Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Lycos Anti-Spam Screensaver Inspires Trojan

timothy posted more than 9 years ago | from the this-gets-confusing dept.

Security 167

Even though it's been withdrawn, the Lycos anti-spam screensaver is not forgotten. Rollie Hawk writes "And with this, the 'What's Good for the Goose...' award goes to all those people trying to install that notorious spam-attacking Lycos screen saver but ended up with a Trojan horse instead. This trojan is spreading via email with the subject line 'Be the first to fight spam with Lycos screen saver,' tucked in an innocent-looking file called 'Lycos screensaver to fight spam.zip.' According to F-Secure, this trojan contains keylogger elements but little more has been specified. The only question I have is how long until the 'I promise to clean that trojan disguised as a DDoSing Lycos screen saver.exe' virus gets released."

cancel ×

167 comments

Sorry! There are no comments related to the filter you selected.

hmm hmm hmmmm, hmm hmm hmmmmm (1, Funny)

Anonymous Coward | more than 9 years ago | (#11031281)

Trojan maaaan! Trojan maaaaan!

Bloody wonderful! (0)

Anonymous Coward | more than 9 years ago | (#11031292)

But i guess Lycos are rubbing their hands... all publicity is good publicity.

Re:Bloody wonderful! (1)

lintux (125434) | more than 9 years ago | (#11032267)

I'm not so sure if "We spread viruses" is a good form of publicity. In that case I'd rather have no publicity.

tojans... (4, Insightful)

utopianfiat (774016) | more than 9 years ago | (#11031301)

Well isn't that the basis of most trojans?
"I promise to clean your room, do your homework, give you neck rubs, check for typos, and build a perpetual motion machine!"
If they really wanted to, they could have tacked on a trojan that had absolutely nothing to do with the screensaver and call it that anyway.
I'm actually surprised the trojan doesn't DDoS Lycos.

Re:tojans... (1)

koi88 (640490) | more than 9 years ago | (#11031333)


I promise to clean your room, do your homework, give you neck rubs, check for typos, and build a perpetual motion machine!

Wow, that's fantastic... where can I download this stuff?

Re:tojans... (0)

Anonymous Coward | more than 9 years ago | (#11031369)

This is the best!! I can't wait for the class action lawsuit against Lycos!!

Start the derivatives trading folks! Puts on Lycos!!

This is soo engineered, I am sure whoever is doing this is riding the financial waves..

Re:tojans... (1, Informative)

Anonymous Coward | more than 9 years ago | (#11031395)

Of course the enormous joke here is
http://info.lycos.com/pressroom/100604_press.a sp

and you just go check a mail server log who administrates the netblocks that pump the most spam ...

uhh... that's right, daum / kornet

Re:tojans... (1)

utopianfiat (774016) | more than 9 years ago | (#11031425)

I want to take a hit with this first post. I should probably be at 80% insightful, 20% misspelled.

Re:tojans... (0)

dkleinsc (563838) | more than 9 years ago | (#11031770)

Wow. Sounds almost as good as having a girl/boyfriend!

Re:tojans... (1)

Pxtl (151020) | more than 9 years ago | (#11032290)

Idunno, when I read the headline I was hoping for the reverse - that is, a trojan email virus that would use luser computers to DDOS spammers. Instead of white-hats vs. black-hats, we'd have black-hats vs. blacker-hats.

Futility (5, Interesting)

Lonesome Squash (676652) | more than 9 years ago | (#11031302)

Every formal system has its Goedel sentence; every immune system has its HIV. It's the price of complexity.

Of course, that doesn't make formal systems, immune systems, or anti-spam screen savers useless.

Re:Futility (2, Insightful)

Himring (646324) | more than 9 years ago | (#11031377)

It's the price of complexity.

I whole-heartedly disagree. This shit we deal with on a daily basis that threatens our network, kills our switches and routers, makes management scramble and IT constantly try to fix/patch/protect against is not due to complexity alone. It is due to the POS OS called Windows that suffers from MSTD (Microsoft Transmitted/Terminal -- take your pick -- disease). Other OSes are complex, but they do not suffer the same horrific fate. I am constantly boggled at work as I try to sell Linux to be given the Microsoft-created line, "no OS is free -- there's cost involved." It took months for me convince management that we could use Linux without paying for licensing, but then they started using the new line (surely invented by MS) which is based off of the fact that you gotta pay for consultants/labor/research, blah, blah to use an OS (oh brother duh! let's forget the millions we dish out to the "Microsoft Tax"). Now, I'm trying to push Firefox over IE and I get the tried and true line, "well, as soon as Firefox becomes as proliferated as IE then it'll be just as bad." But, that's not proven yet, and there have been OSes, web browsers, that have been proliferated that have not suffered the same fate.

I'm saying stuff we all know in a forum that will appreciate it, but come on guy. You call yourself a /.er?

/endrant

Re:Futility (1)

Otter (3800) | more than 9 years ago | (#11031493)

You forgot to blame Microsoft for HIV and Gödelian incompleteness -- come on guy. You call yourself a /.er?

Re:Futility (3, Insightful)

Lonesome Squash (676652) | more than 9 years ago | (#11031571)

I can't believe I forgot to bash Microsoft. Okay, here it goes: Vulnerability is inevitable. As the sophistication of your defence grows, so does its complexity (generally) and therefore (generally) it creates new opportunities for attack.

But that level of vulnerability is in this case completely swamped by the utterly inexcusable inattention that MS has paid to basic security at the design and feature packaging phase.

To extend the analogy, it didn't take HIV to jeopardize the health of those who share needles or who have numerous, unprotected, anonymous, sexual contacts. Nonetheless, HIV like the spam-sending trojan anti-spam screensaver.

Re:Futility (1)

ZorinLynx (31751) | more than 9 years ago | (#11031765)

I love how they say "Well we have to pay for consultants/sysadmins/etc. if we run Linux!" and use that as an excuse to run it.

Hellooooo, the company's already paying for an IT staff; why not just let them learn Linux? They'll then be even more flexible, capable of administrating both Windows and Linux, and at the least you may have to give them a small pay increase for their troubles.

This especially applies to big companies with dedicated IT staff; what's wrong with letting them train to administer Linux systems? You don't need to put an ad out for a new sysadmin; in fact if one of your admins is suggesting Linux, he probably already has some knowledge and can administrate the systems from the get-go.

-Z

Re:Futility (0)

Anonymous Coward | more than 9 years ago | (#11031857)

Pff, how can some IT guy run a Linux department without a piece of paper saying LXCE or somesuch?

I'm sorry, but until Linux can train people with the intelligence, cunning, and rugged good looks of your typical MSCE, Linux will never be ready for the corporate desktop.

Re:Futility (1)

DrSkwid (118965) | more than 9 years ago | (#11031820)


hmm, which non IE web browser had almost 10 years of >90% market penetration again ?

Re:Futility (1)

miu (626917) | more than 9 years ago | (#11032041)

Oh come on - the original poster was completely over the top in blaming MS for all the ills of the Internet, but can you honestly claim that IE is not a rotten piece of software. I'm not talking about market share here, I'm talking ease of use and features and security - IE was better than Netscape during those awful 4.x releases, but at this point IE is a solid last as far as browsers go.

Re:Futility (1)

TheUnFounded (731123) | more than 9 years ago | (#11031460)

GOEDEL's THEOREM

For any consistent formal system F purporting to settle, prove or disprove all statements of arithmetic, there exists an arithmetical proposition that can be neither proved nor disproved in this system; therefore, the formal system F is incomplete

Re:Futility (2, Insightful)

B'Trey (111263) | more than 9 years ago | (#11031478)

Your first sentence is true but irrelevant. Just because you can't make a system completely foolproof doesn't mean you can't make it highly fool-resistant. The common security issues that are causing so much trouble have nothing to do with Goedel or complexity. The danger can be greatly reduced in the OS design phase if security is given any priority. Of course, security wasn't a priority in the design phase of the most popular OS, and now they're scrambling to attach it peice meal after the fact.

Re:Futility (1)

adeydas (837049) | more than 9 years ago | (#11031500)

exactly. lycos is no way responsible for this so why play the blame-game on them...

Not Surprising (4, Funny)

iBod (534920) | more than 9 years ago | (#11031313)

I wonder though, just how many people are going to want to fight spam using an attachemnt that arrives in a spam email?

Re:Not Surprising (1)

brainburger (792239) | more than 9 years ago | (#11031347)

Hopefully anyone knowledgeable enough to know what the Lycos Screensaver did would not run an unsolicited email attachment.
- However, there seems to be no limit to human gullibility so we shall have to see..

Re:Not Surprising (1)

brainburger (792239) | more than 9 years ago | (#11031384)

Hmm, that's interesting. I used to get a lot of spam advertising anti-spam services (which may or may not have involved trojans or phishing ploys). However, of the 53 spams in my spam folder right now none are for anti-spam stuff. - Maybe those spammers gave up, in which case their targets can't be as dumb as I thought...

Re:Not Surprising (1)

safepage (530529) | more than 9 years ago | (#11031390)

Q: How many people are going to think they can grow their private parts...get a date with a beautiful woman...get a degree...get free p0rn...etc. by sending cash to a mailbox in Timbuktu? A: Lots, welcome to the world of the stupid!!

Re:Not Surprising (2, Insightful)

oiarbovnb (728906) | more than 9 years ago | (#11031486)

Absolutely no one can get free porn by sending cash to a mailbox...because then it is not free, duh!

:)

Re:Not Surprising (0)

Anonymous Coward | more than 9 years ago | (#11031399)

many.

but look on the bright side, at least they get to be on SOMEBODYS botnet!

Re:Not Surprising (1)

Chapium (550445) | more than 9 years ago | (#11031544)

Who do you think makes the v14gr4 industry profitable?

Re:Not Surprising (1)

ggvaidya (747058) | more than 9 years ago | (#11031956)

I wonder though, just how many people are going to want to fight spam using an attachemnt that arrives in a spam email?

It's beautiful marketing; what will make you say "ARGH, stupid spammers!" as much as spam? All you need is for one ordinary, intelligent person to get mad and not think straight for five minutes ...

Well, that's what you get (4, Insightful)

millwall (622730) | more than 9 years ago | (#11031314)

Fighting back with the same measure is not always the solution.

Fighting violence with violence doesn't work. Why should fighting spam with spam work any better?

Re:Well, that's what you get (1)

Thats_Pipe (837838) | more than 9 years ago | (#11031375)

I think this is a case of people ignoring history. We have a vast reservior of previous experiences from which we can learn from and instead someone ignores it all figuring this time will be different.

Re:Well, that's what you get (1)

piotr alfredovich (820692) | more than 9 years ago | (#11031429)

I find that fighting violence with violence does wonders.

One night coming home from the cinema, this guy walks up to me, says 'give me your wallet'. I say 'fuck you and give my best to your mother'. He pulls a knife. I kick him in the balls. I walk home with his wallet and knife.

Violence doesn't work? Pftui I say. It's even profitable.

Re:Well, that's what you get (0)

Anonymous Coward | more than 9 years ago | (#11031521)

You ever dance with the devil in the pale moonlight?

Re:Well, that's what you get (-1)

Anonymous Coward | more than 9 years ago | (#11031594)

Sure, if lying does it for you

Re:Well, that's what you get (4, Insightful)

GoodNicsTken (688415) | more than 9 years ago | (#11031437)

"Fighting violence with violence doesn't work."

Really? I think history has shown otherwise. Hitler comes to mind.

Spammers know what they are doing is wrong. They are simply modivated by money. This app will cost them money and eventually make Spam unprofitable.

The only concern I have is for innocent people that get misakenly tagged as Spammers and end up with a 10K bandwidth bill.

Re:Well, that's what you get (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11031830)

That's a pretty bad example. How did we defeat Hitler? By a hell of a lot of violence. Sure seems to have worked to me.

Re:Well, that's what you get (0)

Anonymous Coward | more than 9 years ago | (#11032091)

Evil begets evil. Violence is never the only alternative. Did World War 2 stop Hitler? Yes, but look at the price. It separated the world into two superpowers, it cost an assload of money for everybody, and lots of people die. Keep in mind that Hitler was very good about keeping the concentration camps' secrets a secret. People didn't know what the hell was going on there until they started to get liberated.

Besides, as the United States proved with Iraq, it isn't one country's right to tell another how to operate. The laws governing genocide weren't in place back in the fourties, hell the word "genocide" wasn't coined until the U.N. was formed, and that was AFTER the Germans lost the war.

Re:Well, that's what you get (0)

Anonymous Coward | more than 9 years ago | (#11032190)

Hitler would have been stopped by rebirth of the national socialist party to its advanced state before the regressive influences took it over. Evil is illusionary. Moralistic behavior is behavior that encourages survival, anything else has at best no effect and at worst full opposition effect on it. The word you seek is sovereignty, another word made for its period in history. Imperial is not better, only larger. Better is the collective, the social collective of sustainable republics globally that exerts full force in defense, and not anywhere else.

Re:Well, that's what you get (2, Insightful)

KrancHammer (416371) | more than 9 years ago | (#11031438)

Fighting violence with violence doesn't work.
Yeah. Right. This is manifestly not true, and proven by history to be untrue: see: World War II, American Civil War for starters.So why shouldn't fighting spam with ugly tactics not work?
Not that I am advocating such tactics, or that such tactics are best in this case; its just I don't like cliched generalities like that.

Re:Well, that's what you get (0, Offtopic)

millwall (622730) | more than 9 years ago | (#11031827)

Yeah. Right. This is manifestly not true, and proven by history to be untrue: see: World War II, American Civil War for starters

If we were to see an objective graph where the outcome of wars has been good for people and worth the casualties, and when it hasn't, do you think you would come to the same conclusion?

Re:Well, that's what you get (1)

ceeam (39911) | more than 9 years ago | (#11031440)

Good, so, what _is_ the solution?

(Not just for you but for the whole Net, I should add).

Re:Well, that's what you get (0)

Anonymous Coward | more than 9 years ago | (#11031556)

Idiot. Just because no alternative good solution is available, it doesn't make another a bad solution any more valid!

Re:Well, that's what you get - Mod Parent Down (0)

Anonymous Coward | more than 9 years ago | (#11031445)

Wow, you completely twisted around the post. The post is just about Lycos getting a bunch of press, and someone created a trojan around it. It has nothing to do with the motives behind lycos.

Hell, just look at all of the Free_Virus_Scanner_[Im_Really_A_Trojan].exe .

Don't think that these trojan writers are ethical in any way. They aren't creating the trojan because they disagree with the screensaver's purpose. They are creating the trojan because that's what trojan creaters do.

Re:Well, that's what you get -1 (0)

Anonymous Coward | more than 9 years ago | (#11031476)

Two part message, required to avoid error. Incorrect. There are two means here, to specify: 1. To fight violence with overwhelming violence, that is to kill every individual responsible and physically demolish all former resources to commit violence. 2. To fight violence with specific and controlled violence, not the covert operation but by negotiation that preserves the standing of all parties involved by allowing each to demolish a bit of the other. It is the comment and spirit that fighting violence with violence has never worked, so far as it has been defined above, that has never "worked" in that the passive and unresisting without diplomatic or other social support have always been killed and have always been superseded in effect by those willing to use violence against violence as described.

Re:Well, that's what you get-2 (0)

Anonymous Coward | more than 9 years ago | (#11031504)

Second part. The response made by Lycos is a good demonstration of the principle that was beneficial for the company as Lycos is now a more common word than before. The problem is the nature of an unthinking human, not necessarily ignorant, only unthinking at the moment that allows this opportunity for malevolent virus distributors to gain what they try to gain by that distribution. The tactic implemented by Lycos is appropriate, and if regulated carefully and done by volunteers en mass would effectively render the spam operations uneconomical and demolish them.

Didn't you see Boondock Saints?? (0, Offtopic)

hajihill (755023) | more than 9 years ago | (#11031607)

Who says violence with violence doesn't work??

Didn't you see Boondock Saints?? ;^9

Re:Well, that's what you get (4, Insightful)

HermanAB (661181) | more than 9 years ago | (#11031635)

Fighting spam with email, is like fucking for virginity, but fighting violence with violence does work - you just have to kill everybody.

Re:Well, that's what you get (1, Interesting)

DrSkwid (118965) | more than 9 years ago | (#11031849)


"If violence doesn't solve your problems, you aren't using enough of it"

I think that's from The Art of War but I can't remember, did a quick google but no answer in the first 3 pages

Re:Well, that's what you get (0)

Anonymous Coward | more than 9 years ago | (#11031979)

Unsure of origin of quote mentioned, perhaps simply byword. A quote that does apply as response to the parent: "Violence, naked force, has settled more issues in history than has any other factor, and the contrary opinion is wishful thinking at its worst." - Robert Heinlein

Re:Well, that's what you get (0)

Anonymous Coward | more than 9 years ago | (#11031861)

Peter Kay quote:

"My father's philosophy is to fight fire with fire. That's why he was sacked from the fire brigade!"

Re:Well, that's what you get (0)

Anonymous Coward | more than 9 years ago | (#11032061)

Right. Let's fight spam with violence.

Fighting spam with spam works! Even spammers doit! (0)

Anonymous Coward | more than 9 years ago | (#11032085)

Watch this counterattack:
Email (spam) sent to me today, below.
lowmorgage.net apparently points to makelovenotspam.com, which gives 580 Server Error!!

Date: Wed, 08 Dec 2004 15:47:09 +0200
From: "Melissa Sutton"
To: MY EMAIL ADDRESS
Subject: We all go thru it.
Sender: "Melissa Sutton"

So here's the story,

I asked my parents and friends, for a little loan,

The interest rates on my m0rtgage were killing me :(

And i'd like to "live a little" too...

But they couldn't help me out right now....

Luckily, I found these guys;

http://www.lowmorgage.net/x/loan2.php?id=d37

Just thought you might like to know.

Melissa Sutton

SLASHDOT INSPIRES BUGGERY (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11031343)

I always have urges to molest my dog after posting to slashdot.

Re:SLASHDOT INSPIRES BUGGERY (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11031380)

That explains why you post so often.

Philosophical Question... (4, Insightful)

rdc_uk (792215) | more than 9 years ago | (#11031359)

Does it still count as news, to be told something that you KNEW was going to happen, has happened?

Re:Philosophical Question... (1)

Finuvir (596566) | more than 9 years ago | (#11031821)

Does it still count as news, to be told something that you KNEW was going to happen, has happened?

Only if you didn't know when its was going to happen. (or some other details)

Important! (-1, Troll)

ceeam (39911) | more than 9 years ago | (#11031378)

Please read!

DON'T DELETE THIS MESSAGE!

This is not a TROJAN! You may think it's TROJAN, I know, I did.... (etc)

Why bother installing Lycos screensaver, when (0)

Anonymous Coward | more than 9 years ago | (#11031385)

We have slashdot with articles of the same credibility as spam, instant DOS attack, and a perpetual masturbation machine all rolled into one.

OK, for the last time children... (4, Funny)

hackstraw (262471) | more than 9 years ago | (#11031388)


1) Don't take candy from strangers.

2) Don't open email attachments from strangers.

-Mom and Dad

Re:OK, for the last time children... (1)

bizpile (758055) | more than 9 years ago | (#11031432)

1) Don't take candy from strangers

But their candy is always better than my candy...

Shouldn't that be.. (1)

a16 (783096) | more than 9 years ago | (#11031441)

OK, for the last time Mom and Dad...

Don't open email attachments from strangers.

-Your children

Re:OK, for the last time children... (4, Insightful)

musikit (716987) | more than 9 years ago | (#11031443)

2) Don't open email attachments from strangers.

that should be modified

2) don't open email attachments you weren't expecting from anyone

Re:OK, for the last time children... (1)

R.Caley (126968) | more than 9 years ago | (#11031763)

2) don't open email attachments you weren't expecting from anyone

2) don't open email attachments with your mail client.

Re:OK, for the last time children... (1)

smacktits (737334) | more than 9 years ago | (#11032219)

One can't expect every single attachment, unless people are requested to call or email you in advance to say that they will be mailing an attachment.

Do you do that?

Re:OK, for the last time children... (1)

hendridm (302246) | more than 9 years ago | (#11031446)

2) Don't open email attachments from strangers.
3) Don't open strange email attachments from friends and relatives.

Re:OK, for the last time children... (4, Funny)

ceeam (39911) | more than 9 years ago | (#11031462)

Given the reality it should be rather like this:

"OK, for the last time, Mom and Dad

1) Don't take candy from strangers.

2) Don't open email attachments from strangers.

-children"

I'm not sure about 1 though.

Re:OK, for the last time children... (0)

Anonymous Coward | more than 9 years ago | (#11032182)

1) Don't accept lollipops from strangers ?

Ok, mod me as Troll.

That Makes Sense (1)

jstrain (648252) | more than 9 years ago | (#11031396)

Of course everyone knows that you should always open email attachments that you aren't expecting from people that you don't know...

it's their own damn fault. (0)

Anonymous Coward | more than 9 years ago | (#11031403)

Anyone who opens and runs a *.zip or *.exe file in an email without requesting this get's what they deserve. These are the same damn people who open every virus ever sent to them, pass it on to others, install gator, and are part of zombie networks. I have no sympathy.

Obligatory File Extension Hiding Reminder (5, Interesting)

prandal (87280) | more than 9 years ago | (#11031537)

When the Windows user has file extension hiding turned on (Microsoft's default), the attachment yohavewon.txt.exe appears to them as youhavewon.txt. It doesn't take much for the malware writer to use the standard windows "text file" icon as the application's icon, and the social engineering attack is complete.

I will not believe that Microsoft takes security seriously until they they issue updates for all their operating systems to disable this misfeature permanently.

Re:Obligatory File Extension Hiding Reminder (1)

HermanAB (661181) | more than 9 years ago | (#11031669)

No, no, no - turning off filename mangling in Windows will kill the whole trojan horse industry and will put hundreds of thousands of American IT guys out of work, which would be very unpatriotic. The only thing worse for the American IT industry would be turning off the Windows scripting host server. It would be calamitous. Think of the poor little children.

Re:Obligatory File Extension Hiding Reminder (0, Offtopic)

SammysIsland (705274) | more than 9 years ago | (#11031787)

One other big Windows pain in the ass is that renaming files doesn't change the extension, unless done in cmd window.

Re:Obligatory File Extension Hiding Reminder (1)

Feanturi (99866) | more than 9 years ago | (#11031995)

No, as annoying as it is to see that a lot of people aren't aware of what they are opening, there are big problems they'll have by turning file extension hiding off if they still can't be bothered to learn what the extensions represent. Rename a file, and forget what the three letters were, or forget to include them at all, the dialog that comes up to warn them about this won't be read, they'll click Yes, and now their file is 'broken' as far as they know. And they don't know why. They'll phone you to find out why, and they won't tell you important things like this happened right after they renamed the file, they'll leave that part out. It can never be something they did, it was something Windows did, and please fix it! This is probably going to happen to them a few times a week and they'll still never read the dialog or clue in. That's why it's good to hide them, OR, much better, to come up with a more secure scheme for telling the OS how to open a file. The extension thing sucks, hiding or not hiding them doesn't really help the average user one way or the other.

Re:Obligatory File Extension Hiding Reminder (2, Funny)

mog007 (677810) | more than 9 years ago | (#11032113)

Microsoft thought it would be a really keen idea to have the messenger service enabled by default for Windows XP HOME edition. That's HOME edition. I'm fully aware of the usefulness of the messenger service in a business environment, but in a HOUSEHOLD?! WHAT THE FUCK? That doesn't make ANY sense to me at all. Nevermind all the other useless shit that's enabled by default on a standard install of XP Home, such as FTP servers and various other services that were easily exploited.

Re:Obligatory File Extension Hiding Reminder (0)

Anonymous Coward | more than 9 years ago | (#11032192)

I agree that extension hiding is incredibly stupid, useless, annoying, and unsafe, but I think they need to go beyond just disabling/removing this feature. I don't think it's necessary to have the capability to run attached programs and scripts from a mail client. At the very least, an additional step (such as a dialog warning of the danger) should be required.

Re:Obligatory File Extension Hiding Reminder (2, Informative)

wx327 (782536) | more than 9 years ago | (#11032258)

Well, if you wanted to think one level deeper, a real file named youhavewon.txt would just appear as youhavewon, if file extension hiding is turned on.

Not that the average user thinks that deep...

Re:Obligatory File Extension Hiding Reminder (1, Interesting)

Anonymous Coward | more than 9 years ago | (#11032404)

Well, extension hiding still makes sense as a default option. Things are pretty easier that way for your average computer-illiterate user.

There's far worse things enabled by default on Windows system, like the aforementioned WSH (no GUI option, and people actually using shell scripting should be able to turn on the engine by themselves), or file sharing capabilities enabled on remote access connections (bright move for the consumer editions of Windows, 9x and the likes).

Add the host of background services that come up with any fresh install of Windows NT/XP, most of them people will never have a use for nor ever know what's running in the shadow. Windows as the standard home-operating system is something scary.

And of course (1)

JSkills (69686) | more than 9 years ago | (#11031436)

We all need a SCREENSAVER to fight spam for us. Never mind doing the traditional boring things like not posting your email address everywhere and using proper filters.

What's next, a hot new game that is also an anti-virus tool? Reminds me of the old SNL bit "It's a floor wax. It's a dessert topping. Actually it's BOTH!".

News? (3, Insightful)

Renraku (518261) | more than 9 years ago | (#11031474)

How many of you didn't see this coming?

Shady programs attract shady characters and shady tactics.

Doesn't matter if its by a major corporation or John Q. Crackdealer.

Re:News? (1)

ceeam (39911) | more than 9 years ago | (#11032508)

Of course, it's not that shady programs do NOT attack non-shady characters and non-shady tactics.

Semantics (5, Informative)

Meostro (788797) | more than 9 years ago | (#11031490)


Will everyone please use the proper terms for these objects? "Misnaming Viruses" would've been my choice for the peeve poll [slashdot.org] :

A virus [wikipedia.org] is a self-replicating program that spreads by inserting copies of itself into other executable code or documents.

A Trojan [wikipedia.org] is a malicious program that is disguised as legitimate software.

A computer worm [wikipedia.org] is self-replicating, but is self-contained and does not need to be part of another program to propagate itself.

So most of the so-called viruses [linuxmafia.com] that are out there are really Trojans - they claim to be one thing, but are actually something else. Once you delete the original(s), you're finished; they don't generally infect your other files to propagate, they just make several copies of themselves independent of your programs. Other than macro viruses [wikipedia.org] , there are very few true viruses in the wild these days.

Re:Semantics (-1)

Anonymous Coward | more than 9 years ago | (#11031621)

The plural is viriiiaaa, stupid!

Wine? (4, Funny)

raistphrk (203742) | more than 9 years ago | (#11031495)

Does the "screen saver" work in Wine? I want the benefits of the trojan without the overhead of an antivirus program.

Re:Wine? (1)

rollx (830963) | more than 9 years ago | (#11032384)

If you'll get it, please, send it to me.
I wanna infect my FreeBSD box with this trojan.
E-mail me at: root@hotmail.com

Only option is not to play? (1)

gmknobl (669948) | more than 9 years ago | (#11031509)

Increasingly I'm thinking that the only option to stay truly safe on the net or to keep from getting frustrated from the never-ending battle of "white hats vs. black hats" so-to-speak, is not to play at all.

I mean, if it's spreading like wildfire that means people are still just as uneducated OR want to harm the spammers and do something stupid because of it. No matter how much I try to educate people in our department about opening attachements before scanning them, or to ask themselves "do I know the guy that sent me this?" or to give their friend a call to double check on that unsolicited attachment's legitimacy, people still open the d*mn things anyway and *POOF* get nailed by something nasty.

So why should I or they even play the game of using the 'net for anything - if we have a choice in the matter?

If you can't ever win, and by win I mean be productive good workers by using the computer WITHOUT getting a virus that screws you over, DON'T PLAY THE GAME! Disconnect and drop internet cord altogether.

Personally, I'm not there yet but wonder more and more often when I see stuff like this whether it's coming to that

What do other /.-ers think about that?

Re:Only option is not to play? (1)

J-Doggqx (809697) | more than 9 years ago | (#11031799)

I think if you just use common sense then you don't have to play the hat game or even worry too much about your own computer.

The only thing that worries me is the growing number of people I know that don't care about being careful. They practically give their computer to the zombie networks! Though unless these zombies can launch DOS attacks on all of my favorite sites 24-7 so I can never access them, I don't think it will ever be more than an occasional annoyance to me.

Re:Only option is not to play? (1)

DrSkwid (118965) | more than 9 years ago | (#11031887)


what I think is that "attachments are evil"

If you want to have a file, send me a URI to your FTP server.

That's the way email started, and thats the way it should have finished.

Whoever thought of MIME want's strangling with a rusty wire.

My thoughts (0)

Anonymous Coward | more than 9 years ago | (#11031591)

I've posted my thoughts on the situation right here. Comments are very welcomed.

Apology... (-1, Flamebait)

HermanAB (661181) | more than 9 years ago | (#11031600)

This trojan horse only spreads on Windows PCs, because Linux has a small desktop market share. Once the Linux market share is larger, any .exe and .zip file will execute as soon as a mark clicks on it...

Re:Apology... (1)

ral315 (741081) | more than 9 years ago | (#11031886)

No, it only spreads on Windows PCs because Linux users generally won't download an executable file from a conspicuous e-mail.

how long before... (1)

willCode4Beer.com (783783) | more than 9 years ago | (#11031628)

So how much longer till someone gets so torq'd by spam that they write a worm to DDOS the spammers.

Considering the way most spam gets sent by zombies, this might be a worm that targets zombie machines ... you can imagine the rest.

Zombie gets told to send spam, calls his zombie friends, then they DDOS the box that sent the request, then they do some evil to "alert" the owner that they're box is corrupted.

I think the only reason we haven't seen this is all the good worm writers are writing the worms to make spam zombies.

Would any of this actually help or make things better? I doubt it. Fighting evil in an evil manner rarely results in an improvement (insert Iraq, El Salvador, Afganistan comments here).

Re:how long before... (1)

colinleroy (592025) | more than 9 years ago | (#11031832)

they DDOS the box that sent the request

They send requests via IRC, and the zombies are connected to some channel to listen for orders. This makes it difficult to know where the requests come from.

Re:how long before... (1)

colinleroy (592025) | more than 9 years ago | (#11031907)

Made a bit of research: look there [66.102.9.104] for an example of IRC-controlled zombie.

Re:how long before... (1)

willCode4Beer.com (783783) | more than 9 years ago | (#11032275)

I have learned something new today.
Things are not as simple as I first thought.

Just a spammer's response (1)

bigberk (547360) | more than 9 years ago | (#11031651)

In case you've forgotten, these days it is spammers who write (or fund the writing of) worms/viruses. The screen saver "took it up a notch" in the battle, and the spammers are just responding in the only way they know how; spamming :)

"Innocent-looking" file naming conventions (1)

base_chakra (230686) | more than 9 years ago | (#11031852)

... an innocent-looking file called 'Lycos screensaver to fight spam.zip.

It's a matter of personal experience, but if a distributed file has an unsubtle and self-describing (yet imprecise) name like "screensaver to fight spam", it's automaticallly suspect. Legitimate programs just aren't named like that.

Anti-Trojan Screensave (1)

jdaytona (836971) | more than 9 years ago | (#11031981)

Fortunately with the retirerment of the Anti-spam screensaver the developer's now have time to work on the Anti-Trojan screensaver...

Re:Anti-Trojan Screensave (0)

Anonymous Coward | more than 9 years ago | (#11032086)

So why doesn't someone write an AV scanner/screensaver hookin that will use the 'idle' processor time to perform AV filesweeps of the hard disk every once in a while rather than just waiting for the end user to?

The only question I have is... (1)

ErnstKompressor (193799) | more than 9 years ago | (#11032129)

... how long until we can begin summary executions for spammers. At this point, I don't care about the intrusion, I want retribution. I think the Lycos idea was one of the best I had heard of in a long time -- hit them where it hurts(bandwidth costs).

I have said the same thing here before... "slashdot the spammer's sites so they melt like a stick of butter"... I never thought of the even better idea "slashdot the spammer's sites to within an inch of their capacity so they stay online accrueing bandwidth charges"...

All the ninnies whining about lowering ourselves to their level, etc..., are rubes. Sometimes you gotta punch that bully's lights out who is stealing your lunch money(or else get someone bigger to do it for you).

I fight spam the exact same way (only on a much smaller level). I make sure to submit the email address of the registered domain owner for whatever pharmacy/deal site/mortgage broker that is being hawked, to at least a hundred of their 'assosciates' sites just to make sure they aren't missing any of the great offers out there (the ones filling up my inbox)...

you dont need lycos screensaver - use the webpage (1, Interesting)

Anonymous Coward | more than 9 years ago | (#11032353)

... instead to fight the damn scammers and scammers:

http://www.aa419.org/ladvampire.html [aa419.org]

open in your favourite webrowser and run it on huge broadbandconnections all day long 24/7 if you dont pay for bandwidth. dont use http-proxies for this page.

it will generate huge traffic for the scam/spam sites, and hopefully providers to shut down those damn pages.

thank you
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>