AD-AWARE spyware?

[Steven Burnett]

> > Don't try to apply a technogical cure to what is actually a social /
> > behaviorial problem.
> >
> > --
> >
> > Jay T. Blocksom
>
> A miracle has occurred - Jay and I agree almost exactly on something. If
> your children are not both knowledgeable enough about the dangers of the
> Internet (and there are many) and reliable enough that you can trust them to
> care for the safety of both themselves and your machine, then they have no
> business whatever being allowed to surf without a parent at their elbow -
> literally. No "net nanny" program comes close to taking the place of a
> parent's supervision.

I agree completly with your posts, but I think you missed the point.
The reason WE ALL NEED anti-virus sw and now anti SPyWare is because
you can be comprimised just by being connected to the net. I can
gaurantee you my son never visited any porn sites, yet a xxx IE bar
was installed. Im not looking for sw that prevents them from activly
surfing, i am trying to save MYSELF time from having to constantly
clean out thier computer so it runs at a decent pace again

[Poop Dogg]

"Steven Burnett" wrote in message...
>I agree completly with your posts, but I think you missed the point.
>The reason WE ALL NEED anti-virus sw and now anti SPyWare is because
>you can be comprimised just by being connected to the net. I can
>gaurantee you my son never visited any porn sites, yet a xxx IE bar
>was installed. Im not looking for sw that prevents them from activly
>surfing, i am trying to save MYSELF time from having to constantly
>clean out thier computer so it runs at a decent pace again

Before discovering Kazaa, I attempted to search for MP3s on the web.
Thousands of sites popped up all purporting to offer MP3s, only
when I attempted to actually find any of the alleged MP3s, all I
got were hundreds of popup ads offering various kinds of porn,
including kiddie porn! One of these popups somehow managed to
write a sleazy porn site as my home page, defying all attempts to
change it back to Google. My guess is that this is what happened
to your kid.

[Jay T. Blocksom]

On 24 Sep 2003 06:06:26 -0700, in <alt.privacy.spyware>,
itc_sburnett@hotmail.com (Steven Burnett) wrote:
>
[snip]
>
> I agree completly with your posts, but I think you missed the point.
[snip]

I don't think so. I do think that you missed some of the *implications* of
what both I and "mto" have been trying to tell you.

> The reason WE ALL NEED anti-virus sw and now anti SPyWare is because
> you can be comprimised just by being connected to the net.
[snip]

True in theory. But in practice, the risk is actually quite small *IF* your
system is set up properly to start with *and* that "proper setup" is not
subsequently fscked-up by the user(s) .

> I can
> gaurantee you my son never visited any porn sites, yet a xxx IE bar
> was installed.
[snip]

That is not at all surprising. It is, however, a little worrisome that you
seem to think "visiting porn sites" has anything at all to do with your
subsequent discovery that MSIE has done what MSIE is inherently wont to do.

> Im not looking for sw that prevents them from activly
> surfing,
[snip]

Including to wherever it was that the browser got hijacked?

> i am trying to save MYSELF time from having to constantly
> clean out thier computer so it runs at a decent pace again

Then first and foremost, set up their system to not be vulnerable to the
most common attacks in the first place. That starts with removing the most
hazardous applications software from the box. And near-certainly, *the*
single-most hazardous app you've got is MSIE itself; so use this free tool:

<http://www.litepc.com/ieradicator.html>

to get rid of it. Better yet, since you probably need to do a full "ground
up" rebuild of the system anyway at this point, go for the full "98lite" or
"XPlite/2000lite" (depending on which flavor of Windows you're using):

<http://www.litepc.com/>

Other "software non grata" would be virtually all P2P "music sharing" apps
(they are near-universally either spyware or illegal hacks of other apps),
any version of Windows Media Player later than 6.4 -- and of course,
anything produced by the better-known sleazeware vendors like Real Networks,
Macromedia, etc. -- but this is really just the tip of the iceberg. The
proper question to ask yourself is *not* "Which programs should I not let on
the system?" It is, "Is there a really good reason to allow *this* program
on the system?" -- and you need to ask it about EVERY program you
contemplate installing.

Install (and have them use, exclusively) an e-mail client that CANNOT render
HTML or auto-execute attachments. While there are probably lots of possible
choices, I would suggest Eudora Lite v3.0.6 (which is still available at
<ftp://ftp.eudora.com/eudora/eudoralight/windows/english/306/eul306.exe>) as
a decent starting point; but if the kids are also into Usenet (a risky
proposition in and of itself -- at least unless you're running your own NNTP
server so that you can control which newsgroups are available), you might
consider Forté Agent (<http://www.forteinc.com/main/homepage.php>).

Then tweak Windows to prevent (to the partial extent possible) the kids from
making unauthorized changes to the system configuration, such as installing
the "kewl" software they download from that "Elvis Lives" website. There
are many ways to do this; but the details go beyond the scope of this
discussion.

And finally, make it CRYSTAL clear to them that if they fsck that setup up,
the computer goes away for a loooooong time.

--

Jay T. Blocksom
--------------------------------
Appropriate Technology, Inc.
usenet01[at]appropriate-tech.net


"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to mail.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Unsolicited advertising sent to this E-Mail address is expressly prohibited
under USC Title 47, Section 227. Violators are subject to charge of up to
$1,500 per incident or treble actual costs, whichever is greater.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -