On Tue, 15 Mar 2005 12:48:30 -0500, in <alt.privacy.spyware>, "Dennis"
<dwebber-at-bnin-dot-net> wrote:
>
> From: "Dennis" <dwebber-at-bnin-dot-net>
> Newsgroups: alt.privacy.spyware
> Subject: Spyware (BDO) found in mouse driver
> Date: Tue, 15 Mar 2005 12:48:30 -0500
> Distribution: World
> X-No-Archive: Yes
^^^^^^^^^^^^^^^^^
|
This -----+
sort of mindless cowardice is silly enough under normal circumstances. But
when it's used on a Chicken Little post, it's even more amusing.
Were you *trying* to defeat your own purpose?
> Keywords: World
[snip]
What do you think this header does? (Hint: I'll stake 1,000,000 Quatloos on
you're being wrong.)
> X-No-Archive: Yes
[snip]
And repeating the mindless cowardice serves *what* purpose, exactly?
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
> X-RFC2646: Format=Flowed; Original
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
[snip]
If you were really all that concerned about "spyware", you would not permit
the world's largest and most infamous spyware magnet to remain installed on
your system, let alone actually be using it.
> While loading the latest beta driver for my Kensongton Pocket Mouse
> (wireless, optical),
[snip]
And why were you doing that? Was the standard driver supplied with either
your hardware or your operating system malfunctioning so badly that you needed
to resort to *beta* software for something as basic as a mouse driver?
Does the old adage, "If it ain't broke, don't 'fix' it!" ring a bell?
> Microsoft's Antispyware program
[snip]
Which, you will note, is itself "beta" software (and being from MS, the
likelihood of it being an improvement over prior art is questionable, at best;
but that's another matter).
> detected a large group
> of spyware attempting to load. It was bundled under the name "UrlBlaze".
[snip]
And did you confirm this diagnosis using any of the generally respected
"standard" adware/spyware scanners, such as Ad-Aware and/or Spybot Search &
Destroy?
> The Kensington file name is "mw610b1.exe" release 03/12/05. I do not know
> if this warning should extend to Kensington's other drivers or not; but I
> would assume that all their drivers are infected.
>
[snip]
On what basis do you make that assumption? Do you have ANY evidence to back
it up, or was it just crafted out of thin air and your fertile imagination?
(Hint: Was the version of this driver you were presumably running *before*
you attempted to load the beta version similarly infected?)
> These programs were INCORPORATED inside the supplied driver, indicating
> that Kensington has made an agreement with UrlBlaze to do this for a
> certain fee.
>
[snip]
Maybe. Maybe not. Even presuming your diagnosis is correct, another
perfectly plausible explanation is that whatever maroon created that
particular beta distribution archive did so on an (unwittingly) infected
system. That still doesn't speak well for Kensington's quality control and
overall competence; but that is a very different matter from presuming that
they are willfully malicious. Without knowing more about the actual
functionality of the suspect "malware" and/or Kensington's internal business
records, it is impossible to know one way or the other -- but Occam's Razor
still applies.
> Anyone employing drivers from KENSINGTON should take immediate action to
> determine if their machine has been infected with the UrlBlaze spyware
> bundle and disinfect as quickly as possible.
[snip]
Maybe.
In this particular case, there is enough existing evidence that *another*
piece of malware (IE_SPY.DLL) has been independently associated with some
Kensington products that your advice is coincidentally reasonable. But there
seems to be little, if any, hard evidence of the parasite *you're* complaining
about. Of course, for people already using Kensington products, it can't hurt
to check anyway, just to be sure.
However, the larger point here is that, in just this one article, you have
done more to undermine your own credibility -- and hence the veracity of your
claim -- than all the naysayers put together could possibly muster.
> I have written to Kensington about my concerns over this and have not
> received any response as of yet.
>
[snip]
By all means, keep us informed of any *factual* developments. But in the
meantime...
> Please pass this on to other groups or websites.
>
No, please DON'T, until there is some corroborating evidence from a source
which appears to be at least minimally competent.
--
Jay T. Blocksom
--------------------------------
Appropriate Technology, Inc.
usenet02[at]appropriate-tech.net
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Unsolicited advertising sent to this domain is expressly prohibited under
47 USC S227 and State Law. Violators are subject to prosecution.
Reply With Quote