Re: Spyware becomes increasingly malicious

On Wed, 14 Jul 2004 22:52:07 PDT, Alexei Roudnev <[EMAIL PROTECTED]> said: > O, noo. You click a button 'I agree' which means nothing for 99.99% of > people over the world. Here is a difference. Do not expect people to 'agree' > if you do not enforce them to follow this (and if your system do not

Re: Spyware becomes increasingly malicious

On Thu, 15 Jul 2004 09:00:16 PDT, Jeff Shultz <[EMAIL PROTECTED]> said: > Such dangerous file attachments included .jpg, .pdf and music files. Once bitten, twice shy: http://cert.uni-stuttgart.de/archive/bugtraq/2001/02/msg00168.html .JPG's are HTML, didn't you know? :) pgpLhDo1FDrRe.pgp De

Re: Spyware becomes increasingly malicious (let's return to reality)

Did you try to run Windoze as 'not admin user'? Ok, try, then install, say, harmless user-level (not a server at all) Visio package... They run as admin, because Windoze (1) have not easy (temporary) switching between User and Admin, and (2) 99.99% applications require user privilege to be instal

Re: Spyware becomes increasingly malicious (let's return to reality)

'We will send your advertice to 10M people over the world'. The same in case of adaware. For spyware, fight those who receive information back - by any way. - Original Message - From: "John Underhill" <[EMAIL PROTECTED]> To: "Niels Bakker" <[EMAIL PROTECTE

Re: Spyware becomes increasingly malicious (let's return to reality)

d - so fight (limit, flood by calls, > overload by false information, etc) SPAM benefitiants, learn them do not > purchase 'We will send your advertice to 10M people over the world'. The > same in case of adaware. For spyware, fight those who receive information > back - by any way.

Re: Spyware becomes increasingly malicious

** Reply to message from "Alexei Roudnev" <[EMAIL PROTECTED]> on Wed, 14 Jul 2004 22:52:07 -0700 > > May be, idea was that people read 'license', click button (I agree) and > follow it - never write a code which violates this license? But it is not > true - 99.99% people do not read it and behav

Re: Spyware becomes increasingly malicious (let's return to reality)

mation back - by any way. - Original Message - From: "John Underhill" <[EMAIL PROTECTED]> To: "Niels Bakker" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, July 14, 2004 1:12 PM Subject: Re: Spyware becomes increasingly malicious >

Re: Spyware becomes increasingly malicious

On Wed, Jul 14, 2004, Michel Py wrote: > - In exchange for his life, appoint Saddam Hussein to rid us of spyware > writers. As he's on a roll, let's put spammers in the deal, too. The guy > has a proven track record, problem is most of us live in a society that > oppose his methods, so this does

Re: Spyware becomes increasingly malicious

-:) Excellent! == - Declare that using IE is illegal. This literally takes an act of congress. And, it would be almost impossible to enforce. Anyway, let's pretend for a moment that congress does outlaw IE _and_ can enforce it, it still does not do us much

Re: Spyware becomes increasingly malicious

> > So MS has undocumented 'features', so what? When you install their software > you agree to a licence, and that you are using their software bound by their O, noo. You click a button 'I agree' which means nothing for 99.99% of people over the world. Here is a difference. Do not expect people to

RE: Spyware becomes increasingly malicious

> John Underhill wrote: > [snip long post] One of the best posts I have seen in a long time; thanks, John. > So the question remains, what do we do about it? That's where it gets tough. Let's begin with what we can't do about it: - Declare that using IE is illegal. This literally takes an act

Re: Spyware becomes increasingly malicious

> Ok.. but has BSD been attacked on the scale that MS code has? I would argue > no, not even close. Do you believe BSD is invulnerable to attack? Hardly.. I don't believe anybody is claiming that. However, the BSD code has been out *and* has been publicly scrutinized for quite a bit longer than W

Re: Spyware becomes increasingly malicious

r" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, July 14, 2004 3:31 PM Subject: Re: Spyware becomes increasingly malicious > > >> Sorry, it was a _technical_ question - is MAC OS known as having pests > >> and ad-ware in the comparable numbers (if

Re: Spyware becomes increasingly malicious

>> Sorry, it was a _technical_ question - is MAC OS known as having pests >> and ad-ware in the comparable numbers (if any)? * [EMAIL PROTECTED] (John Underhill) [Wed 14 Jul 2004, 19:45 CEST]: > This is spurious logic. You are suggesting that Mac is a more secure > operating system, and I would s

Re: Spyware becomes increasingly malicious

> MS do not publish full system specs, and they use undocumented features > themself. Ok, say MS puplished their code tomorow, what do you think would happen? All the crackers and virus writers of the world would join hands and sing 'joy to the world' and forgive MS for their tresspasses? I sug

Re: Spyware becomes increasingly malicious

> Most of the lastest versions appear to install themselves using the > ByteCode Verifier vulnerability in the Microsoft Virtual Machine. MS do not publish full system specs, and they use undocumented features themself. So, what other companies are doing? Yes, correct, they are experimenting, se

RE: Spyware becomes increasingly malicious

Alexei Roudnev wrote: >It is not a bug; it is specially designed IE feature. MS always was proud of >their full automation - install on demand, >update automatically, add new software to start at a startup without need to >be system admin, etc etc... As a result, we have a field full of bugs, >p

Re: Spyware becomes increasingly malicious

Brian Battle wrote: For another hastily-thought-out analogy, it's like someone breaking into your house and reprogramming your cable box to keep changing the channel to the home shopping club every 30 seconds. That would be the result of the "broadcast bit". Pete

Re: Spyware becomes increasingly malicious

On Mon, 12 Jul 2004 12:37:37 EDT, "Hannigan, Martin" <[EMAIL PROTECTED]> said: alt with at the browser level > in MS Security Bulletin MS03-011. > > I have a hard time blaming MS for everything since in most cases > of these things they do react. How do they force the users to update? > Could the

Re: Spyware becomes increasingly malicious

> > The authors of these coolwebsearch variants are extremely > intelligent programmers with far more understanding of > the bowels of the windows platform than your average > script kiddies. If you get hit with the version I saw, > it's no 10 minute piece of cake. It makes spywire more dangerou

Re: Problems with private justice (was Re: Spyware becomes increasingly malicious)

LOL..not a problem..:) Michel Py wrote: I just realized that I incorrectly quoted William Warren instead of Brian Battle in my previous post. Sorry guys, cut/paste casualty. Sean Donelan wrote: Could this be a Joe job by someone who doesn't like the owners of Cool Web Search? The owners of the Co

RE: Problems with private justice (was Re: Spyware becomes increasingly malicious)

I just realized that I incorrectly quoted William Warren instead of Brian Battle in my previous post. Sorry guys, cut/paste casualty. > Sean Donelan wrote: > Could this be a Joe job by someone who doesn't like the > owners of Cool Web Search? The owners of the Cool Web > Search company deny the

RE: Spyware becomes increasingly malicious

> David Schwartz > One wrong turn probing it can render a machine > unusable until it's reloaded. Ah, I'm not the only one it appears. > In the meantime, let's at least blackhole all > their IPs on our networks. Does any of the regular lists keeps try of this and already blacklists? Michel.

RE: Spyware becomes increasingly malicious

> William Warren wrote: > I second that. The version I saw required a third > party registry editor and booting up into the > recovery console from an XP cd (safe mode didn't cut > it) just to remove a hidden dll. Which is why I made the executive decision to re-image instead of trying to fix, a

Problems with private justice (was Re: Spyware becomes increasingly malicious)

> > I guess the big question is, is there anyone (other than those profiting > > directly from CWS) that would complain if a provider were to do such a > > thing... > > looks like a psi-net "pink contract" inherited by cogent. but since the > psi->cogent rollup was an asset sale rather than a cor

RE: Spyware becomes increasingly malicious

William Warren wrote: >not all the variants are that easy..how about doing a google on >coolwebsearch..scumware.com has a good writeup as well as >spywareinfo.com...the newer variants are not that easy I second that. The version I saw required a third party registry editor and booting up

Re: Spyware becomes increasingly malicious

gh" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, July 13, 2004 12:41 AM Subject: RE: Spyware becomes increasingly malicious Gregh wrote: Are you honestly serious? I came up against it for the first time only about 3 days ago and I got rid of it in 10 minutes! I can see

Re: Spyware becomes increasingly malicious

- Original Message - From: "Michel Py" <[EMAIL PROTECTED]> To: "Gregh" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, July 13, 2004 12:41 AM Subject: RE: Spyware becomes increasingly malicious > > Gregh wrote: > > Are you

Re: Spyware becomes increasingly malicious

> I think depeering is a bit over the top for this situation, ... if their customer was sucking blood from your customer, and if your peer was taking a cut of the proceeds, would the issues be any clearer? > I guess the big question is, is there anyone (other than those profiting > directly from

Re: Spyware becomes increasingly malicious

On Jul 12, 2004, at 11:20 AM, Christopher Woodfield wrote: I think depeering is a bit over the top for this situation, but I wouldn't blink at nullrouting the prefix in question at my cores... :) I guess the big question is, is there anyone (other than those profiting directly from CWS) that wo

Re: Spyware becomes increasingly malicious

On Mon, 12 Jul 2004, Richard A Steenbergen wrote: > http://www.webhelper4u.com/CWS/cwsoriginial.html > These folks? Looks like it's all Cogent. Surely someone has contacted > Cogent about this? I'm sure someone has. The real question should be, does cogent care? http://www.spamhaus.org/sbl/lis

Re: Spyware becomes increasingly malicious

I think depeering is a bit over the top for this situation, but I wouldn't blink at nullrouting the prefix in question at my cores... :) I guess the big question is, is there anyone (other than those profiting directly from CWS) that would complain if a provider were to do such a thing... -C O

RE: Spyware becomes increasingly malicious

> On 7/12/04 12:33 PM, "Michel Py" > <[EMAIL PROTECTED]> wrote: > Some peering contracts specify that behaviors that endanger a > network or its > users allow for immediate disconnection. Its a bit of a stretch to invoke > this for a spyware site. I think you could find a few experts th

Re: Spyware becomes increasingly malicious

On 7/12/04 12:33 PM, "Michel Py" <[EMAIL PROTECTED]> wrote: > >> Paul Vixie wrote: >> or, to put it in terms you can all understand: >> "why does that provider's upstream still have bgp peers?" > > Maybe said upstream does not want to deal with TROs and legal issues? > CWS is not illegal as of

RE: Spyware becomes increasingly malicious

p; Infrastructure [EMAIL PROTECTED] coolwebsearch: > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of > Paul Vixie > Sent: Monday, July 12, 2004 12:19 PM > To: [EMAIL PROTECTED] > Subject: Re: Spyware becomes increasingly malicious > > >

RE: Spyware becomes increasingly malicious

> Paul Vixie wrote: > or, to put it in terms you can all understand: > "why does that provider's upstream still have bgp peers?" Maybe said upstream does not want to deal with TROs and legal issues? CWS is not illegal as of today. > if you give people the means to hurt you, and they do it, > and

Re: Spyware becomes increasingly malicious

On Mon, Jul 12, 2004 at 04:18:34PM +, Paul Vixie wrote: > > somebody, probably sean, mentioned scaling earlier in this thread. > > > >> coolwebsearch has become more and more sneaky.. so bad that > > >> development of cws shredder has been abandoned by its developer.. > ... > > > the first t

Re: Spyware becomes increasingly malicious

somebody, probably sean, mentioned scaling earlier in this thread. > >> coolwebsearch has become more and more sneaky.. so bad that > >> development of cws shredder has been abandoned by its developer.. ... > > the first time only about 3 days ago and I got rid of it in 10 minutes! > > I can see

RE: Spyware becomes increasingly malicious

>> William Warren wrote: >> coolwebsearch has become more and more sneaky..so >> bad that development of cws shredder has been >> abandoned by its developer The smart computer does not exist (if it did, we would not have a job, would we? ;-) >> Either serious lock down you ie (which with CWS

Re: Spyware becomes increasingly malicious

On Mon, 12 Jul 2004, William Warren wrote: > coolwebsearch has become more and more sneaky..so bad that > development of cws shredder has been abandoned by its > developerEither serious lock down you ie(which with CWS is > not going to help) or use something other than ie. http://www.sec

Re: Spyware becomes increasingly malicious

- Original Message - From: "Michel Py" <[EMAIL PROTECTED]> To: "Sean Donelan" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, July 12, 2004 1:24 PM Subject: RE: Spyware becomes increasingly malicious > Indeed. Lately, I have not been ab

Re: Spyware becomes increasingly malicious

- Original Message - From: "William Warren" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, July 12, 2004 10:04 PM Subject: Re: Spyware becomes increasingly malicious > > coolwebsearch has become more and more sneaky..so bad that > devel

Re: Spyware becomes increasingly malicious

coolwebsearch has become more and more sneaky..so bad that development of cws shredder has been abandoned by its developerEither serious lock down you ie(which with CWS is not going to help) or use something other than ie. Edward B. Dreger wrote: RKJ> Date: Mon, 12 Jul 2004 01:43:50 -0300 R

Re: Spyware becomes increasingly malicious

RKJ> Date: Mon, 12 Jul 2004 01:43:50 -0300 RKJ> From: Rubens Kuhl Jr. RKJ> Try booting into safe mode before running software to detect RKJ> or remove spyware; some of them fight to survive if they are Also use msconfig to disable non-critical extras. Some of us have manually ripped out ActiveX

RE: Spyware becomes increasingly malicious

> Rubens Kuhl Jr. wrote: > Try booting into safe mode before running software to detect > or remove spyware; some of them fight to survive if they are > running, dunno if it is the case with CoolWebSearch. Tried that too, does not help with CWS. Michel.

Re: Spyware becomes increasingly malicious

an" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, July 12, 2004 12:24 AM Subject: RE: Spyware becomes increasingly malicious > Sean Donelan wrote: > Spyware isn't the best term for what is happening, but it > is quickly exceeding (or contributing) to all the o

RE: Spyware becomes increasingly malicious

> Michael Painter wrote: > You're right...it can be a sob to remove. CWShredder > has worked well for me. > http://www.spywareinfo.com/~merijn/cwschronicles.html First thing I tried after Ad-aware and Spybot, no go :-( In some cases, the only way out of it is HiJackthis (http://www.spychecker.com

Re: Spyware becomes increasingly malicious

- Original Message - From: "Michel Py" <[EMAIL PROTECTED]> To: "Sean Donelan" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Sunday, July 11, 2004 5:24 PM Subject: RE: Spyware becomes increasingly malicious > Indeed. Lately, I have not been able

RE: Spyware becomes increasingly malicious

On Sun, 11 Jul 2004 20:24:19 -0700, Michel Py wrote: > None of the >other crapware removers I have tried could clean the machine either. Try Bazooka spyware detector from . This detected for me a bunch of malware neither Spybot nor Adaware caught. Jeffrey Race

RE: Spyware becomes increasingly malicious

> Sean Donelan wrote: > Spyware isn't the best term for what is happening, but it > is quickly exceeding (or contributing) to all the other > problems associated with the online (not just Internet) world. Indeed. Lately, I have not been able to clean a very annoying piece of crud named "CoolWebSe