StarDestroyer.Net BBS

For those who have not followed this story, researchers have discovered specially designed Windows Media Player files that will initiate the installation of spyware and adware when users attempt to play those files. These specially designed media files exploit the DRM (Digital Rights Management) functionality that Microsoft built into Windows Media Player by opening web pages in hosted instances of Internet Explorer. The ostensible purpose for opening these special Internet Explorer windows (which resemble dialog boxes) is to acquire license information needed to play the media files. Once open, though, these hosted instances of Internet Explorer can be used to initiate the download and installation of spyware and adware, just as happens in drive-by-downloads at regular web sites.

Glocksman wrote:Generic MS bashing aside, this kind of crap arises from MS's efforts to make computers accessible to the masses. In other words: "Let's hide everything from the user and make it as simple as we can."

Which in itself isn't a bad thing. God knows that WinXP networking is orders of magnitude easier to set up than Win95 networking.
What makes it bad is when MS tosses basic security to the winds in order to 'simplify' things for the clueless user.
Even the most stupid 'luser' would like to think his files are somewhat secure. Instead of programming to the lowest common denominator, how about insisting that the user at least learn a little about security and access control?

Praxis wrote:

Glocksman wrote:Generic MS bashing aside, this kind of crap arises from MS's efforts to make computers accessible to the masses. In other words: "Let's hide everything from the user and make it as simple as we can."

Which in itself isn't a bad thing. God knows that WinXP networking is orders of magnitude easier to set up than Win95 networking.
What makes it bad is when MS tosses basic security to the winds in order to 'simplify' things for the clueless user.
Even the most stupid 'luser' would like to think his files are somewhat secure. Instead of programming to the lowest common denominator, how about insisting that the user at least learn a little about security and access control?

Mac OS X is orders of magnitude easier to set up with networking than Windows XP (literally, plug it in and you're done), yet it's nothing but a BSD distro.

Durandal wrote:

Praxis wrote:

Glocksman wrote:Generic MS bashing aside, this kind of crap arises from MS's efforts to make computers accessible to the masses. In other words: "Let's hide everything from the user and make it as simple as we can."

Which in itself isn't a bad thing. God knows that WinXP networking is orders of magnitude easier to set up than Win95 networking.
What makes it bad is when MS tosses basic security to the winds in order to 'simplify' things for the clueless user.
Even the most stupid 'luser' would like to think his files are somewhat secure. Instead of programming to the lowest common denominator, how about insisting that the user at least learn a little about security and access control?

Mac OS X is orders of magnitude easier to set up with networking than Windows XP (literally, plug it in and you're done), yet it's nothing but a BSD distro.

Which has exactly dick to do with the thread. I love Mac OS X, I use Mac OS X, and I hate Windows. But I don't go around turning threads into "MAC OS X RUL3ZZ!!!" wank-fests, now do I?

Cut it out.

Praxis wrote: I absolutely won't, thing is he tied Windows XP being easier to network with Microsoft hiding things from the user and dumbing it down, and I was using OS X as an example to show that thats not necessarily the case.

Glocksman wrote:Gee thanks, Microsoft.

edbot wrote:I have a detailed response here:

»www.edbott.com/weblog/archives/000351...

Quick summary:

My initial response was skeptical, and accurately so. The PC World article said, "PC World has learned that some Windows Media files on peer-to-peer networks such as Kazaa contain code that can spawn a string of pop-up ads and install adware." [emphasis added]. The clear implication was that simply playing a music or video file will install a program on your machine. That turned out not to be true, as you and I have both shown.

My remarks about digital signatures were not intended to justify the purveyors of this garbage or to imply that signed programs are somehow safe. My remarks were aimed at the readers of this forum and my Web site, who are already well informed about spyware and viruses and would be deeply suspicious of these dialog boxes. I was shocked at how honest the license agreements were in describing the crappy things these programs would do. I don't expect a sophisticated, suspicious user to be fooled by this stuff. I also don't expect a naive user to read license agreements ever.

As for "blaming the user," I stand by the remark I made. You are demanding that Microsoft patch this vulnerability. I agree that that should be done. But the reason that viruses and spyware spread is because no matter how hard we try to educate the masses, many people simply don't install patches after they're released. I get virus-infected e-mail messages every day, and my mail server blocks many more. In most cases those viruses can be prevented by a patch that were released three or four years ago. If someone hasn't installed a Critical Update from 2001, why would they install a new one to fix this vulnerability when it's available?

Terr Fangbite wrote:And we give microcrap our money for what reason again?

Praxis wrote:I seriously didn't mean it that way, was just using it as an example.
My interpretation of his post was that he was attributing Windows XP's simplified networking to being closed source and not informing users how it works. Maybe I misread it, or perhaps he had another point that just went over my head, but I wasn't trying to be Mr. Apple Fanboy again.

You need to consent in installing the ActiveX code.


You get bigger problems with people downloading shit which claims to put "weather on the tray" and then slows the shell to a fucking crawl cos its so buzy at logging everything you do and doing a shitty job at it.

Contrary to Ed Bott's assertion that this is not a "new and horrifying security risk" ( »Adware Installed through WMA Files ) the installation practices that users are forced to deal with when attempting to play these rogue Windows Media Player files are so confusing, deceptive, and coercive that regular users are at high risk for unwittingly consenting to the installation of spyware and adware, with potentially dire consequences for their computers, to say nothing of their privacy and security. The installation practices combine and exploit a dangerous combination of circumstances and qualities to bamboozle users into believing that they are consenting to the installation of software required to view media files. Among those circumstances and qualities are:

* a legitimate, required Windows Media Player "Security Upgrade" that conditions users to expect the installation of required software;

* ActiveX Security Warning boxes that users find inherently confusing because of the vague and inadequate information provided;

* ActiveX installation prompts for software deliberately named to give the impression that it is yet another required Windows Media Player upgrade;

* repeated, insistent pop-ups designed to coerce users into consenting to the installation of software;

* murky, confusing End User License Agreements that fail to disclose the installation of third-party software as well as the functionality and privacy practices of that software.

What we need from Microsoft is a swift fix for the problems summarized here, not attempts to minimize and pooh-pooh the risk or to subtly suggest that users are the problem for not upgrading to XP SP2 and for clicking through installation prompts. As I stressed in an earlier post here at DSLR, it is absolutely inexcusable that media files should have ever become a vehicle for pushing spyware and adware on unsuspecting users. Media files should simply not be a vehicle for adware installations. Period. That there are preventative measures for this unwelcome behavior and functionality is no excuse for the problem itself. It should have never existed in the first place.

The major difference between WinXP's networking and Win95 networking, is you dont need to fucking reboot every time you change something in WinXP.

The actual GUI to interact with all the complex stuff hasnt changed one bit. There is just some nice simple wizards added for the clueless.

It gets a bit disturbing when even music files can be viruses.

Glocksman wrote:The wizards have saved me a lot of time because I can talk people through it over the phone instead of having to go over in person and configure it.

The reboot after every change was the thing I hated most about Win95.

Dead_Ghost wrote:

It gets a bit disturbing when even music files can be viruses.

It gets worse. A few months back (can't remember acutely when), several viruses were spread through IMAGES. JPEG and BMP images, IIRC

CDS wrote:Here's a novel idea.... install a virus killer and don't download from p2p!!!!!

CDS wrote:Here's a novel idea.... install a virus killer and don't download from p2p!!!!!

CDS wrote:Here's a novel idea.... install a virus killer and don't download from p2p!!!!!

Continuing its recent spate of security moves, Microsoft Corp. on Thursday said it plans to release a virus detection and removal tool on Jan. 11. The antivirus fighter will be updated on the second Tuesday of every month as part of the company's scheduled software patching cycle.

Meanwhile, exactly three weeks after acquiring anti-spyware startup Giant Company, Redmond released the first public beta as a free Windows download through July 31.

Redmond also plans to release a virus detection and removal tool on Jan. 11, which will be updated on the second Tuesday of every month as part of the company's scheduled software patching cycle.

As previously reported, the spyware zapper is an exact replica of the Giant Company application acquired late last year.

Microsoft has retained all of the key Giant AntiSpyware features, including RealTime Detection, AutoUpdater, Spyware Scan and the widely hailed SpyNet Community network, which provides an early-warning mechanism.

Microsoft officials declined to discuss what happens after the beta expires in July, but analysts expect the company to start charging for definition updates once the spyware detection and removal tool goes gold.