploit installs don't work if you are running SP2)

Re:not much... (3, Informative)

narcc (412956) | more than 9 years ago | (#10910686)

Not all of us can run SP2 -- It just breaks too many things.

Re:not much... (0)

TheKidWho (705796) | more than 9 years ago | (#10910709)

Yeah SP2 broke my network connection in college, once I uninstalled it everything went back to normal.

Re:not much... (5, Funny)

willy134 (682318) | more than 9 years ago | (#10910830)

That would be pretty secure I think.

No network, no spyware!!!

Re:not much... (1)

domenic v1.0 (610623) | more than 9 years ago | (#10910690)

yeah, i simply installed service SP 2 as well, although I *somewhat* like the scurity measures MSFT took with SP2, in terms of activeX handling and pop-up blocking, I still think they did too much with its "Security Center", I had to disable it in the Services Index so that annoying popup from microsfot theirself wouldnt come up telling me that it cant detect antivirus software, or windows firewall is off. eeek! just as annoying as any other popup from ad/spyware i say.

Re:not much... (-1, Flamebait)

D3 (31029) | more than 9 years ago | (#10910691)

SP2?!? Have you read anything about this patch? The current common wisdom is to NOT install SP2, so I don't think it is unreasonable to test in this fashion.

Re:not much... (1)

Tet (2721) | more than 9 years ago | (#10910774)

The current common wisdom is to NOT install SP2

Really? I never heard of anyone having a problem with it, save for with insecure software[1], and I'd advise anyone running windows to upgrade to SP2 ASAP. From those I have contact with, this seems to be by far the prevailing wisdom.

[1] And personally, I'd rather my software stopped working rather than kept running in an insecure manner. Besides, I haven't yet found a program that doesn't work with SP2. I'm sure they exist, but they're rare.

Re:not much... (1, Interesting)

Anonymous Coward | more than 9 years ago | (#10910850)

If you have two network interfaces, then installing WinXP SP2 results in a strange bug: Suppose your laptop has a wireless interface and a normal ethernet interface. If you start wireless and plug in ethernet while Windows is running, then the ethernet interface won't aquire an IP address via DHCP, even if you turn off wireless networking. If you leave the ethernet cable plugged in, deactivate the ethernet interface and reactivate it, it works as expected. But now the wireless interface doesn't aquire an IP address if you turn it back on, until you disable/reenable it.

Re:not much... (2, Informative)

cob666 (656740) | more than 9 years ago | (#10910892)

But you now have a neat little feature for all the network connections called repair which pretty much does the same thing but behind the scenes.

I know it's a pain to have to click on the icon tray and then select 'Repair' but it's a small price to pay. Also, I don't usually switch my network connection more than once if I move my laptop.

Re:not much... (2, Insightful)

laughing rabbit (216615) | more than 9 years ago | (#10910971)

Sounds exactly like my Linux loaded laptop!

Re:not much... (5, Interesting)

robslimo (587196) | more than 9 years ago | (#10910855)

You guys on the "don't install SP2!" bandwagon need to wise up.

I am personally responsible for the software on 67 windows computers at a university. I am jointly responsible for almost 400 of same.

On the image I created and support, there are 93 applications loaded on top of a base XP install. These range from silly stuff like DivX player to Pro/Engineer. I had to test each and every one of them for SP2 compatibility.

A grand total of 4 applications wouldn't work at all. 2 or 3 more had minor problems. Every one of those with problems were corrected by getting updated versions of said app.

Any other usability problems are strictly a function of the firewall and if you (being a /.er) can't deal with that, then you don't need to be using a computer or posting in this forum.

Re:not much... (4, Funny)

Rombuu (22914) | more than 9 years ago | (#10910945)

Current common wisdom if you are an idiot I guess.

Re:not much... (1)

TheKidWho (705796) | more than 9 years ago | (#10910643)

how about 0! When I used to use IE I would get around 80-160 different pieces of spyware every time I ran adaware. With a nice little reformat and the use of firefox that number dropped down to 0!

Re:not much... (1)

Chess_the_cat (653159) | more than 9 years ago | (#10910696)

There's got to be more to it besides your browser. If you're getting 80-160 pieces of spyware you must be visiting some pretty sketchy sites and have your security settings set to minimal. I use IE almost exclusively and the worst I get is a couple of tracking cookies when I run AdAware.

Re:not much... (1)

TykeClone (668449) | more than 9 years ago | (#10910992)

Unless he's counting cookies and stuff like that.

If it's actually 80-160 spyware processes, I'd be surprised if the machine could boot at all.

China and Spyware (1, Funny)

Anonymous Coward | more than 9 years ago | (#10910749)

The author of the article describing how much spyware can be installed in a single visit to a web site should keep this information to himself. The Chinese are already a major source of viruses, spyware, and spamware [tibet.org] . The Chinese will simply use this information to devise clever ways to install even more spyware and to use that spyware to steal information from your computer. This spyware is a way for Beijing to monitor the computer activies of Americans.

Be afraid.

Re:not much... (2, Insightful)

davesplace1 (729794) | more than 9 years ago | (#10910932)

You would think Microsoft would at least fix AvitiveX for starters. One of the many reasons to run, don't walk to install Firefox.

How much harm? (5, Funny)

Anonymous Coward | more than 9 years ago | (#10910621)

Well, if it's Slashdot, it can leave your server a smoldering wreck.

http://www.benedelman.org/ is the debil? (1, Funny)

Mr Guy (547690) | more than 9 years ago | (#10910629)

So is that link implying that visiting benedelman.org to read the website can install tons of spyware? Good thing I didn't RTFA.

In Case It Gets Slashdotted... (5, Informative)

Anonymous Coward | more than 9 years ago | (#10910646)

From the site.

I've written before about unwanted software installed on users' computers via security holes. For example, in July I mentioned that 180solutions software was being installed through Internet Explorer vulnerabilities. (See also 1, 2, 3) More recently, researchers Andrew Clover and Eric Howes (among others: 1, 2) have described increasing amounts of unwanted software being installed through security holes.


How bad is this problem? How much junk can get installed on a user's PC by merely visiting a single site? I set out to see for myself -- by visiting a single web page taking advantage of a security hole (in an ordinary fresh copy of Windows XP), and by recording what programs that site caused to be installed on my PC. In the course of my testing, my test PC was brought to a virtual stand-still -- with at least 16 distinct programs installed. I was not shown licenses or other installation prompts for any of these programs, and I certainly didn't consent to their installation on my PC.

In my testing, at least the following programs were installed through the security hole exploit: 180solutions, BlazeFind, BookedSpace, CashBack by BargainBuddy, ClickSpring, CoolWebSearch, DyFuca, Hoost, IBIS Toolbar, ISTbar, Power Scan, SideFind, TIB Browser, WebRebates (a TopMoxie distributor), WinAD, and WindUpdates. (All programs are as detected by Ad-Aware.)

See a video of the installations (WindowsMedia format, view in full screen mode when prompted). The partial screen-shot at left shows some of the new directories created by the security exploit.

Other symptoms of the infection included unwanted toolbars, new desktop icons (including sexually-explicit icons), replacement desktop wallpaper ("warning! you're in danger! all you do with computer is stored forever in your hard disk ... still there and could broke your life!" (s.i.c.)), extra popup ads, nonstandard error pages upon host-not-found and page-not-found error conditions, unrequested additions to my HOSTS file, a new browser home page, and sites added to my browser's Trusted Sites zone.

I've been running similar tests on a daily basis for some time. Not shown in the video and screen-shot above, but installed in some of my other tests: Ebates Moe Money Maker, EliteToolBar, XXXtoolbar, and Your Site Bar.

Installation of 180solutions software through security holes is particularly notable because 180 specifically denies that such installations occur. 180's "privacy pledge" claims that 180 software is "permission based" and is "programs are only downloaded with user consent and opt-in." These claims are false as to the installation occuring in the video linked above, and as to other installations I have personally observed. Furthermore, 180's separate claim of "no hiding" is false when 180 software is installed into nonstandard directories (i.e. into C:\Windows rather than a designated folder within Program Files) and when 180 software is installed with a nonstandard name (i.e. sais.exe) rather than a name pertaining to 180's corporate name or product names.

What's particularly remarkable about these exploits is that the bad actors here aren't working for free. Quite the contrary, they're clearly expecting payment from the makers of the software installed, payments usually calculated on a per-install basis. (For example, see a 2003 message from 180solutions staff offering $0.07 per installation.) By reviewing my network logs, I can see the specific "partner" IDs associated with the installations. If the installers want to get paid, they must have provided accurate payment details (address, bank account number, etc.) to the makers of the programs listed above. So it should be unusually straightforward to track down who's behind the exploits -- just follow the money trail. I'm working on passing on this information to suitable authorities.

Note that the latest version of Internet Explorer, as patched by Windows XP Service Pack 2, is not vulnerable to the installations shown in my video and discussed above.

KARMA WHORING A/C! MOD DOWN! (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10910811)

The worst form of karma whore!

Umm... (5, Funny)

telstar (236404) | more than 9 years ago | (#10910654)

Am I supposed to click that link? Finally, we've found the antidote to slashdotting!

Re:Umm... (4, Insightful)

Zoop (59907) | more than 9 years ago | (#10910847)

Well, he has writing abilities that would fit right in here:

("warning! you're in danger! all you do with computer is stored forever in your hard disk ... still there and could broke your life!" (s.i.c.))

OK, if you're going to make fun of someone's English, don't turn the Latin word sic into an acronym. Super Intelligent Comment? Sick Internet Creep? Silly Immature Cretin? Sadly Impoverished Credibility?

Re:Umm... (0)

Buran (150348) | more than 9 years ago | (#10910871)

Actually, he didn't write that. The idiots who can't write proper English (must be the same idiots who write the stuff that lands in my spam folder) wrote that.

Re:Umm... (0)

Anonymous Coward | more than 9 years ago | (#10910911)

Um - yeah - I think you're missing the point here...

How Much Harm Can One Web Site Do? (0, Funny)

Anonymous Coward | more than 9 years ago | (#10910663)

Much, if you count slashdotting as harm :)

Windows XP? (4, Funny)

cyfer2000 (548592) | more than 9 years ago | (#10910665)

how much spyware can be installed on a Windows XP machine when the user simply visits a single Web site using Internet Explorer.

Am I safe if I am on a win2k machine?

Re:Windows XP? (3, Funny)

bestguruever (666273) | more than 9 years ago | (#10910770)

No, win2k is much too recent. What you need to do is get a version of windows that is old enough to no longer be targetted. You still want something with a fairly comprehensive feature set, so I'd recommend Windows ME.

Re:Windows XP? (1)

TheKidWho (705796) | more than 9 years ago | (#10910804)

Or get a mac?

Re:Windows XP? (3, Funny)

xsupergr0verx (758121) | more than 9 years ago | (#10910810)

Honestly, that is the first time I have ever seen someone recommend Windows ME in a serious fashion.

Re:Windows XP? (0)

Anonymous Coward | more than 9 years ago | (#10910869)

calm down, it was a joke. Everyone knows windows 95 is the only way to go

Re:Windows XP? (1)

cyfer2000 (548592) | more than 9 years ago | (#10910918)

No, we have a windows 3.1 box in our lab connected with a special microscope. It has no spyware at all. BTW, no network at ll either. So, Windows 3.1 is better.

Re:Windows XP? (0)

Anonymous Coward | more than 9 years ago | (#10910865)

'I'd recommend Windows ME'

I think that is the first time I have ever heard those words together!

Re:Windows XP? (1)

AceCaseOR (594637) | more than 9 years ago | (#10910876)

If you really want to be safe, use Windows 3.0

Not 3.1, not 3.11, 3.0

Re:Windows XP? (1)

terraformer (617565) | more than 9 years ago | (#10910920)

No. They are not patching Win2K. My friend just had to clean out his home server because he has OE on it checking a general mail box and it got triggered through a piece of spam that got through. Time to upgrade (by which I mean migrate/switch). I use a mac.

What was the actual web page? (4, Insightful)

lxt (724570) | more than 9 years ago | (#10910666)

I did (for once...) read the article, but didn't download the video my question might be answered in that (although if it is only answered in the video, that's pretty stupid - I'm sure many people can't view it, and it's WMV, so I wouldn't actually want to...) but does he actually say what the website visited was?

I mean, I'm guessing most people would visit a reputable search engine, or the default MSN page when they first installed Windows and opened up IE, instead of what I'm guessing must be a fairly dodgy site in order to install so much spyware.

That's not to discredit what he's done - I'm sure novice users would easily get onto these sort of spyware laden pages by mistake pretty quickly...I'm just interested, that's all.

Re:What was the actual web page? (2, Informative)

AnotherScratchMonkey (592037) | more than 9 years ago | (#10910733)

Here's what he types into the browser:
http://xpire.info/fa/?d=get [xpire.info] Entering this in Mozilla 1.8a4 gives me an authentication dialog. Hitting Cancel pops up a Moz file save dialog for a file containing an authentication error message.

Re:What was the actual web page? (1)

AnotherScratchMonkey (592037) | more than 9 years ago | (#10910777)

After clicking on that, two more pages pop up:
http://www.sp2fucked.biz/ [sp2fucked.biz] http://coolsearch.biz/ [coolsearch.biz]

I suggest visiting these sites with "safe" browsers to show your support!

Re:What was the actual web page? (1, Funny)

Anonymous Coward | more than 9 years ago | (#10910740)

He probably didn't say because there are a lot of people who will just click any random URL they see [goatse.cx] .

Re:What was the actual web page? (1, Informative)

Jucius Maximus (229128) | more than 9 years ago | (#10910981)

" He probably didn't say because there are a lot of people who will just click any random URL they see. (goatse link)"

Silly AC, the goatse site just displays a domain registry TOS page now.

wait...

Re:What was the actual web page? (0)

Anonymous Coward | more than 9 years ago | (#10910757)

I read the article, but didn't see the video. So this is just a guess. It could have been a "misspelling" site. A site that has a URL like "slashdit.org" instead of "slashdot.org"

You know you're screwed when.... (0)

Anonymous Coward | more than 9 years ago | (#10910803)

visiting a website leads to:

"System Settings Change. You must restart your computer before the new settings will take effect. Do you want to restart your computer now? Y/N"

Re:What was the actual web page? (5, Informative)

crimoid (27373) | more than 9 years ago | (#10910821)

He used xpire.info/fa?d=get which then redirects to a series of other pages on the same site, eventually landing at www.sp2fucked.biz/user28/2DimensionOfExploitsEnc.p hp which in turn prompts him with an error and a dialoge box asking if he wants to continue executing scripts, to which he clicks "yes" after which all hell breaks loose.

Re:What was the actual web page? (1)

Hungry Student (799493) | more than 9 years ago | (#10910827)

The site in question is http://xpire.info/fa/?d=get [xpire.info] . He doesn't say quite how he came upon this site, but it does install rather a lot of spyware on his machine. Rather worrying, considering all is needed is a redirect to that link and any normal user would just think their pc's running a bit slow as 16 spyware apps are installed. Worrying.

Re:What was the actual web page? (1)

PopCulture (536272) | more than 9 years ago | (#10910874)

The video (for me) was oddly enough an upside-down and backwards screencapture movie of his desktop. I couldn't tell the site URL- the resolution wasn't good enough- but I can tell you that there's b00bies in the popups in the movie, so don't go forwarding this link to your boss just yet ;)

Re:What was the actual web page? (2, Informative)

terraformer (617565) | more than 9 years ago | (#10910967)

I'm sure many people can't view it

Your right. If you did download the video you likely would not have been able to play it. It uses a non-standard codec and every player I have, including MS Media Player for Mac, could not play it...

You could always use a Mac. (2, Insightful)

TheKidWho (705796) | more than 9 years ago | (#10910675)

And get no spyware at all.

Re:You could always use a Mac. (2, Insightful)

Everach (559166) | more than 9 years ago | (#10910753)

The reason Mac OSX and Linux are immune to spyware isn't because it's a superior operating system.

It's because there's no money in it. Someone is getting paid to bombard you with spyware installations. They want to hit as many workstations as possible. And that means aiming for Windows users.

Your post suggests everyone should use OS X or Linux. The day Windows looses majority share of the desktop market is the day spyware and viruses will start to pop up on your OS X and Linux workstations.

The solution isn't to get rid of windows. It's to educate users, fortify the OS against spyware and viruses by closing security holes, and by legislating unathorized software install as a punishable offense.

Just my 2 coppers.

Re:You could always use a Mac. (1)

ValiantSoul (801152) | more than 9 years ago | (#10910773)

The reason OS X, linux, and FreeBSD (which OS X is based on) don't get spyware, is because you need root privilages to install them, and typical users of those systems don't just use root. Its an overal more secure way of doing things unlike Windows which typically the only one using it is running as admin.

Re:You could always use a Mac. (1, Insightful)

harrkev (623093) | more than 9 years ago | (#10910893)

Partially true. It IS harder to do nasty things to linux and macs -- but not impossible. No OS is hackproof unless you simply pull the plug.

So, it is actually a combination of Windows being both easer AND larger that makes it such a tempting target.

If (and I hope this day comes) Linux gets 50% market share, you can bet that things like this will happen. And there might be less of it because it will be more difficult -- but it will happen. All it takes is somebody clever enough and with enough motivation. Right now, 5% or so of all desktops is not motivation. 50% will be.

Re:You could always use a Mac. (1)

rainman_bc (735332) | more than 9 years ago | (#10910939)

The reason OS X, linux, and FreeBSD (which OS X is based on) don't get spyware, is because you need root privilages to install them,

Bullshit. The only real difference is that (in KDE/Gnome) a popup occurrs to type in your root password before installing. Big fucking deal. You think for a second that if windows had that, Bonzai Buddy and that stupid temperature tray thingy wouldn't end up on windows workstations? Dream on. The GP is correct -> windows is targeted becuase of two reasons: 1) Market Share, 2) Lowest average IQ of users.

Re:You could always use a Mac. (0)

Anonymous Coward | more than 9 years ago | (#10910788)

You can't seriously be implying that every other OS would be as vulnerable as Windows.

Re:You could always use a Mac. (4, Insightful)

gmuslera (3436) | more than 9 years ago | (#10910977)

They are not "immune", but at the very least is a lot harder to install spyware/virus/etc, and the no-monoculture effect helps too.

The main defense is their structural strenght, i.e. being thinked from the basis as multiuser, where you have very separated the system admin (the one that have some permission over i.e. what programs are installed) over the user that browses internet.

And dont forget that here the blame goes both for the operating system author (Microsoft) and the browser author (Microsoft again), both good examples of what happens when security is the least priority.

Ha. (1)

sulli (195030) | more than 9 years ago | (#10910978)

The solution isn't to get rid of windows.

Really?

It's to .. fortify the OS against spyware and viruses by closing security holes

Sounds just like getting rid of Windows, or at least IE and ActiveX. Every IE / Windows patch just makes things worse.

Re:You could always use a Mac. (0)

Anonymous Coward | more than 9 years ago | (#10910818)

On any other software either.

Re:You could always use a Mac. (3, Insightful)

CdBee (742846) | more than 9 years ago | (#10910866)

Maybe that's why 6% of iPod users want to buy Macs. Nothing to do with iTunes, iPods and OSX, they just want to be free of pop-up ads.....

Re:You could always use a Mac. (1)

dwm (151474) | more than 9 years ago | (#10910994)

Oh, yeah?

One word:

Spector [spectorsoft.com]

One website (slashdot.org) (1)

suso (153703) | more than 9 years ago | (#10910678)

And one link to a video of the latest cool tech stuff.

Nuff said.

How much damage can one web site do? (3, Funny)

Sensible Clod (771142) | more than 9 years ago | (#10910684)

Certain .cx sites are all the evidence needed. I rest my case.

Sick of Scumware! (1)

Evil W1zard (832703) | more than 9 years ago | (#10910689)

I am just plain sick and tired of web sites installing crap programs like xxxtoolbar, gator, cometsystems and etc..... in the background. I 100 percent understand that advertising pays the bills for many websites, but the end user should have the option of saying yes or no to the installation of these programs as a trade off for viewing the site. If I want to view a site or download something from a site bad enough then I will accept its tracking cookies, but that was my choice. Of course saying that I still hate scumware and block most everything using a combo of both Ad-Aware and Spybot SD. Also 127.0.0.1 can be your friend and an advertisers for :)

Re:Sick of Scumware! (0)

Anonymous Coward | more than 9 years ago | (#10910845)

Using the proper security/privacy settings in IE (the default settings are sufficient I believe), you ARE prompted with a "Yes/No" box when spyware attempts to download/install itself.

I've been using strictly IE for years and have never once had spyware, or virus-related problems.

It's the idiots that quickly click "yes" to every dialogue box that pops up without reading them that get burnt.

How much harm can ONE site do?!! (5, Funny)

RiscIt (95258) | more than 9 years ago | (#10910707)

I LOVE the headline

Apparently we're forgetting the word "slashdot" as a verb.

Re:How much harm can ONE site do?!! (0)

Anonymous Coward | more than 9 years ago | (#10910802)

Er, not to be pedantic, but slashdot.org doesn't do any harm to anyone's computer. It's the people who VISIT slashdot that crash servers.

Re:How much harm can ONE site do?!! (1)

AndroidCat (229562) | more than 9 years ago | (#10910954)

I think slashdotting is a myth. No one ever RTFAs, so how could it bring sites down?

No surpises here. (4, Insightful)

RatBastard (949) | more than 9 years ago | (#10910716)

None of this is a surprise to me. I've been dealing with this crap at work for years now. Spyware is teh single biggest headache the ITS department I work for has to deal with. We spend more time cleaning spyware out than viruses. XP Service Pack 2 has helped a lot, and so has encourgaing the use of FireFox, however, at least 55% of our systems still run Windows 2000 and a lot of the resources we need to access online only work in IE.

Re:No surpises here. (2, Informative)

cybersaga (451046) | more than 9 years ago | (#10910959)

Why not use somthing like Ad-Watch [lavasoftusa.com] , which comes bundled in the Plus and Professional versions of Ad-Aware? That would certainly save a lot of heartache.

I don't use it on my machine only because when windows pop up out of nowhere telling me I absolutely need to download something, I know I don't. But I wouldn't trust hundreds to thousands of employees of a company to know the same.

Yeah right... (0)

rackhamh (217889) | more than 9 years ago | (#10910721)

Sounds like a handy excuse to install sexually-explicit desktop icons to me!

"But honey, it's for research... honest!"

s.i.c. (5, Funny)

Anonymous Coward | more than 9 years ago | (#10910727)

From TFA:

"warning! you're in danger! all you do with computer is stored forever in your hard disk ... still there and could broke your life!" (s.i.c.)

Anyone else find the improper spelling of "sic" (used by an editor to mark improper spelling or usage in a quoted piece of text) to be humorous, or is it just me?

Re:s.i.c. (2, Funny)

JohnGrahamCumming (684871) | more than 9 years ago | (#10910965)

Me, but then I'm the sort of person who likes to use semicolons when writing English; I find that the semicolon is a fun way to join two related sentences without using a period.

Perhaps we should club together and buy the author of this little article a copy of Eats, Shoots and Leaves [amazon.com] .

John.

Depends... (1)

chochos (700687) | more than 9 years ago | (#10910748)

if you mean damage as in "the server got slashdotted", of psychological damage as in "someone told me to go to this goatse site" (or tubgirl, lemonparty etc), or FUD as in "this microsoft site says linux TCO is higher"...

Oooooh you mean by spyware. Sorry, I use Safari, and Konqueror or Netscape when I'm on Linux.

Why not a site "death sentence" (2, Insightful)

mc6809e (214243) | more than 9 years ago | (#10910782)

A site that willfully becomes a source of trojans, exploits, and malware deserves to have all it's packets blocked at a high level or black holed.

Why can't this be done?

Just cut them off entirely.

The big players need to get together on this.

Re:Why not a site "death sentence" (0)

Anonymous Coward | more than 9 years ago | (#10910825)

Their host won't cut them off cause they they wouldn't get any more payment, and the host's ISP won't cut the host off for the same reason. Welcome to the USA, where money puts you above the law.

How much harm a single website can do? (1)

rune.w (720113) | more than 9 years ago | (#10910784)

This is /. asking, hehehe.

Maybe we should give a survey to all those people whose server was reduced to molten silicon after slashdotting...

Not impressed (4, Insightful)

digrieze (519725) | more than 9 years ago | (#10910785)

Okay, let's see, this guy loads up an OS ("fresh", as he writes) that has been targeted by the net scum since it came out, so we know it's vulnerable to every exploit designed for it. Goes to a troll site for 180 and then complains about how awful it is when during installation/first net logon he should have gone straight into the patching process that would have prevented it (in other words, he had to cancel critical patching out intentionally).

This is akin to throwing matches at a tub of gasoline and writing an expose' when it catches fire. Either this guy had too little to write about, had too much time on his hands, or had to win a bet and is trying to slip this one by someone.

Even he admitted his lousy methodology in his last sentence.

This isn't news. It's just a bone thrown out to keep the resident "gotta flame microsofties" happy with a fix for the day.

Re:Not impressed (0)

Anonymous Coward | more than 9 years ago | (#10910836)

This type of thing doesn't happen on Linux or Macs, though, so wipe up those tears and deal with it.

Re:Not impressed (0)

Anonymous Coward | more than 9 years ago | (#10910944)

Okay, go grab a 3 year old linux distro and install it .. see if everything works as good as a new distro.

Re:Not impressed (0)

Anonymous Coward | more than 9 years ago | (#10910849)

The news part could be that it is absolutely trivial to gather evidence of criminal activity on the web, and various law enforcement agencies are doing jack shit about it.

You can visit a web site and have software illegally installed on your machine. I guess that's all just fine and dandy because no corporate interests are being harmed.

Re:Not impressed (1)

jamesshuang (598784) | more than 9 years ago | (#10910934)

How many Joe schmoes are going to know how to update to SP2 after they get a new computer? Chances are, SP1 will be loaded with the new computer, and a shitload of spyware will be on the computer as soon as he connects the broadband.

The problem being outlined is that OS's should be as secure as possible, because not everyone knows how to patch. Unfortunately, WinXP definitely DOES NOT fit that requirement, and until SP2 is the only version that can be installed anywhere, that will be a fact!

Re:Not impressed (0)

Anonymous Coward | more than 9 years ago | (#10910980)

I just did this, fresh XP install, one of the first things the install does it take you to the windowsupdate site and installs SP2. .. unless you go door-to-door confiscating all previous software versions, this is still pretty good.

I'd like to see Linus show up at my door to get my old Linux distro beforeI can get a new one.

Re:Not impressed (0)

Anonymous Coward | more than 9 years ago | (#10910957)

It's to prove how much damage a single site _could_ do if desired. It is throwing matches at a tub of gasoline, except while most people know matches + gasoline = dangerous, a great many don't know that IE + one website = dangerous.

The point is, IE + a single website should not be that dangerous. If you actually saw the video, you would see how quickly his XP installation got infested by simply visiting a website. Who in their right mind makes a web browser capable of having so much access to an operating system that it can be told to install software from the Internet without you even asking it to? WTF?

Yes, this is meant to flame Microsoft, but rightly so. This is one issue where they deserve every third degree burn they get.

Re:Not impressed (2, Insightful)

Yankel (770174) | more than 9 years ago | (#10910966)

I think that says something about Microsoft's installation process.

My last Linux install included an automatic upgrade of the latest packages that had been upgraded for security reasons - even before X was started for the first time.

How are the first round of patches applied when you install XP? My guess is after you finish the installation, you must:

1. Start Windows Updater

Which, I imagine is where we lose pretty much everybody because:

a) users just want to get going already - not install secuirty patches

b) as an article about counterfeit copies of XP in Asia put it, "Windows Update wouldn't work, so they gave up."

Yankel

Now... (1)

robyannetta (820243) | more than 9 years ago | (#10910828)

Give me one reason I should run IE.

Re:Now... (1)

Qwijib0 (628639) | more than 9 years ago | (#10910887)

Because there are still sites that require it to display properly, or at all.

Re:Now... (0)

Anonymous Coward | more than 9 years ago | (#10910982)

Two words...Active Desktop! :)

I love making silly web pages, or flash movies and using them as my background.

Re:Now... (1)

Ratphace (667701) | more than 9 years ago | (#10911001)


I dunno, think of the fun, adventure and excitement you can have uninstalling, deleting and otherwise tracking down spyware and viruses.

I mean, the possibilities are endless for entertainment right in your own home. The only limitation is your imagination!

Cheers!

Gnome + spyware? (3, Interesting)

k4_pacific (736911) | more than 9 years ago | (#10910838)

Particularly amusing was that the article mentioned a proposal to bundle spyware into Gnome 2.0 [gnome.org] . I bet that went over like a strip club in the Vatican.

Re:Gnome + spyware? (0)

Anonymous Coward | more than 9 years ago | (#10910990)

i sent him a nice email indicating i hope he ROASTS IN HELL.

think he got the message?

How much harm can one web site do? (0, Redundant)

Progman3K (515744) | more than 9 years ago | (#10910858)

Ask anyone who's been slashdotted!

Who profits? (1)

ravenspear (756059) | more than 9 years ago | (#10910878)

For the most part it is the companies making the spyware that get to sell ads to the people it infects and the website publishers that promote "pay to install" affiliate programs.

Class Action? Small Claims? (1)

TexTex (323298) | more than 9 years ago | (#10910899)

I'd like to know if anyone has heard success stories of legal action against these companies. Forget about targeting Microsoft or their browser holes, forget about using the "right" browser. My mom doesn't understand why I make her click on the red globe icon instead of the blue E.

I've heard of spammer suits in small claims court being won thanks to the fax abuse law. Has anything similar been done with spyware? If infection and installation can occur and cripple a machine without user permission...requiring computer tech support (and hourly rates) to repair...how could I go about suing these people for those costs?

Re:Class Action? Small Claims? (1)

CamTarn (751785) | more than 9 years ago | (#10910995)

So change the icon on whatever alternate browser you're using to the blue E, and tell her it's a new version =P

Rhetorical? (3, Funny)

zx75 (304335) | more than 9 years ago | (#10910903)

How much harm can one website do? This is slashdot. We blow up poor people's servers for fun!

How much holes does it take... (1)

Alwin Henseler (640539) | more than 9 years ago | (#10910905)

to let a bucket of water run empty?

Answer: only 1

Wherever you place the line in defining a 'compromised system', truth is: once defined, anything that crosses the definition, means breakage, and once broken, a single or a dozen occurences is just more of the same.
As a user, I regard my system to fail when:

  • It fails to provide a function I expect it to provide, like when it hangs, or program calculates incorrect results
  • Info I expect to remain on my system, leaks out unintentionally
From that view, spyware, worms and vulnerabilities are essentially the same thing, as soon as they cause any of the above. A leak is a leak, and only 1 is enough (erhh, too much). Period.

How Much Harm Can One Web Site Do? (0, Redundant)

bgarcia (33222) | more than 9 years ago | (#10910929)

How Much Harm Can One Web Site Do?

Slashdot Effect. Need I say more?

What about mistyped sites... (0)

Anonymous Coward | more than 9 years ago | (#10910940)

Everyone has typos...
Just try mistyping any popular website and you'll find yourself into an undefined site.
hotmail.com --> hotmial.com
google.com --> goggle.com

etc...
etc..
etc.

Again, sensationalism trumps truth (4, Insightful)

Swamii (594522) | more than 9 years ago | (#10910943)

I RTFA, and hidden away deep in the article, we find this gem:

Note that the latest version of Internet Explorer, as patched by Windows XP Service Pack 2, is not vulnerable to the installations shown...

In other words, he's running all this on an unpatched XP machine.

Now, before the Slashdot horde stabs me repeatedly with a big sharp knife for being a Microsoft apologist, consider this situation. I've got an old version of Firefox with a few exploits in it. I report the exploit, and the response I get is that these exploits are already patched. Yet I decide to write a story about the horrific exploits, post it to Slashdot, and stir up a raucus about how bad FireFox's security is.

What I'm proposing is that Slashdot report it's stories with less sensationalism and more professionalism. Put in the story that all this was run on an unpatched machine, and that the said security holes have already been fixed.

Thank you.

Regarding the Video... (3, Informative)

Anonymous Coward | more than 9 years ago | (#10910970)

...may I point out that it is NOT worksafe? Thanks, Ben! Appreciate that.

Glad I didn't have the boss watch it with me in an attempt to convince her of the need to take better anti-spyware measures.

Another good write-up here: (5, Informative)

Saint Aardvark (159009) | more than 9 years ago | (#10910985)

The "Follow the Bouncing Malware" series at ISC's Internet Storm Center [sans.org] has been quite good, too; it looks at what happened to Ordinary Joe's Windows computer when he surfs:

Part 4 is coming Real Soon Now (tm). The ISC handler's diary is required daily reading; always a lot of good stuff to be found. (And every now and then, there's a tale that'll make your blood run cold [sans.org] ...)

Does he have a lawyer? (2, Interesting)

serutan (259622) | more than 9 years ago | (#10911000)

I was not shown licenses or other installation prompts for any of these programs, and I certainly didn't consent to their installation on my PC.

I would love to see somebody slap some criminal charges against the site owner. Hiding behind an obfuscated EULA is bad enough, but installing software without any permission whatsoever has to be illegal, doesn't it?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>