The Plot To Hijack Your Hard Drive 181
An anonymous reader writes Business Week Online examines the business practices of spammers and pop-up advertisers, using much-maligned Direct Revenue as an example case. The article discusses the history of the company, their rocky road through good and bad times, and what they're willing to to get your eyes on their ads." From the article: "Among Direct Revenue's alumni, pride over technical cunning mingles with regret for exasperating so many computer users. After waffling on the issue during a long interview, one former Dark Arts wizard sighs and sums up his version of the company credo with an elegiac observation by abolitionist Frederick Douglass: 'Find out just what any people will quietly submit to and you have found out the exact measure of injustice and wrong which will be imposed upon them.'"
Here's how to stop it... (Score:5, Informative)
Complain to the companies that advertise with these methods. If you see an ad for Delta airlines, write them a letter complaining. Bitching to the advertising company is useless because they don't care... they're getting paid from someone else. Now the companies advertising through them are getting paid from you... and they will listen eventually.
Also, use a router, firewall software, Antivirus, and Firefox. Haven't any issues ever.
http://religiousfreaks.com/ [religiousfreaks.com]Re:Here's how to stop it... (Score:2)
Re:Here's how to stop it... (Score:5, Informative)
Re:Here's how to stop it... (Score:5, Funny)
(TWAJS)
Re:Here's how to stop it... (Score:2)
Here's how to REALLY stop it... (Score:3, Informative)
Don't browse the internet as Administrator on Windows, ever. Don't even browse as a "power user" - create a restricted user (no install or registry change privileges).
If you are going to browse while logged in as Administrator, right-click on your browser, select "Run as" and run it as a less-privileged user.
In general, always run as a restricted user, and use "Run as" to elevate privilege of software that requires it (cd burning, etc.). Leave Administrator alone.
If you have no firewall, examine the
Re:Here's how to REALLY stop it... (Score:5, Insightful)
(1) Do not use IE or outlook
(2) Do not click on shit indiscriminatly. Only run programs from places you trust.
(3) Do not trust places like crazyivansdiscountsoftware.com.ru or hotthrobbingboobies.com.za
(4) If you need penis enlargement or prescriptions, go to a doctor. If you need porn, go to the usenet.
Re:Here's how to REALLY stop it... (Score:2)
Ahhh, nothing better than Usenet... (Score:2)
Re:Here's how to REALLY stop it... (Score:2, Funny)
Re:Here's how to REALLY stop it... (Score:2)
Re:Here's how to stop it... (Score:2, Informative)
Re:Here's how to stop it... (Score:4, Insightful)
When having sex with a potentially infected prostitute, wear three condoms and wash your gonads in bleach afterwards.
Alternatively, don't sleep with infected whores.
(Mods: I am not trolling. I am pointing out the absurdity of having to use so many layers of security when an alternative OS would solve all those issues without the need for so many layers of security. It's a joke. Laugh.)
Re:Here's how to stop it... (Score:2, Insightful)
Re:Here's how to stop it... (Score:2, Interesting)
By default no, Linux's kernel is pretty secure, but there are still constant holes being found in the various services that people often install such as sendmail. A few years ago in Linux's infancy I setup a default RedHat box, and left it connected to a 56K modem overnight. It was hacked before morning.
Of course this was like 10 years ago.. In other news, security sucked 10 years ago
Re:Here's how to stop it... (Score:2)
Um, I'm at work behind a firewall. We have office scan antivirus and adaware. I and another person run FireFox. He had something like this happen to him just today. He didn't click on anything that it popped up and didn't fully install the thing and was able to remove it. I wonder how many out there click on those damn things.
Re:Here's how to stop it... (Score:3, Insightful)
and become unremovable. Apart from not giving root access does Linux
have any mechanisms for users to avoid this pitfall. This type of
addware could in the future be installed and run in user directories.
BSD can be configured to only run applications installed in $PATH
can Linux do similar, could Linux stop it if targeted?
Re:Here's how to stop it... (Score:2)
Longer answer: The easy way is to have
You can be even more secure if you want to. This presumes that everyone with root access is well intentioned. Another choice just presumes that everyone with physical access if well intentioned. (Don't know a feasible way around that one.)
Who buys this stuff? (Score:5, Informative)
Re:Who buys this stuff? (Score:2)
Re:Who buys this stuff? (Score:2)
Re:Who buys this stuff? (Score:2)
I don't understand your sig. Wanna help me out?
Re:sig explained (Score:2)
Re:sig explained (Score:2)
Re:Who buys this stuff? (Score:2)
Re:Who buys this stuff? (Score:5, Funny)
( ) technical ( ) legislative (x) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(x) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Re:Who buys this stuff? (Score:2, Interesting)
Email certification.
If you want to be able to send Certified Email (CE), you apply for Certification from the company that gives you internet connectivity. They check you out, and 'Certify' you as being a legitimate emailer (ie: not a spammer). Then, you generate a private/public key pair and give them the public one. In the headers of all your email, is their certification, and an encrypted header line that's createdusing your private key.
When email ar
Re:Who buys this stuff? (Score:4, Funny)
Re:Who buys this stuff? (Score:3, Interesting)
Re:Who buys this stuff? (Score:4, Interesting)
The government very clearly saw what happens when you have a well educated youth during the 60's. The fact that public education has been on the decline since those days is no accident.
It is much easier to control a populace which is fat, dumb and happy. They got the first two down, now they just need to figure out the happy part and their job is complete.
Re:Who buys this stuff? (Score:3, Funny)
Which makes the War on Drugs so much harder to understand...
Re:Who buys this stuff? (Score:4, Insightful)
Who do you think taught the last couple generations? Perhaps these "well educated youth" suffer from a bit of hubris and decided they knew better than everyone else so they introduced new teaching methods which they thought would be better and those methods have failed. Nah, educated people would never claim that they have a new solution then admit a failure of their own making when it doesn't work out, lets just immediately jump to a nationwide conspiracy. Who's fault is it this week, the Free Masons or the Illuminati?
Re:Who buys this stuff? (Score:2)
Drug taking and dance music?
Stupid people can do that too you know. They just don't get fenced off nature preserves called "college" to do it in.
Re:Who buys this stuff? (Score:4, Insightful)
Fat, dumb and happy is okay; but fat, dumb and afraid works, too.
Re:Who buys this stuff? (Score:3, Funny)
Your post suggests a conspiracy theory which is
(x) paranoid
( ) delusional
(x) impossible to confirm
(x) impossible to refute
Specifically, your theory fails to account for
(x) Stupidity of the general population
(x) Lack of a centrally controlling authority for conspiracies
(x) Failure to mention the Illuminati
(x) Facts can be expl
Re:Who buys this stuff? (Score:4, Interesting)
It is like all these meaningful parents feeding thier kids junk, buying them junk, not knowing any better because why would the government let stuff be sold to kids if it weren't safe? All these people buying SUVs, driving them inappropriately, and then complaining that they roll over. All these people smoking in the last 40 years, and now complaining they have been taken advantage of. The first reports on the harm of smoking were published in the 19th century folks. The list goes on. We have to hassle anyone named Muhamod for out own safety. We have to get rid of all guns for our own safety. We have to allow all conversations to be monitored for our own safety. God and his appointed prophets will save us, we don't need to think.
Smoking (Score:2)
But that misses the broader point that one of the best predictors for whether you will smoke (iirc) is whether your parents or other close relatives smoke
Re:Who buys this stuff? (Score:5, Interesting)
As for stopping the local infection version of the pop up - write a letter to your congressman. Tell them that instead of worrying whether or not gays can be gay, or a dissident can burn a flag in protest of his governments actions, maybe they could write a quick law that makes it illegal to install software on another machine without the owner's explicit consent. Then the websites that distribute this shit will have fines to pay, sucking the profit right out of the whole scheme.
(Oh noes, a spammer might lose his job!)
Here's an interesting website, not sure if they read the letters sent but at least it's a start:
http://www.congress.org/congressorg/home/ [congress.org]
Re:Who buys this stuff? (Score:2)
You know, lately I've come to wonder whether any of that is really all that true. Sure, given a large enough pool you will eventually find some number of people who will respond to spam. But is it really profitable? Are
That's No Excuse (Score:3, Informative)
That doesn't make it okay to be the one imposing the injustice.
Even the spyware people acknowledge their evil? (Score:5, Insightful)
From early on, a small group of programmers at Direct Revenue focused on how to protect their employer's programs once they were lodged in a computer, current and former employees say. The team called itself Dark Arts after the term for evil magic in the Harry Potter series. One of the biggest threats Dark Arts addressed came from competing software. The presence of multiple spyware programs can so cripple a computer that no ads manage to get seen.
In my opinion, spyware that purposely damages other software without user consent(even if the target software is spyware) is really just a virus, trojan, or something like that. Seriously, these people need to just chill out and stop screwing with everyone's PCs.
Re:Even the spyware people acknowledge their evil? (Score:2)
or maybe Avada Kedavra.
When will people learn? (Score:5, Insightful)
Also from TFA: "Spyware rakes in an estimated $2 billion a year in revenue, or about 11% of all Internet ad business, says the research firm IT-Harvest. Direct Revenue's direct customers have included such giants as Delta Air Lines (DALRQ ) and Cingular Wireless. It has sold millions of dollars of advertising passed along by Yahoo. And Direct Revenue has received venture capital from the likes of Insight Venture Partners, a respected New York investment firm."
People need to learn to stop following links that anger them! If no one purchased goods and services from these irritants, they would lose their 11% market share and slowly go away. I subscribe to Netflix, but I would never follow one of their links from a popup.
Re:When will people learn? (Score:2)
Technical cunning maybe, but not a lot of smarts. If I'm going to go to the trouble of installing a spam/popup blocker, or of running AV software, or trying to delete their software, that ought to tell them I don't like the pop-ups. If I hate the pop-ups, I'm not gonna buy off them, regardless of the deals they offer. So it seems that any
Re:When will people learn? (Score:2)
Just like they need to stop clicking on every link in every email they receive, yes?
Everybody did that after LoveBug and Melissa, and now very few pieces of malware spread by email. Isn't that right?
Re:When will people learn? (Score:2)
Re:This will NEVER happen (Score:3, Funny)
Sorry, couldn't resist. Now, to keep things a little bit on topic, I generally agree with you about silly consumers being slow to learn their lesson, though it still surprises me how many people lack sense.
In the end.. (Score:5, Interesting)
Re:In the end.. (Score:5, Insightful)
Google isn't above questionable behavior, though. Look at their new payment service. Basically, if you are selling something, you can put a link on your order page that lets your customer use Google to handle the payment. Sounds pretty cool, right? However, one of Google's requirements is that you have that link on every ordering page of yours, and they require that the link includes the image they supply from their server. You can't make a local copy of the image on your server. You have to reference the image on their server from your page.
What this means is that everytime someone buys something through your site, even if they don't use Google to pay, Google gets a hit on that image. So, Google gets an accurate count of how many people visit your order page, and gets their IP addresses.
If they correlate that with searches from the same IP address, they are getting a hell of a lot of valuable information.
Google ads hold the record (Score:4, Informative)
I'm not going to buy from random popup ads, they are never selling what I want when I want it. It's not just that Google ads are onobtrusive, they are relivant. They are what I searched for and they generally take me right to the product page.
Windows assumptions rampant (Score:4, Insightful)
Re:Windows assumptions rampant (Score:2, Informative)
>95% is close enough to "everybody" for most intents and purposes.
Re:Windows assumptions rampant (Score:2)
Re:Windows assumptions rampant (Score:2)
'four hours of my life back' (Score:5, Interesting)
indeed! these people should be held liable for the damage done and time wasted. it's unpleasant to think that there are actually people behind obnoxious spyware, and that they think that pissing people off is the best way to get them to acknowledge the adverts and buy whatever they're selling.
Re:'four hours of my life back' (Score:2)
Send them a bill for your time and file a small-claims suit if they don't comply, they'd rather pay you then be hassled (sound familiar).
How to make a dent (Score:4, Interesting)
People on slashdot could hire eachother at $50/hr to fix eachother's PCs. And setup a revenue stream of about $200/week each. Even if 1% of 1% do it, with 1,000,000 PCs, that means that 100 people are sucking down a total of $20,000/week. I doubt the ad revenue from infecting 1M PCs is $1M/year.
Re:How to make a dent (Score:2)
Shouldn't the dirty tricks that spyware software uses to infiltrate computers, should that be a violation of the DMCA?
According to chillingeffects.org (http://www.chillingeffects.org/anticircumvention/ faq.cgi), this is the definition of circumvention:
----
Question: What does circumvention mean?
Answer: Circumvention, according to Section 1201(a)(3)(A), means "to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impai
Dup? (Score:2, Troll)
Oh sorry, that was about a different unscrupulous company.
The Real Goal (Score:3, Interesting)
Clicking on ads (Score:3, Insightful)
Is ad revenue no longer based on pay-per-click? Because if it is, I don't know who is clicking on them.
Re:Clicking on ads (Score:2)
Re:Clicking on ads (Score:2)
Re:Clicking on ads (Score:2)
Re:Clicking on ads (Score:2)
Microsoft's popups (Score:2, Insightful)
their product that promises to protect you against popups:
"Windows Defender (Beta 2) is a free program
that helps you stay productive by protecting
your computer against pop-ups"
Hurry up and interrupt users again, before it is too late!
We're the good guys, really ! (Score:2, Insightful)
'users may install a helper program, the Windows Genuine
Advantage plug-in, to enhance their download experience'
--
Microsoft staff never sees this
if they eat their own dog food.
weird (Score:5, Interesting)
Nasty Products (Score:3, Interesting)
Norton Antivirus was completely useless. I'm going to have to try a series of Spyware removal tools to get it off, I think. Maybe the kids will listen now when we tell them to use Firefox, and not IE.
Re:Nasty Products (Score:2, Funny)
EULA's Share The Blame (Score:5, Insightful)
White Salmon (Score:2, Interesting)
Different problem (Score:2)
Compounding that is the "dirty hands" observation that legitimate companies do not go to extreme measures to k
Re:Different problem (Score:2)
Right. These days, manufacturers are required to put the word "imitation" in front of "crab meat", in at least a 0.5pt font. But I wouldn't be surprised if you could actually get away with labeling tuna as "whit
Would you hire these people? (Score:2)
I can tell you that if any of these people submit a resume to me, they can absolutely count on NOT being interviewed. There is no room for people this lacking in ethics.
Love the attitude (Score:2, Flamebait)
Smart... Real Smart... (Score:3, Insightful)
However... despite the distaste I have for lawyers, I think a class action lawsuit would be an appropriate retaliation. I would love to see the adware companies given a complete cash-ectomy, and that would make others think twice about it.
I volunteer my share of the proceeds to the EFF.
Re:Smart... Real Smart... (Score:2)
Re:Smart... Real Smart... (Score:2)
I'm unaware of a class action settlement that was a serious financial burden to a major company. Can you name one?
Education! (Score:3, Informative)
A linux user wants to know (Score:3, Interesting)
The article talks about "trailer cash" and that is indeed what this is about. Forget the scum spyware companies, instead consider the real culprit, the end user.
I am not just talking about people still running Windows/IE, that in itself is stupid enough but it can be done safely.
No the trailer cash people are not the victim of shoddy MS coding or brilliant spyware coding, they are the victim of their own greed and stupidity. Greed because the fast majority of spyware programs come from dubious source, P2P programs (and no they ain't using P2P to download the latest linux distro) and "free programs". It is similar to that "test" someone did were people gave away personal information on questionares for tiny rewards.
Smart people know their is no such thing as a free lunch. If someone therefore offers you a free lunch this is probably because they want you to sit through a 3 hour sales pitch before. This is a sales techinigue I was warned about by consumer programs as a kid, that my mother was warned about even my grandfather and it is still going on.
But even worse then the people that install this crap hoping to get something for nothing are the people who actually respond to the ads.
Believe it or not but the entire ad business is about making money. Nobody is going to pay for an ad campaign that doesn't produce results. The sad fact is that these spyware and spam ads are very effective at producing sales results.
It is here that the real problem lies. As long as people keep buying from these kind of ads someone will be serving up these ads.
But frankly I don't see the problem. I guess I have always had a soft spot for scammers. They are such nice evidence of evolution in action. If you been infected by spyware that is natures way of telling you are to stupid to breed.
Pity is that in our society it is the stupid who breed the most. Now with viagra spam they will become even better at it. The stupid are going to overrun this world. Good news for the spyware and spam people. At least these IT jobs ain't being outsourced yet.
Re:A linux user wants to know (Score:2)
I feel compelled to point out that people have been saying this since at least the time of Plato, more than 2000 years ago. This raises the question: have they? Is modern-day technology the result of the stupid having overrun the world? If so: bring on the stupid. If not: they haven't managed it in 2000 years so why would they suddenly start now?
Re:A linux user wants to know (Score:2)
Can you spot the subtle irony in this sentence? I new you cud!
Re:A linux user wants to know (Score:4, Insightful)
are you high? You condescending elitest asshole. News flash *EVERYONE* who is not a knowledgable computer user gets spyware. It doesnt matter where you go or what you do, all it takes is one misclick and BAM. owned. Calling people who get spyware stupid is like calling people who get sick because they went to the mall stupid. IT HAPPENS. How dare you take the side of spyware companies and spammers. You can't honestly say youve never gotten any spyware, no family members or friends have gotten spyware, and that your some kind of a master for running linux. OOO yeah your so fucking special arent you. God damn it people like you need to be punched in the face. Soft spot for scammers indicates to me that you probably are a scammer. And i hate spammers and scammers so much it boils my blood... They have no honour.
Sort of like when i download a file from sourceforge?
Translation: I think im smart and thats why i dont get laid
god damn spyware apologists...
* awaits -1 troll* i dont care because it had to be said.
No not everyone gets spyware (Score:2)
People like you who get infected by spyware just want the world to believe that it is not their fault, that they can't help it, that you are not to blame for your own stupid mistakes.
It is the same mentallity that tries to ban games/movies/books because they make you violent. Blame everyone else but yourselve.
Avoiding spyware and spam has nothing to do with computer knowledge it has to do with common s
Remember.... (Score:3, Insightful)
As someone else said, you can complain to the people who buy the ad space, but like cattle, that's likely to be just as effective. Therefore, the only thing you *can* do is fight, with alternative browsers, adware removal tools, good browsing habits, and by warning the rest of the, ahem, herd.
If we make the product unsavory, we can run the slaughterhouses out of business!
Jiu Jitsu (Score:3, Interesting)
Direct Revenue Customer Funds Misallocation Screen Saver
Basically, a virtual-machine-like sandbox that runs a DR-infected IE "clicking" on ads popped up as the "user" (networked spider/p2p agent) "browses" around, comparing notes with other agents and causing view and click fees to be charged to the asshat corps that pay DR for ads.
You can even choose to participate in specific campaigns: "Hey folks, we're 'doing' Vonage this week!".
Then you can also compile nice tables to show the same asshats how much of their ad budget was pissed away in this fashion.
If you can't build better systems (Score:2)
I can hardly wait till Microsoft takes over the desktop security space. Because th
Simple Solution (Score:2, Insightful)
Patient: "Doctor it hurts when I do this."
Doctor: "Then stop doing it!!!"
--Johnny hates stupid!
Re:Naive (Score:5, Insightful)
Re:Naive (Score:5, Funny)
Critic: "How do they sleep at night?"
McBain: "On top of a huge pile of money, with many beautiful women."
Re:Naive (Score:2, Offtopic)
(please read everything before modding it. I'm tired of being modded because someone reads out of context - with incomplete info
There are one or two who have claimed to see the light and give up the ghost.
What's said is most of the spam isn't coming from people connecting to Russia or China and zapping it back here, but within the US. This is because there are still plenty of ISPs who are willing to harbor spammers because they are easy money. In fact, they likely can charge the spammers more in orde
Re:Naive (Score:2)
Re:er... (Score:2)
Re:er... (Score:2)
So it's the "slippery slope" argument: implying that intrusive digital advertising leads to domination and irrevocable descent into the murky depths of human bondage.
I guess that works, if you also believe that "the Matrix" was a documentary.
Re:er... (Score:2)
Re:er... (Score:2, Insightful)
It's about Them taking whatever they can get from you without you complaining/caring enough to do something about it
Where does
It's a little deeper than that (Score:4, Insightful)
The quotation is the general principle, which enables you to understand a lot of different things, some of which are more important than others. It explains, for example, why the American people are subject to the Patriot Act, DMCA, and eternal copyrights. None of these have much in common with either of the things youi mentioned.
Re:Hmmm... (Score:2, Insightful)
"LOL!!!
Too bad that part will automatically cause most people to ignore a very insightful and accurate comment.
Mod me to hell if you want, but you can't deny what he said.
Re:Hmmm... (Score:2, Insightful)