Spam or not, truth or not, the whole situation with adware is getting out of hand.
I suspect the quickest way of dealing with the registry entries is to use Unicode keys (unreadable by any outer ring processes). Worrying that they are getting into the kernel, although I would be very interested to hear Microsoft's stance on these programs attacking system integrity. Microsoft have resources massively outweighing many of the adware companies summed together; they still code badly. I don't want adware code in the core of my OS period. The last trojan I saw to successfully fully "hide" files did so by falsely marking corrupt areas of the disk. The result of such action is major performance hits on IDE controllers and pop-up messages all over the XP system tray. Does anyone actually analyse the adware protocols for anything other than client side exploits? Have these tools been actually identified as sending private information? Are there privacy laws which can therefore be invoked? How difficult would it really be to build a honey net and prove the lack of user side approval to the install of such applications? If the software has been developed on an XP system are they in breach of the EULA? Should they be if they are not? I have seen GAIN Publishing adware install in many places and it fulfils all of the required criteria. Moreover GAIN is easy to uninstall. I can understand the concern that companies like GAIN have when the user has accepted an agreement not to remove their software as long as they use the bundled application; and yet their Ad-Aware install comes along and rips it out. At least many of the GAIN supported apps don't work without GAIN running. I hate adware as much as the next sysadmin, but some reality checks I think are long overdue in this department. Firstly, applications like GAIN use bandwidth which pales insignificant after you hit the first website using flash in any given day. The processor time required for this is also minimal. A average end user spends most of their time searching for keys on the keyboard rather than running some high demand application. Not many users care when winamp asks for anonymous usage statistics, nor the google bar. So why all this fuss? We can't trust all of the adware applications. Of course you never trust code on a system until you have reason to believe there is nothing wrong with it; but the world of closed source is a hard one to crack unless your feeling ambitious and want to start reading poorly disassembled code. The reason the fight begun in the first place was because these apps were not honest about their output. They implemented protocols which were not secure and provided attackers with more holes onto the system. They installed themselves without making it clear to the user what was being installed. The more products we saw of this nature the more likely it was we were going to see a response. Well now the response is causing business troubles to the Adware companies and they want justice. There must be some kind of honest balance available. Anonymous usage statistics is not something which we should be concerned about. Unknown applications getting installed on client workstations without warning, hidden files, hidden processes, hidden registry keys, poor system performance due to too many badly written over sized applications on the machine; these are the things that really concern me. I would say that talks need to begin fast, otherwise the result of this battle is only going to end up somewhere underneath the OS, which is not a place I fancy spending most of my life working and debugging. Maybe the time really has come for a hardware coprocessor to deal with this CRAP. On Wed, 22 Sep 2004 20:10:28 -0700 (PDT), Will Image <[EMAIL PROTECTED]> wrote: > I recieved this in my inbox today: > how long do you think this company will last? > > > Date: Wed, 22 Sep 2004 19:02:44 -0400 > > From: Jacques Tremblay <[EMAIL PROTECTED]> > > To: [EMAIL PROTECTED] > > Subject: Hide your adware from all Adware removers > > and Anti-viruses > > > > To: Business development manager > > > > Subject: Hide your adware from all Adware removers > > and Anti-viruses > > > > > > > > Hi, > > Adware removers are gaining in popularity and > > they cause a big > > revenue threat to adware based businesses, as we see > > our software > > installations get desinstalled after a period of > > time that is shorter > > and shorter, we see our revenues get smaller and > > smaller. > > > > Why would an honest adware based business > > lose revenue just because > > some adware remover has identifyed it as being > > something to remove ? > > > > We beleive we have the right to hide from > > these adware removers as > > long as we provide a way for the user to uninstall > > and that he agrees > > that the software will be uninstalled only with the > > provided > > uninstaller. > > > > It is in that spirit that we created the > > solution to the problem : > > > > > > AdProtector 1.2 > > > > > > We have developed software capable of hiding > > your software from all > > adware removers and anti-viruses on a Windows > > NT/2000/2003/XP machine. > > > > Basically we have filtered the windows kernel > > so that we could mofify > > the behavior of the system itself. So now we can > > hide anything we want > > from windows. > > > > It can : - Hide Registry Keys > > - Hide Files > > - Hide Processes > > > > By hiding these 3 key elements from windows, > > your application won't > > ever be detected by any adware removers. > > > > Interesting ? > > > > For more information or to resquest a Demo : > > email : > > [EMAIL PROTECTED] > > > > Business is moving fast, keep ahead of the > > competition! > > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
