Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google's Anti-Spyware Project

CowboyNeal posted more than 8 years ago | from the keeping-things-clean dept.

Google 185

peterfa writes "Sun and Google have teamed up and started a project called Stop Badware. This project aims to expose all the spyware and adware bundled in software and the companies that are responsible. While it's funded by Sun and Google, the research will be done by Oxford and Harvard."

cancel ×

185 comments

Harvord! (4, Funny)

Anonymous Coward | more than 8 years ago | (#14574255)


While it's funded by Sun and Google, the research will be done by Oxford and Harvord."

Hay, I got my Computor Sciense degrie from Harvord Web Univercity! I'm an aluminumni! I lerned abowt it frum adware witch was monitering my /. typiing skils and sugestid I enrol rite away (don't bothur enterring you're credit card, we alreddy know it, jist hit buton and you start on yor way too hire educatoin!!!1) (My sistor is going to Oxfurd!)

I try anty spywear softwear but, itt keeps flasshing lotsa things on teh screen with WQRNINGs and stuff, so I geussed it didn'tinstall rite so I uninstaled them all. Ihop this works betters!

Ad-Aware-Aware(TM) approved text

Mr. Grabpot Thundergust has 600,000$AM for you!

Re:Harvord! (0, Offtopic)

Mike Savior (802573) | more than 8 years ago | (#14574410)

"pres butan, receev degree"

Re:Harvord! (0)

Anonymous Coward | more than 8 years ago | (#14575007)

i write a funny joke, and some idiot has to come along and take it to far, thanks

Re:Harvord! (0)

Anonymous Coward | more than 8 years ago | (#14575021)

Yeah, it was _so_ goddam funny in the first place.

Re:Harvord! (0, Offtopic)

Mike Savior (802573) | more than 8 years ago | (#14575031)

I could be spiteful, but I won't. Nice job being a clod because you don't find my humor funny.

Re:Harvord! (3, Funny)

NotWorkSafe (891638) | more than 8 years ago | (#14575163)

I'm a clod, you insensitive clod!

Re:Harvord! (0)

Anonymous Coward | more than 8 years ago | (#14575023)

I guess the Harvord motto is "Nunc Id Vides, Nunc Ne Vides"

Re:Harvord! (1)

Henk Postma (703916) | more than 8 years ago | (#14575490)

Funny yes, but where in the article or slashdot editorial does it actually misspell Harvard?

Google Toolbar? (4, Interesting)

BEI01 (567185) | more than 8 years ago | (#14574262)

I wonder if Google Toolbar will be included in this.

Re:Google Toolbar? (0)

Anonymous Coward | more than 8 years ago | (#14574343)

Of course not. 1. because it is funded by google. 2. google toobar has never been installed against my will on my machine ever.

Yahoo! toolbar has been installed and I was informed about it before installation but it was still against my will. i removed it later (after package installation) without much acrobatics. i would still not consider it a spyware because it is not spying on me. it is not even a malware. it could possibly be classified as junkware but nothing more evil than that.

I just misread this as "Google Trollbar?" (-1, Offtopic)

complexmath (449417) | more than 8 years ago | (#14574368)

Looks like it's about time to go home for the day.

What is there to research? (3, Interesting)

orangeguru (411012) | more than 8 years ago | (#14574268)

We need spyware killers and better protection - not more academic research. They should fund some OS project to help users.

Re:What is there to research? (4, Insightful)

networkBoy (774728) | more than 8 years ago | (#14574298)

Actually the research should be done as it will help the developers of OSs and apps to understand how spyware gets on systems. If most spyware arrives because someone installed Bonzai Buddy then that is different than exploits being used to install without user consent. While they are both bad I think it is vital to OS developers to know why and how this stuff gets there.
-nB

Re:What is there to research? (3, Insightful)

orangeguru (411012) | more than 8 years ago | (#14574734)

Hmmm. Many Windows loopholes are well known - but the main reason for spyware gets installed are the users themselves. Either they don't fix loopholes (by running windows patches), use safe browsers or they simply can't resist the temptation to install any crap they find.

Sure - we can't blame it all on users and their badly managed/protected systems - but some safer computing with more brains could help ... a lot ...

Re:What is there to research? (4, Insightful)

SilverspurG (844751) | more than 8 years ago | (#14574720)

What we need is a legal precedent set to establish that, yes, a computer belongs solely to the person who shelled out the cash for it. No, it does not belong, in whole, part, or by EULA, to any idiot who manages to package their badware with some stupid search toolbar, screensaver, or desktop theme.

Re:What is there to research? (1)

MikeFM (12491) | more than 8 years ago | (#14574858)

They could probably buy something like Spybot Search and Destroy pretty cheap and bring it's developers into their fold. With that kind of money behind them they could no doubt become the best product on the market and the existing program would give Google a big start. Spybot is pretty popular already due to it's price and fairly high quality. Polish it up a bit, opensource it, and give it away free from Google.

Re:What is there to research? (2, Insightful)

John Bokma (834313) | more than 8 years ago | (#14574956)

"They should fund some OS project to help users" Ah, yeah, I forgot, the problem is CS, not the user behind the computer... Can you explain how OS is going to make a lot of users understand that a program they get via email / messenger can do more then they expect? Or are you just hoping that the lack of support of some hardware, the "use the source, Luke" and other nitfy OS extras are going to scare them away from the computer for good, so that you are again one of the 733+ UberH4x0rz?

Re:What is there to research? (4, Informative)

Michalson (638911) | more than 8 years ago | (#14575233)

Yeah, count me in as another person wondering why there was such a big rift:

Google gets Sun, Lenovo (IBM), WebWatch (Consumer Reports), the Berkman Center for Internet & Society and Oxford University together to form a group called "Stop Badware" that sends money to a bunch of students, who in turn setup a little website that "names and shames" spyware software. The website is to be visited by people that already understand what spyware is and how not to get it. Spyware makers to totally ignore the students strongly worded opinions.

Microsoft leads a group containing Lavasoft (Adaware), Trend Micro, Symantec, Grisoft (AVG), McAfee, Websense, Panda Software, Yahoo, AOL, Dell, HP, Aluria (Earthlink), the National Center for Victims of Crime, the National Cyber Security Alliance, the Samuelson Law Technology & Public Policy Clinic (UC Berkeley School of Law) along with another 2 dozen major security, general internet, public advocacy and legal organizations called the "Anti-Spyware Coalition". Microsoft directs this organization in a three pronged attack on spyware:

- Clearly defining what spyware is and what is does, in order to improve understanding among normal users, providing common standards for anti-spyware software, and helping to make spyware a concept that can be used effectively and accurately in legislation.

- Directly confronting spyware makers in the courts, hitting them where it hurts, their wallet. For example this week Microsoft is pulling in Washington Attorney General Rob McKenna to file a lawsuit against the makers of "Spyware Cleaner", a product that actually infects computers with its own spyware, and is advertised through misleading email and messenger spam. Microsoft has already had numerous court room victories against the spyware makers and spammers.

- Using the rigorous terminology defined in point 1, with the court precedent created in point 2, the ASC lobbies Congress to pass tough anti-spyware laws, closing the loopholes and grey areas that make spyware non-trivial to legally stop.

So to compare, one camp has declared war on spyware, and has assembled the best generals in the industry and the largest groups of regular troops, and launched a major assault on the spyware mainland, already capturing several cities. The other camp has gotten together at the local university to sit around writing beatnik poetry about how bad spyware is.

Re:What is there to research? (5, Informative)

TubeSteak (669689) | more than 8 years ago | (#14575417)

TFA is very light on details, so I went directly to the source and read the StopBadWare.org press release [stopbadware.org]
Here is how the program will work:

Internet users can visit StopBadware.org to check whether programs they want to download are infected with badware and alert others to programs they have encountered that include malicious software such as spyware, incessant pop-up ads or other obtrusive programs.

StopBadware.org will publish short user friendly reports on downloads they have identified as badware, as well as more detailed academic studies on the problem of badware.

StopBadware.org will publicize the names of companies that make up the most insidious purveyors of badware and shed light on how they make money through unethical marketing practices. For example, advertisements will spotlight the worst purveyors of badware.

StopBadware.org will seek the horror stories from Internet users who have been adversely affected by badware. It will publish these stories to raise awareness of badware's harmful affects.
To be fair to the beatniks, they have a different focus and the fact that they've got Consumer Reports on their side shows it. IMHO, Their goal is to review software & not to sue bad guys or write laws.

Re:What is there to research? (1)

lysergic.acid (845423) | more than 8 years ago | (#14575340)

Seriously. And don't even get me started on medical researchers. They need to start creating cures for cancer and AIDS, not more research.

How? (3, Interesting)

imoou (949576) | more than 8 years ago | (#14574276)

The article is light on how the project actually works, do users have to install some sort of detecting tools which alerts them of badware upon download and/or prior to installation?

Is this going to be like the spamm blacklists which can be subjective?

Re:How? (5, Interesting)

Tlosk (761023) | more than 8 years ago | (#14574321)

Personally I'd be satisfied with some sort of a trusted archive that allows you to research different programs/sites/companies. There's a lot of info available on the web but most of it is buried in tech forums or as come ons for dubious spyware removal programs, both of which you're never really confident about the truth. That way it wouldn't be just a yay or nay that goes on under the covers, but a place where you could find out what a program's issues are, or the track record of a developer.

Re:How? (1)

thrillseeker (518224) | more than 8 years ago | (#14575274)

Personally I'd be satisfied with some sort of a trusted archive

Personally, this [debian.org] is the only archive I trust to draw untested (by me) programs to be on my computer (companies I consult for of course frequently use "other" systems - and lose a lot of sleep and hair keeping it semi-clean). And the reason for that trust is driven by their simple, and effective, requirement to adhere Item 2 of this [debian.org] .

Re:How? (0)

Anonymous Coward | more than 8 years ago | (#14574635)

The article is light on how the project actually works, do users have to install some sort of detecting tools which alerts them of badware upon download and/or prior to installation?

That's about right. The software detects any code that has been designated as 'badware' and then alerts the Chinese government. The use of the newspeak sounding name is the last vestige of Google's conscience striving to speak out.

Re:How? (1)

fugas (619989) | more than 8 years ago | (#14574756)

Both of your questions (and more) are answered there [stopbadware.org] .

What about Stanford? (5, Funny)

Tackhead (54550) | more than 8 years ago | (#14574278)

> While it's funded by Sun and Google, the research will be done by Oxford and Harvard.

Stanford and Berkeley snubbed by alumni, film at 11!

Re:What about Stanford? (3, Interesting)

doxology (636469) | more than 8 years ago | (#14574370)

Especially strange since Stanford's president is on Google's Board of Directors...

Re:What about Stanford? (0)

Anonymous Coward | more than 8 years ago | (#14574381)

Fuck Stanfurd.

Re:What about Stanford? (1)

birge (866103) | more than 8 years ago | (#14574637)

My guess is that the CS departments of Berkeley and Stanford, being two of the best in the world, don't need handouts to do this kind of floofy pseudo-academics. I'm not denigrating it; this kind of thing is of immense importance. I'm just saying it's really not a very good academic project. Now, maybe we could use more projects like this, and less projects that typical get done at universities. That's another debate. But my guess is that Stanford and Berkeley, among others, probably turned this down.

Re:What about Stanford? (0)

Anonymous Coward | more than 8 years ago | (#14574846)

I'm just saying it's really not a very good academic project.

Agreed; it's a bean-counting exercise. And the Oxford CS dept has a pretty good reputation, so I was surprised they'd be involved. Turns out they are not. It's actually the Oxford Internet Institute [ox.ac.uk] , which is devoted to the study of the societal implications of the Internet.

Include Ben Edelman in this! (1, Interesting)

Tuxedo Jack (648130) | more than 8 years ago | (#14574281)

His research in regards to this matter is invaluable, and it's arguable that he's the leading authority on who's bankrolling crapware.

[witty topic] (4, Funny)

Avillia (871800) | more than 8 years ago | (#14574287)

[assorted remarks regarding detection of Stop Badware by Microsoft AntiSpyware/Onecare and vice versa, and their views towards Claria/360/assorted other 'Badware' providers and packagers who are really legitimate buisnesses with legitimate buisness models who are given a bad name by their devilish affiliates who are still mysteriously taking paychecks from aforementioned companies]

Yay, China is in on it... (-1, Troll)

DaedalusHKX (660194) | more than 8 years ago | (#14574289)

Yep, If Lenovo shows itself successful, and conquers the PC market (as it may well do, considering the Chinese learn engrish about as well as our Indian friends...)

And since most americans ONLY shop on price and nothing else... well, you get the idea.

~D

Only On Price? (0, Offtopic)

nurb432 (527695) | more than 8 years ago | (#14574554)

Then why arent the roads full of KIA sportages?

And what keeps Apple alive? Last i heard the ipod cost more then a creative labs version..

Who is buying all these Glocks, instead of cheap kel-tecs?

Designer shoes?

Yep, we americans *only* think of price.

Re:Yay, China is in on it... (0, Offtopic)

gormanly (134067) | more than 8 years ago | (#14574882)

the Chinese learn engrish about as well as our Indian friends...

WTF?

How many US-ians have bothered to learn a foreign language? What percentage even have passports?

Very many Chinese and Indians speak excellent English, and tens of millions of each speak better English than almost any Americans do Mandarin or Hindi.

How good is your Punjabi? How about your Cantonese? And how about your friends and neighbours?

Cheney was wrong, this won't be the New American Century. The Chinese and Indians are waking up, and there are more of them, they have more resources, better educations and still have actual industries. They understand us better than we do them, and they don't trust us either...

I'm going to shut up now as I'm starting to veer OT, but my point is, you'd do very well not to underestimate 37% of the world's people so casually (that's not including the Chinese and Indians living abroad)! For every American there are 4.5 Chinese and 3.6 Indians, and they are not dumb.

Re:Yay, China is in on it... (0, Troll)

dasnov (900499) | more than 8 years ago | (#14575030)

considering the Chinese learn engrish about as well as our Indian friends...

i'm glad you know what you are talking about.

Stock prices.... (0)

Anonymous Coward | more than 8 years ago | (#14574302)

... must be going up. That's four stories in as many hours! Impressive.

I, for one (1, Redundant)

binkzz (779594) | more than 8 years ago | (#14574303)

Am looking forward to a Google and Sun made anti spyware program.

Re:I, for one (1)

cp.tar (871488) | more than 8 years ago | (#14574512)

... overlords?

Where are the overlords?

Re: I, for one (1)

towsonu2003 (928663) | more than 8 years ago | (#14575022)

Am looking forward to a Google and Sun made anti spyware program


Am looking forward to a Google and Sun made spyware program

---------------------
Both troll and offtopic, but I couldn't resist!

Sun??? (3, Informative)

GenKreton (884088) | more than 8 years ago | (#14574305)

I can't see what sun can gain my pouring money into this research. It is obvious about the competitive edges Google and Lenova (left out of the summary) can get. But why is Sun in on this?

Re:Sun??? (2, Interesting)

snitmo (901312) | more than 8 years ago | (#14574496)

But why is Sun in on this?

Marketting value. Somebody in the management thinks "Teaming up with Google, Oxford and Harvard" is cool.

Re:Sun??? (0)

Anonymous Coward | more than 8 years ago | (#14574546)

I thought it was obvious. Sun wants to be in Google's pants!

Google has been talking about maybe distributing OpenOffice and JRE in a joint press release [google.com] with Sun. Sun knows how powerful Google is, and they're hoping to catch a piece of the action, if only they can figure out how.

What I'm looking for is when Google and Apple stop ignoring each other. It's a bit of a technology business soap opera.

Excellent! (5, Interesting)

rob_squared (821479) | more than 8 years ago | (#14574308)

Not because google is handling funding, but that an organization that doesn't have a vested interest in such business persuits is doing the actual work.

PS: I'm waiting for Google to annouce its plan for world peace.

Re:Excellent! (5, Interesting)

imoou (949576) | more than 8 years ago | (#14574422)

Google's income comes from advertising, and these spywares are showing ads, hence competiting for eyeballs, I would say Google has a large interest in squashing these competitors.

Google profits from spyware (5, Insightful)

slashkitty (21637) | more than 8 years ago | (#14574837)

Google has a reason to keep spyware around. They make millions from selling ad space on their search results and affiliates TO the adware companies. Do a search for "smiles", "screensavers" or "Spyware removal" and you'll see lots of ads for adware/spyware!

Google should do less evil by not accepting ads from these companies.

Re:Excellent! (1)

drix (4602) | more than 8 years ago | (#14574438)

That just brought to mind an as-yet non-existent The Onion headline:

"Google Announces Middle-East Peace Plan"

Re:Excellent! (0)

Anonymous Coward | more than 8 years ago | (#14574651)

obligatory: Google World Peace is currently in beta.

How about... (5, Insightful)

doorbot.com (184378) | more than 8 years ago | (#14574325)

How about also exposing the companies that pay for the information gathered by spyware/adware? In other words, the ones actually funding it...

/Didn't RTFA

Re:How about... (1)

cp.tar (871488) | more than 8 years ago | (#14574596)

And then they could also show the information those companies have gathered...

OK, so it's quite a bit... better make it searchable...

Re:How about... (1)

Strixy (753449) | more than 8 years ago | (#14574963)

Now there's a point you should bring up at the next Google and Sun shareholders meetings. And while were at it, how many of their shareholders are also shareholders in the about-to-be-named companies? And how many of those about-to-be-named companies are in competition with Sun and/or Google? And how much can I pay Sun and/or Google to keep my badware company off the list?

This is just more crapware developed to exploit already existing crapware. Excuse me while I go and write new crapware to exploit their crapware that's about to exploit my old crapware.

Damage control (1, Insightful)

dangitman (862676) | more than 8 years ago | (#14574335)

Is this a PR move designed to make Google look less evil, after the world reacted in disgust to their censorship in China?

Re:Damage control (1)

imoou (949576) | more than 8 years ago | (#14574363)

I can't tell if it is, but I remember a saying that it takes 3 days to do bad, and 3 years to redeem.

Re:Damage control (1)

ostehaps (929761) | more than 8 years ago | (#14574540)

Would you have been surprised by the announcement had there been no censorship debacle? If no, then the most likely answer is no.

Re:Damage control (1)

merreborn (853723) | more than 8 years ago | (#14574652)

Is this a PR move designed to make Google look less evil, after the world reacted in disgust to their censorship in China?

Google is a business, with two options to choose from:
  1. Censor search results in china, and generate millions in ad revenue there
  2. OR, be blocked by the great firewall, and yield the chinese market to those who've already made the decision to censor searches, like yahoo

If you expect them to pick #2, you're a damn fool.

Re:Damage control (2, Interesting)

dangitman (862676) | more than 8 years ago | (#14574690)

If you expect them to pick #2, you're a damn fool.

I don't expect them to not do that. But it would be nice if they stopped pretending to do no evil. I don't see any exemption in their statement saying that evil is OK, as long as millions are to be made.

Re:Damage control (1)

a10waveracer (862795) | more than 8 years ago | (#14574787)

Honestly, in my opinion, the media hasn't really picked up on this as big as, for instance, Google refusing to hand over records about searches and whatnot, at least from what I have been seeing on TV.

4 Google stories in one day? (3, Insightful)

Anonymous Coward | more than 8 years ago | (#14574367)

This must be a record! Come on - I know Slashdot has become synonymous with the Google Blog, but this is crazy!

lets hope it works (0, Troll)

loserhead (941655) | more than 8 years ago | (#14574376)

we'll hafta see if this is more of a silver bullet or the "magic bullet"

Stop Badware, bad bad badware... go to your cage! (0, Troll)

digitaldc (879047) | more than 8 years ago | (#14574382)

To some extent the Stop Badware project will repeat work done by some anti-spyware campaigners such as Suzi Turner and Eric Howes who maintain a list of fake products that users should be wary of.

Wow, this really reminds me of my last trip to the Dollar Store.

Worst name (0, Troll)

Harlequin (11000) | more than 8 years ago | (#14574383)

"Stop Badware"? That's the worst name since MacBook Pro.

Re:Worst name (2, Informative)

Ponzicar (861589) | more than 8 years ago | (#14574451)

There are so many rogue antispyware applications: http://www.spywarewarrior.com/rogue_anti-spyware.h tm [spywarewarrior.com] that all the good names have been taken. Plus it dodges the semantics issue over deciding if something is adware or spyware or malware or whatever. Just call it all badware instead.

Different than SiteAdvisor? (1)

tgtanman (728257) | more than 8 years ago | (#14574385)

How will this be different from SiteAdvisor, discussed on Slashdot 2 weeks ago [slashdot.org] ?

NewSpeak? (5, Funny)

revery (456516) | more than 8 years ago | (#14574400)

Project UngoodWare aims to give you a double plus good bellyfeel about your computer. The people of Harvard and Oxford will have a goodthink and make an effort to stop the many installcrimes done by the unpersons who make ungoodware.

Project Ungoodware: brought you you by the Minisry of Love.

I don't trust them (0)

Anonymous Coward | more than 8 years ago | (#14574401)

I don't trust the Bad Software project. It doesn't compare to The Anti-Spyware Coalition [slashdot.org] . I only trust Microsoft and Symantec to protect us from spyware.

Wrong format?? (2, Interesting)

dada21 (163177) | more than 8 years ago | (#14574404)

Would something like this work better as a wiki? Sort of open-ended peer-reviewed?

Maybe it might get cluttered with junk, too, though, hmm.

I wonder if a pseudo-moderated wiki capacity for a truly open editable document might work. Weighted by the user's real time previous moderations (+5 Neutral, -5 Troll, etc).

That leads me to the point, actually -- are there specifications for an open editable moderated document that falls towards neutrality in facts?

Press coverage reasons? (1)

sunilrkarkera (233516) | more than 8 years ago | (#14574425)

Looking at the Google "Badware" website, it seems like all they are doing is asking for detailed reports from users about any "Badware" experience. It looks like a site created by a rookie in a couple of hours.

I think all Google wants right now is to have some press coverage that says "Google fights Badware".

Google IS the problem (5, Interesting)

slashkitty (21637) | more than 8 years ago | (#14574426)

Notice how the site has a forum, on google groups. The ADS on those pages are for adware based spyware removers! Google makes millions if not billions from adware/spyware companies who advertise on google and google affiliates. Lots of standard searches like "screensavers" and "smilies" will bring up adware, and if you search for a spyware removal tool, you'll likely get some even worse spyware than you had before. If Google wanted to do good (and not be evil) they would BAN spyware, adware and badware from AdSense, and they'd filter them from the listings! Who's with me?

Re:Google IS the problem (1)

bitt3n (941736) | more than 8 years ago | (#14574470)

"ban" is such a harsh word. why don't you suggest they censor it? they might see it your way.

Re:Google IS the problem (2, Interesting)

slashkitty (21637) | more than 8 years ago | (#14574629)

They don't even have to ban/censor it from the search results. They could provide a filter like with adult search. Have an option: a) I'd like search results with out Adware/Spyware b) I'd like to infect my computer from your search results, give me all the adware you got!

And the URL is... (5, Informative)

fugas (619989) | more than 8 years ago | (#14574449)

Good news, but I would have been happier if the article or submitter also mentioned the actual URL of the site [stopbadware.org] ...

Small Step... (1)

hobbes75 (245657) | more than 8 years ago | (#14574503)

echo "127.0.0.1 www.google-analytics.com" >> etc/hosts.

Re:Small Step... (1)

eosp (885380) | more than 8 years ago | (#14574589)

If you're in the root directory first...

Re:Small Step... (0)

Anonymous Coward | more than 8 years ago | (#14574810)

You mean in \windows\system32\drivers first, doncha?

Re:Small Step... (1)

hobbes75 (245657) | more than 8 years ago | (#14575297)

Unfortunately this can not be done system independently with an absolute path ;-) So this is more to give the idea... Btw. the "spy-script" from there gives them only little more information than you could read from the server-log files (of the server that hosts the page that references the script).
Do a
wget http://www.google-analytics.com/urchin.js [google-analytics.com]
for details...

I hope google realizes the real effect (1)

bryan986 (833912) | more than 8 years ago | (#14574572)

"Stop Badware" will stop their own search engine, seeing as how it is now censoring results in china

Missed the bota (1)

ben_1432 (871549) | more than 8 years ago | (#14574580)

This is a shining example of Google innovation. There's a crapload of anti "badware" software out there already, and there's quite a good free one which coincidentally is provided by Microsoft.

What's next ... a Google Messenger? Oops.

2 days agoe (0)

Anonymous Coward | more than 8 years ago | (#14574780)

I knew I should have waited until two days after this story broke to submit it to ./! What was I thinking submiting a story the day it broke?

Spyware is easy money (5, Interesting)

chris411 (610359) | more than 8 years ago | (#14574799)

I often get paid to provide tech support to friends and other people from my area (just a modest village) for a few bucks. Recently, our local ISP not only provided us with DSL, but also a special offer that includes a payment plan for a (cheap) Dell computer if you sign up for DSL for a year.

You would not believe the number of computers that went out of commission within the first month just from being overloaded with spyware/adware. I often feel the urge to tell them "Stop surfing pr0n sites. Stop clicking on everything in sight just because it tells you to click it."

But I don't. Because I know that as soon as I fix it, they'll just ask me to come over again within a few weeks. I seriously doubt they would listen anyway. As I said, easy money.

It is not the users fault (1)

codepunk (167897) | more than 8 years ago | (#14574890)

Hey it ain't the users fault and it should not matter what site you go to. No call a pig a pig, IE / Windows and the lack of security is the problem here not where the user chooses to surf. Anyone that blames a user by saying he is going to the wrong sites is just making excuses for the lack of security in MS products.

Re:It is not the users fault (1)

QunaLop (861366) | more than 8 years ago | (#14575028)

I am sorry, but this is a terrible argument

a web browser allows you to access the internet and download files - this is a severe security flaw, if the user is clueless, since they can easily download any malware and run it.

I don't see how IE is any better or worse than FireFox in this regard?

what security issues are you reffering to? ActiveX? ActiveX controls are no easier to install than FireFox extentions, so i suppose the issue extends to firefox as well?

i mean, i love firefox, but you sit an idiot in front of any "useful" computer and you are gonna get junk

Re:It is not the users fault (1)

petermgreen (876956) | more than 8 years ago | (#14575322)

with IE some sites pelt you with permission popups such that its virtually impossible to make them go away without clicking ok and/or use other windows to cover up everything ex i've NEVER had that happen to me when using firefox (firefoxes some content was restricted bar at the top is far more sane).

Why these schools? (1)

prozac79 (651102) | more than 8 years ago | (#14574807)

Why Harvard and Oxford? Do these school have the computer science talent to really dive into this problem? Or is Google and SUN trying to look a little more fair by not always heading up the road to Stanford and giving their alma mater some kickbacks? I know that Harvard and Oxford have produced some of the greatest literary minds of the 20th century, but are they up to the challenge of figuring out how weatherBug got on my system?

So the first step is... (0)

Anonymous Coward | more than 8 years ago | (#14574834)

...install SunOS on your computer, then magically no more spyware!

they cant compete =) (0)

Anonymous Coward | more than 8 years ago | (#14574839)

itunes can't compete with googles compilement of sweet vids www.vewgle.com =)

do you think... (1)

3seas (184403) | more than 8 years ago | (#14574942)

.. microsoft will show up on the list of companies installing spyware?

Sun & Google... is there a "target"? (0)

Anonymous Coward | more than 8 years ago | (#14574972)

Think about this.. Sun and Google teaming up to thwart "This project aims to expose all the spyware and adware bundled in software and the companies that are responsible." Microsoft pimps out tons of badware by this definition. So does nearly all software vendors with an M$ wedding ring. I hope they can do it in a way that no one argues the product of their efforts. We certainly could use it since M$ & company are only budnling more of the shit with each release.

What is wrong with slashdot these days? (1)

Ivan Matveitch (748164) | more than 8 years ago | (#14574975)

Fifty comments have been posted to this thread and not one mentions GNU/Linux, the most obvious answer to spyware.

I mean, for what perverted reason would one ever install Microsoft Windows?

What is this Linux thing? (2, Funny)

Naruki (601680) | more than 8 years ago | (#14575206)

And will it run on Windows XP?

Re:What is wrong with slashdot these days? (2, Insightful)

eyepeepackets (33477) | more than 8 years ago | (#14575223)

"...not one mentions GNU/Linux..."

It's because just about everyone in the industry has or is about to find a way to make a buck off the horrid situation we're all in due to Microsoft's garbage OS: When people start dumping Microsoft products then the easy money is over and they have to start doing some real work again.

The flip side of this same coin: Some "terrorists" or other group decides that giving a small group of Darkside hackers some serious money is an option and then one day most of our business IT infrastructure gets hit in a big way. Very likely, this scenario, but no one wants to acknowledge the threat or the vulnerability because they're all focused on their spreadsheets.

About /. specifically, this site stopping being a Linux-mostly site about four years ago -- haven't you noticed the amount of Microsoft ads here? Sheesh.

Yeah... (1)

justinmikehunt (872382) | more than 8 years ago | (#14574985)

The program will come bundled with Google Toolbar...

Re:Yeah... (1, Offtopic)

darkain (749283) | more than 8 years ago | (#14575209)

whats annoying about the google toolbar, is that once its installed, it'll modify the "run" bar if you add one to your task bar. it'll prevent launching local applications, and isntead try to search on google for what ever you type in. i find the bar quite handy for typing in simple things like "notepad" or "calc" all the time. i have no idea if google ever fixed this problem, but its an annoyance enough that i wont be running anything that has the google toolbar at all. its even more annoying that so many applications come bundled with that thing now.

Yeah, but (0)

Anonymous Coward | more than 8 years ago | (#14575109)

...do they cover Linux, too?

Good idea but... (2, Interesting)

Ekhymosis (949557) | more than 8 years ago | (#14575133)

Wouldn't that lead them to being sued by companies saying "oh, our software isn't spyware, its useful!" and other rubbish? I recall reading about a few antispyware companies and/or researchers threatened with lawsuits (or even sued) because their research was "defaming" said company or "misleading" the public about their supposed "valuable" product. In this day and age, with the ridiculous litigious society we live in, how is this project going to fare? I hope they do succeed, however. I'm fed up with crapware.

This is a Trojan horse - No one will see it coming (4, Interesting)

MindPrison (864299) | more than 8 years ago | (#14575153)

It really should be obvious - but most of us are so used to Google by now that we might be too comfy.

Google has an enormous information gathering capability. Seen those Goooooooogle ADS everywhere? While it may not be spy-WARE per say... it certainly feeds you a cookie. Noticed how MANY of these Goooooogle ADS sites there are? Theyre just popping up everywhere arent they?! Yes they are - and you dont even give it a second thought while you throw yourself into the Google anti-spyware projects. Google dont want competitors. A Spyware program is a competitor of Google as it gathers information about the users surfing habits just like Google does - but in a much more intrusive way (well...at least if feels that way).

Are we getting the picture yet?

Re:This is a Trojan horse - No one will see it com (1)

MilenCent (219397) | more than 8 years ago | (#14575271)

While I think perhaps you're being a little too paranoid concerning that evil evil cookie, you bring up a good point: the person who decides what is and is not spyware is in a prime position to abuse the system.

Google now produces several pieces of desktop software, including a browser toolbar that sometimes gets installed from a checkbox during the installation of other software. They're all free. Some could in the future, become a vector for ads. It seems unlikely that Google would declare their own stuff adware.

Sun, likewise, sees fit to install a tray icon that is usually visible whenever the Java Virtual Machine is running, that among other things checks for updated software versions. No one considers that spyware yet, but if the public starts to get uppity about what other companies do with their machines, they'd get an important say in the matter on many of the machines that run the recently-released Google Pack (which, though it's been underreported, also contains a Google Updater that checks for updates).

I don't like pointing out the possibility of evil in Google, since they haven't lost a great deal of my respect yet, but I have to call them as I see them....

Right until... (1)

Snaller (147050) | more than 8 years ago | (#14575215)

... the advertizers start threatning to boycot them?

Google made a bundle last year, one wonders if they wouldn't like to continue to do that.

I get what they're doing (5, Interesting)

evilsofa (947078) | more than 8 years ago | (#14575218)

This past week I've been helping one of my friends remove spyware from his computer. All he did was hook up to a relative's cable to download a large update file, and in the space of a couple of hours, his unprotected PC got loaded down with several DOZEN virii including VX2, smartloadb, Virtumundo, etc.

Google believes click fraud to be the most significant threat to the internet. This makes sense because click fraud is what makes all the malware, adware and virii PROFITABLE. What Google and Sun are doing with stopbadware.org is their answer to that. And it's an answer that is needed badly.

Why? As a very recent veteran of attempting to remove malware, I can tell you that the good side of this war is terribly, horribly disorganized. Let me explain:

If you get a massive infection of various kinds of malware, or if you want to protect yourself against all this stuff, you have to:

1. Protect yourself with a firewall (software example: Zonealarm)
2. Run or have available an antitrojan application (example: Trojan Hunter)
3. Run an antivirus program (commercial examples: Norton or McAfee; freeware example: Grisoft AVG Free)
4. Run several antispyware programs (examples: Spybot, Lavasoft Adaware, Microsoft Antispyware)
5. Use something like merijn.org's HiJackThis to find out what your system is infected with that all of the above cannot detect
6. If you're infected with something difficult like VX2 that can't be detected by ANY of the above, you may also need to hunt down very specific helper scripts and applications to deal with it, or even worse figure out how to remove it manually (which is generally VERY technical and difficult).

So, you have firewall, antitrojan, antivirus, antispyware and detection all covered by entirely different industries, most of which don't have much overlap (antivirus programs still do little against antispyware, for example). In the antispyware category, none of the legit programs can detect everything, so you need to run several of them.

You also have the fact that most of these anti-malware companies are commercial; they need to make money doing what they do, because what they do is very difficult, very technical, and has to be done VERY FAST. You see freeware versions, probably because they can't stand to see people who can't afford all these applications get run into the ground by the malware industry.

It doesn't help at all that you've got hundreds - literally, hundreds - of malware installers masquerading as antispyware, antitrojan and antivirus programs. The antispyware industry has had no choice but to put up www.spywarrior.com just so people can sort out the few good ones from the many bad ones. That site is run by one of the legit companies. That company would obviously much rather have nonprofit, noncommercial oversight declaring who is legit and who isn't - it puts a commercial company in an uncomfortable ethical position to be declaring legitimacy of other companies in its industry. But I don't see that they had any choice; to not do it would be even worse.

It looks like that is what badware.org is intended to be, and what is so badly needed - a nonprofit organization that has no base or funding from within the antimalware industries, to oversee and report on those industries.

Do you know what the process for cleaning an infected computer is right now? You post HiJackThis logs to a variety of different forums (just google "HiJackThis Logfile" for a sample) and people voluntarily, out of the goodness of their hearts, help you with incredibly technical removal procedures (google "VX2 removal" to see what I mean). If you want to look up these removal procedures yourself, you google around on various antispyware and antivirus web sites with various descriptions (often vague or assuming you have their commercial product). It's horribly disorganized, with different antivirus companies calling each virus by a different name. A good example: try and find out how to tell the difference between a Look2Me infection and a VX2 infection.

I know I personally really want one single place that explains everything about the process of protecting yourself from malware, explains the process of removing malware of all sorts, and can report on the various industries and companies without commercial ties to them. The situation we have right now is not good - there's too much reliance on freeware applications put out by commercial companies, and too much technical support required from volunteers, and so much technical information out there in various stages of completeness, clearness and accuracy.

"informal efforts" (2, Insightful)

TubeSteak (669689) | more than 8 years ago | (#14575359)

The very last sentance of TFA says:
There are also many informal efforts that produce utility programs to remove particular sorts of spyware and adware.
Informal?

Because the effort isn't backed by a multi-national company, it is informal?

I wouldn't classify [Your Favorite Ad/Spyware Program Here] as an informal effort. Programs like Spy-Bot and Ad-Aware are most definitely not informal. MS's spyware remover, various virus scanners, etc... most definitely not informal efforts.

Maybe the reporter was talking about those various small programs written to specifically root out certain infestations?

Hrm.. (1)

kurbchekt (890891) | more than 8 years ago | (#14575366)

I bet Windows XP will be first on the list, seeing as how Alexa is found on a fresh installation....
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...