StarDestroyer.Net BBS

Obviously I've taken a look through the relevant stickied thread, but I'd like some more. I'm not personally having any problems with spyware, but if anyone has links to good antispyware resources, those would be very much appreciated. I happen to be writing a vocational thesis work about how to use freely available anti-spyware programs to clean an infected Windows box, and more research material is always good.

Edi

I think http://www.dslreports.com/faq/seclean/2 ... %20Removal might offer some help. It certainly helped me remove some very tenacious spyware I got awhile ago, which wouldn't show up on other common programs.

And there's always www.SpywareInfo.com too.

The most important point you can possibly make when writing about Spyware is that people should NOT be using IE. You have to really hammer this home, because I know from experience; they will not listen to you.

Joe wrote:The most important point you can possibly make when writing about Spyware is that people should NOT be using IE. You have to really hammer this home, because I know from experience; they will not listen to you.

People do not get spyware because they use IE, they get spyware because they are fuckheads who click "OK" on everything which which has an "OK" button.

Changing browsers isnt going to change that.

For fucks sake, one of the more successful email "worms"/Viruses" has the end fucktard save the attachment to disk, then typing in a password to extract it, and then running it.

Xon wrote:

Joe wrote:The most important point you can possibly make when writing about Spyware is that people should NOT be using IE. You have to really hammer this home, because I know from experience; they will not listen to you.

People do not get spyware because they use IE, they get spyware because they are fuckheads who click "OK" on everything which which has an "OK" button.

Changing browsers isnt going to change that.

For fucks sake, one of the more successful email "worms"/Viruses" has the end fucktard save the attachment to disk, then typing in a password to extract it, and then running it.

Using Firefox gets rid of a lot of those "Click OK" popups, so actually changing browsers might help some.

I seem to recall that WeatherBug and other weather tracking programs are really bad on spyware.

Xon wrote: People do not get spyware because they use IE, they get spyware because they are fuckheads who click "OK" on everything which which has an "OK" button.

on a side note, this is what makes security so hard - good practices are hard to enforce.
For example, most firewall programs that people use end up being worthless. Why? Because every time something wants to "go out" to the rest of the network, it pops up a window that is nigh-on incomprehensible to most people. Thus, the get trained into constantly clicking "Yes" or "OK".

It is the same in browsers. Most dialog boxes are not easily comprehensible, so people "try" clicking "OK" - and when it works, they get trained to do so.

IE isnt perfect, it was fairly often for the older versions to have massive vulnerabilities. Since the WinXPsp2/Win2k3sp1 security push and the updates to IE6, this has started to change. IE7 should be vastly more secure, but that doesnt rule out the human element.

Naquitis wrote:Using Firefox gets rid of a lot of those "Click OK" popups, so actually changing browsers might help some.

Yup. At the same time a properly updated windows box can achieve the same thing. The problem is poor default security prior to WinXPsp2.

I seem to recall that WeatherBug and other weather tracking programs are really bad on spyware.

Yes, most of those tray weather apps are generally bad spyware.

althornin wrote: on a side note, this is what makes security so hard - good practices are hard to enforce.
For example, most firewall programs that people use end up being worthless. Why? Because every time something wants to "go out" to the rest of the network, it pops up a window that is nigh-on incomprehensible to most people. Thus, the get trained into constantly clicking "Yes" or "OK".

It is the same in browsers. Most dialog boxes are not easily comprehensible, so people "try" clicking "OK" - and when it works, they get trained to do so.

This is often refered to as authentication fatigue. Which is why OSX's habit of requiring the end-user to type the admin/root password todo admin stuff is a hidiously bad idea. It conditions the user to type the admin/root password into anything which looks vaguely like the right dialog box and asks for it.

There really is no easy way out, it is a fundamental part of human physiological makeup

Well, the rule I generally use RE granting programs access through the firewall is this; Firefox, Winamp and Steam are automatically white-listed, Microsoft programs are sometimes allowed access depending on whether I want them to or not, and anything I don't recognise or I didn't intend to go on the internet is automatically blacklisted without fail. It's worked fine so far.