Microsoft's AntiSpyware Disabled by Spyware

Ruke writes "A trojan has targeted Microsoft's AntiSpyware program, deleting all files within the C:\Program Files\AntiSpyware folder, as well as logging keystrokes at several online banking sites." The good news is that it's a Trojan, so one still has to bother with running an attached file.

Its the content, not the wrapping, but....

The news itself might be interest, but in the realm of well written articles this will not make the list. A choice nugget from TFA:

<<< The password stealing Troj/BankAsh-A Trojan, discovered yesterday, is a spyware. It keeps a track of user activities on the computer. It spies on you. >>>

Er, didn't we cover the spying part two sentences ago? Is A spyware? A spyware what?

<<< The Trojan also removes important entries of the antispyware in the registry and thus literal kills the antispyware. >>>

Literal? Come on - this reads worse than half of the AC posts in YRO. I hate playing the grammar nazi, but this was painful to read...

Re:Its the content, not the wrapping, but....

Literal? Come on - this reads worse than half of the AC posts

Hay! I take uxsecption to that coment!

Re:Its the content, not the wrapping, but....

The description at Sophos (an AV firm) might be easier on the brain (i.e. not get anyone's grammar hackles up).

Troj/BankAsh-A [sophos.com]

Re:Its the content, not the wrapping, but....

Literal? Come on - this reads worse than half of the AC posts in YRO. I hate playing the grammar nazi, but this was painful to read...

See what happens when you RTFA!!!

-David

Re:Its the content, not the wrapping, but....

Me fail english? That's unpossible!

Sure it's a Trojan? Is it spyware?

Don't ask anti-virus people for a straight answer - they're terrified. If one of these apps seems to have a legitimate purpose than no matter how it gets on your computer, no matter what else it does, it seems like it's immune from deletion by AV.

The AV people are tyring to walk an increasingly thin line between malicious spyware and malicious viruses. Pretty soon, they're going to have to make some hard decisions.

Re:Sure it's a Trojan? Is it spyware?

I think this is very ease to solve in its preferences.

A simple role selection box.
Make it default to current "careful" practice.
Allow the option to change to tolerate all known valid adware, but remove trojans, this leaves the mild things on for kids with desktops and novelty crap.
Possibly a stronger option for workplaces etc which basically deletes anything even remotely compromising.
Have the strongest option locking the machine to the working set of executables at installation time.

Windows is with us, running as admin is unfortunate, but a great many people worldwide do, we can't change that, so lets protect them as much as possible :)

Let the user decide.

Re:Its the content, not the wrapping, but....

A spyware what?

A designer suit that never wrinkles or gets dirty, of course.

Quoth TFA:

"you have to consciously or unconsciously run the EXE to install the server side on your computer"

Damnit. I always knew my sleepwalking would get me in trouble some day...

Patch Will Be Available Soon

Preview here [slashdot.org]

Re:Patch Will Be Available Soon

Preview here

I thought they already had that ... in Clippy!

"it looks like you're trying to open a trojan attachment to your email, would you like to

Quarrantine the file

Delete the file

Open the attachment anyway

Have me wipe your files and route the contents of your savings account to Microsoft for safe keeping?

Yeah

The good news is that it's a Trojan, so one still has to bother with running an attached file.

Not that that has ever prevented Slashdot from reporting things like these as "vulnerabilities".

Re:Yeah

In other news, Linux systems are vulnerable to a well placed blow by a hammer.

Re:Yeah

There must be a joke about being able to fix it by configuring bash in here somewhere...

it *is* vulnurability

The fact that you have to run as administrator to get any work done is a security hole big enough to drive a truck through. It is ridiculous that you can trash your filesystem just by double-clicking a mail attachment. *All* linux distributions I've used set up a user account for you and encourage you to use it. Mandrake, for instance, gives you a big red warning if you start KDE as root.

Until microsoft fixes this it will be plagued by security holes. And don't give me this bullshit about usability -- Mac OS X got it right, why can't windows?

Re:it *is* vulnurability

It takes a little work, but you can use Windows as a non-administrator. The best resources I've found for setting this up are at Aaron Margosis's blog; see http://weblogs.asp.net/aaron_margosis/ [asp.net] and specifically http://weblogs.asp.net/aaron_margosis/archive/2004 /07/24/193721.aspx [asp.net]

It's not as easy to use as OSX (or KDE), but it works. I use it everyday on my primary computer. I'll grant that it's not going to help most users (the ones who run every executable sent to them), but for people who want to use good security principles and still install software every once in a while, it's a good thing.

Re:it *is* vulnurability

The fact that you have to run as administrator to get any work done is a security hole big enough to drive a truck through.

This is true, but let's face it. To say that this is a real example of how GNU/Linux is superior is kind of a cheap shot. If GNU/Linux were mainstream, what would the normal user do? Download goodies.tar.gz from your email, compile and su to install it. Tada, your system is screwed. This is what an "average," unsuspecting, Unix user would do. Buffer overflows and the like are legitimate vulnerabilities, but to blame Microsoft for a trojan being written is just not a legitimate criticism. Any operating system that lets the user install anything is "vulnerable" to trojans.

lasindi

Re:it *is* vulnurability

I will play devil's advocate.


Bingo, the problem isn't Windows, its Windows Users.


Really, this stance strikes me as the antithesis of the problem. It is programmers who bear the blame here. I'm not singling out Microsoft programmers (despite the large and tempting target they present). I'm talking about most people who write system software or applications for general use.

Here on slashdot, we are predominantly geeks. We enjoy technology and learning about technology. In some cases, a large minority of us mistake our interests in these as evidence that these activities are somehow inherently important. Those who do so gain certain psychological and social pleasure from this knowledge and interest. This is part of being human. We consider ourselves special and important.

Computers and software are marketed to and used by the general public. People, being people, think that their interests and their knowledge is important. Learning about hardware/software/security, etc. is not interesting to them, therefor the fact that they tend not to spend time doing so should come as a great surprise. Geeks tend to see this lack of interest as evidence of a problem (and at times as an affront to their own sense of self worth). This seems a rather shallow and unproductive view. Human beings focus on those things that interest them. Pleading with them to attend to things we think are important, or looking down on them for this lack of interest, is a fruitless path.

The problem is not users. The problem is that we have created hardware and software which does not adequately match the needs of the users. Software should match the requirements of its users not require them to change their typical behaviors to meet the needs of the software.

Some people are destructive and malicious. Well designed software takes this into account, and provides authorized users with reasonable protection from those who would try to harm them. Well designed software behaves in consistent and predictable ways so that users of varying levels of experience, knowledge or interest can benefit from its use.

Software should be designed for the people who will use it. Most programs suck, because they are designed for a particular business goal, or designed by geeks based on their own knowledge of how they would like to use it. It is no wonder, that most software leaves the average person cold. It is arcane, inconsistent, and requires too much knowledge. Users are not stupid. They are not lacking in intelligence or ability. They are lacking in a sense of enjoyment and sufficient interest to use software the way the geeks designers intend.

Great software takes its users interests and expectations into account.
Great developers strive to understand users and write software which serves them.

So, we are the problem, not the users. Blaming people for their own human nature is not the way to go here. Projecting our own failures of understanding onto the users is a misguided attempt to pass the buck.

Trojan attacks MS software shocker.

Yes, nobody ever expected a trojan to attack a piece of free MS software. I mean, look at Outlook. And Internet Explorer.

And in other news - "Google" gaining marketshare with "PageRank" technology

Best Antispyware...

The best antispyware is buy a Mac, or install your favourite distro.

Sorry, but there it is.

It gets tiring fighting the broken dam, you can't hold all the water back forever.

Re:Best Antispyware...

The parent was moderated "Troll"?

Obviously it touched a nerve for somebody.

The bottom line is that currently spyware is only a problem on Windows. Thus, running any viable alternative to Windows is the most effective way of avoiding spyware at the moment.

Running a GNU Linux distro, any of the BSDs, or Macos X are all viable options, and arguably the most efficient solution to the problem of spyware.

Granted, many might find these options unsuitable for a variety of reasons. However, labeling that suggestion a Troll does not make it untrue. Wasting time and CPU to either spyware or anti-spyware software both seem objectionable. Systems which provide desired functionality, and do not require additional effort to continue functioning normally are a sensible choice for many.

Re:Best Antispyware...

Believe it or not, a lot of us are running Windows 2k/XP without these problems.


I believe you. Large numbers of users are not affected by these problems. However, a large percentage of users are adversely affected. Your experience appears to be atypical.

Yes, I'm not using IE. Yes, I'm not using Outlook Express. Yes, I'm behind a firewall. I'm not claiming to be 100% secure, but buying a Mac or switching to Linux would do little to improve my computing experience. Never mind the stuff I wouldn't be able to do because I use software that isn't 100% supported.


How ironic. You describe the safety of your current environment, and dismiss alternatives using identical criteria. You claim that an alternative to windows would not improve your situation, and support this claim by alluding to things which you could no longer do (presumably because you rely on programs which exist only on Windows.) What's ironic is that you do so after implying that you owe part of your safety not running several other programs.

So, you are comparatively safe, and content with your environment. Good for you, I do not begrudge you that. However, your statements strike me as disingenuous. You blithely gloss over the fact that there are already things you cannot do (programs you cannot run) just to remain safer in your chosen environment.

Call me old fashioned, but something is terribly wrong when a user cannot use the software bundled with their system, in the way it was intended to be used, without compromising the safety or performance of the system. Computers should serve their users. They should not break or degrade because the user actually runs the software as intended by the designers.

Your anecdotal evidence suggests that you are not as cozy as you claim. A wider view of the situation suggests that your reported condition is far from the general case.

A recent study commissioned by AOL and the National Cyber Security Alliance (NCSA), suggested that the majority of home users are adversely affected by spyware and other malware.

The NSCA is supported by the Homeland Security Department and the FTC. It is also supported by a large number of tech corporations with either financial or political lobbying interest in computer security: the board of directors includes representatives from Cisco, Symantec, RSA Security, McAfee, Microsoft, and Bell South.

This group strikes me is far from impartial, as each member (public or private) has significant interest in publicizing (or magnifying) certain security risks. These vested interests should suggest we take the report with a grain of salt. Despite this, the results are quite interesting.

They polled a random sample of (PC using) AOL subscribers and also gained access to their computers to inspect them for viruses and malware. They found that:

77% considered themselves safe from threats.
66% had been infected with a virus in the past.
20% were currently infected with viruses.
80% were currently infected by spyware (averaging 93 sypwares/host)
89% of owners with infected PCs were unaware of these conditions.

The survey's margin of error was +/- 5.4%

These are home users, business users, and highly technical users are sure to be better protected on average.

Despite this, the protection of businesses comes at very high costs measured in hardware/software/wages/training. Sophisticated home users also spend additional time and/or money protecting themselves.

Here are links to pdf files containing a press release and summary of the raw data.

http://www.staysafeonline.info/news/NCSA-AOLIn-Hom eStudyRelease.pdf [staysafeonline.info]
http://www.staysafeonline.info/news/safety_study_v 04.pdf [staysafeonline.info]

Trojan Man?

Am I the only one who was humming the "Trojan Man" theme song while I read this?

Re:Trojan Man?

God I hope so.

It could be worse..

They could have taken a working product, repackage it, only to have it compromised less than a month after their re-release.

Wait, nevermind.

Wait for it....wait...wait....

How long till the Slashbots come out in droves proclaiming M$ sucks and their spyware removal sucks and they should all go to hell because a trojan(more like a crappy little batch file) is able to disable their program. Nevermind the fact that with the way this program works it would be just as effective on AdAware or SpyBot...and nevermind the fact that before running this trojan the MS spyware program TELLS YOU NOT TO!!

Re:Wait for it....wait...wait....

How long till the Slashbots come out in droves proclaiming M$ sucks and their spyware removal sucks and they should all go to hell because a trojan(more like a crappy little batch file) is able to disable their program.

Well, it's been 40 minutes so far, and still no sign. How about you shut the fuck up?

And in other news

Viruses shut down norton antivirus.

I mean really, who didn't see this coming?

Re:And in other news

Believe it or not, someone's actually documented this.

Norton 2005 gets pimpslapped by a .vbs file WITH SCRIPT BLOCKING ON. [s6n.com]

Warning: Link is to .swf file. Flash player required.

And it's a sure bet...

That by the end of this week CoolWebSearch "affiliates" will be bundling it with their software to ensure that they remain undetected (except by HijackThis, Ad-Aware, and Spybot).

Blocker blocker blocker...

None of this is a surprise and a series of new malware tools attempt to disable various protective services.

For example, deleting the MSI Installer Service such that when you try to install something like SpySweeper the installer won't work properly.

Alternatively, killing Antivirus or Personal Firewall processes or placing known good-guy websites in the restricted zone of Internet Explorer.

The 'solution' IMHO is to have multiple layers of defence and to some extent, perhaps to use less popular tools (i.e. not McAfee and Norton) which won't be on the malware's 'hitlist'.

I know security through obscurity isn't a solution, but in this case, security through not being one of the masses may be.

I say this having spent nearly a whole day trying to remove Spyware from a friend's laptop.

Beta version

From the article: "Microsoft Antispyware is still in its Beta version (experimental version).

It's a bit early to point the finger.

Re:Beta version

Also worth noting, how many viruses/trojans/whatever have started by disabling Norton, or McAfee, or Network Associates? High profile anti-virus programs get targeted for removal all the time. So this isn't just Microsoft's bag.

Do you work using restricted accounts

All the more reason to do all your real work under a user account with limited privileges and definitely never to allow others who use your computer to run with administrative privileges. Since nothing can touch C:\Program Files from a regular user account, the trojan would be ineffectual.

For all its security efforts, Microsoft continues to let users run as administrator by default, which is downright irresponsible. I just spent an evening cleaning an acquaintance's computer of a persistent, multiple spyware infection because of this policy of Microsoft. Needless to say I created separate restricted user accounts for all members in the household, but the Microsoft installer should have done this from the beginning! You cannot expect regular users to do anything except go with the default.

I also installed Firefox, and set all of the Internet Exploder security settings on "High" on all accounts except the administrator one (so that Windows Update can be run).

Very insightful my friends!

"you have to consciously or unconsciously run the EXE to install the server side on your computer."

This is opposed to your computer plugging itself in, tapping into the internet, downloading and running itself?

Seriously, every peice of malware one gets is result of human action or inaction. If one were more conciencious of the threat, they would take necessary precautions. ( install Firefox/Linux )

I also think this title tries to make a funny or ironic statement at the expense of accuracy. A Trojan is not what I consider spyware, or, something that sneaks it way in via website, javascript, etc... A trojan targets just teh fools.

have to be administrator

You have to be running as Administrator for it to affect your system. It works by writing files to the system directory, deleting the MSAS install directory, and writing keys to HKLM, among other things. All of these are blocked if you are not administrator.

Here's the fix:

STOP LOGGING ON AS ADMINISTRATOR!

Problem solved.

You wouldn't log in and do everything as root on your Unix machine, and run random scripts, would you?

This reminds me of the Alien V predator tagline...

whoever wins, we lose

Download?

Anyone have a link where I can download this at?

Why did this make it to the front page news?

So, someone developer an application that deletes some files and installs a keylogger. Whoop-de-doo... :-S

Re:Why did this make it to the front page news?

It's on the front page because it gives an excuse to take a cheap shot at MS, troll for a flame war, get lots of hits, and bring home some advertising dollars.

Talk about misleading

It isn't spyware it is a Trojan. Spyware are programs either secretly installed by a base program to monitor your habits of browsing and usage or installed but mildly covered. This is a Trojan intent on stealing banking passwords and such. Two completely different things.

Not a problem....

I imagine if the OS could prevent you from writing a program that deleted files in a directory and enabled a keystroke logger, you clowns would whine that MS is limiting your ability to use their OS.

You *should* be able to install such a program on your computer. You *should* also be smart enough to know what you decide to put on your machine.

Thank you Symantec

So thanks to today's news that Symantec programs may execute programs that should be flagged, one must now only use a solid product like Symantec Anti-Virus to load up software to remove Microsoft's anti-spyware software. Beautiful. Perhaps I should save everyone the time and hassle and just make a website with a malformed jpg or gif that loads an ActiveX script to then download the trojan and thus get it all done in one shot. Vulnerability after vulnerability after vulnerability. Perhaps this guy [nccomp.com] wasn't so far off.

Of course, I can't help but point out the obvious: rumors keep abounding that M$ will charge for its anti-spyware and anti-virus softwares. So let me see if I'm clear on this... they write shitty code that I'm forced to use (since the apps I need only run on Win32), and then I have to pay again for software to keep people from exploiting the software that was shitty to begin with. Isn't that a bit like selling you a piece of shit car, then charging you to use your warranty when the clutch fails on day #2 of ownership? You know, many of us thought that the day would come that M$ would charge for access to WindowsUpdate. Is there anything they won't charge for? Don't they ever say "we fucked up... here's a freebie on us"? Or "you already paid $300 for our OS... here's a way to secure it for free".

Symantec + Microsoft, damn amazing!

"The good news is that it's a Trojan, so one still has to bother with running an attached file."

Haha, that's assuming you aren't being safe and also have Symantec Anti-Virus :-D

Hardly a new concept

We've seen viri/trojans that delete antispyware before. All the more reason to install software somewhere other than the default location, and to run more than one antispyware/antivirus solution.

Also, when software starts disappearing from your computer you might want to look into it.

C:\Program Files\...

This is one of the main faults (along with running as Administrator) in the MS world. The default location is easy to target, and everyone's PC is set up the same. C:\Program Files\... can be hardcoded into the malware to delete or otherwise cripple the target application.

Install elsewhere. I've found very, very few applications will not accept another partition to install to.

Social Engineering

So my email stating "Click start and then run and then type CMD and then click OK and then in the nifty black box type 'del C:\Program Files\AntiSpyware\*.*' and then hit Y on your keyboard and then forward this to 10 of your friends so Bill Gates will send you $100" is getting around a bit.

Anyone else...

... thinking of Tim holding Gareth's stapler out the window when they heard this?

Ah well

In another news, the CIA was considering using Micro$oft Antispyware to keep out North Korean spies.

Alas!

Official story title

"Domination of your PC II: Revenge of the Spyware"

Final solution?

I would like to see an operating system feature that offers what amounts to "Undo" for disk drives. VirtualPC has had this for years, and there are (or were) a handful of third party programs available to do the same thing. Basically, it keeps a running log of changes to the disk. At any time, you can go "oops" and back up a configurable number of steps. Some backup programs offer a similar feature, but they're again third party, and the interface is confusing to new users.

This should be completely integrated into the operating system, and the data log should have root permissions. The OS itself could even watch for suspicious activity, and ask the user if he/she would like to roll back. Of course, this would require some architectural changes, and - in the case of Windows - a proper implementation of a multiple user environment. Still, I think it's the only final solution to the problems offered by viruses and their ilk.

as if..

as if we expected anything less of a microsoft product..

It's times like this

that I think about how bad Trojan is for a name of a condom.

security agents

Actually, something keeps disabling my Security Agents in Microsoft Antispyware. Could this be the cause? Or something else?

If (Not oMicrosoft.bHasClueStick) Then ...

Honestly, did anyone NOT see this coming?

I jokingly predicted this exact situation in a post when they first released the beta of the app (though admittedly I thought it'd take a little bit longer before it was actually in the wild). Rest assured that it is only a matter of time before you see this in a non-trojan form that is automatically installed via an IE exploit delivered by some ad-serving company.

Microsoft's move of buying up and releasing an anti-malware application of their own is IMO nothing more than an attempt to improve public perception of their so-called efforts towards improving Windows security.

Amusingly enough, I believe it to also be an example of how much they simply don't get it and/or don't care -- the insecurity of the underlying OS is the direct cause of the probem, not the spyware.

No amount of anti-malware software targeting the effects (automatically installed spyware) of the problem (insecure OS/Web Browser) will have any positive impact because it's the problem itself that allows the effects to continue... and have enough power to take the anti-malware software and just turn it off.

'Don't run as root' argument is crap....

A few people have pointed out that you can set up limited user accounts in XP, and the default user account is admin. Everyone screams and moans 'but how many normal users will set up a limited account?'. Their argument is that 'normal' users don't have the wherewithal or desire to set up a limited account and that Microsoft should do this for them. The problem with that argument is that 'normal' users like that are also the same exact type of users who would simply type in the root password to install the trojan or spyware anyway. If you think someone is too dumb to set up a limited account (which is one of the easiest tasks to do in XP), then why would you give them the benefit of the doubt to not type in their password whenever the window pops up????

The Truth is Out There

You know. I honestly believe that if Microsoft released it's own MS branded virus that some enterprising coder from the eastern area of Europe would write an anti-virus virus that exploited some unbelievably obscure buffer overflow vulnerability and Slashdot would pick up the story.

It wouldn't end there because the anti-virus virus writer would complain to his ISP which happens to be hosting his website where he geefully took responsibility for the anti-virus virus and chastised Microsoft for their inability to code a secure, virus. The anti-virus virus writer would also praise the extreme security of Linux by hypothesizing that if it had been a Linux virus he couldn't have destroyed it the way he had the MS one.

As the webserver that hosted the site of the anti-virus virus begins it's thermal meltdown, the ISP calls Cowboy Neal to ask him to PLEASE cache the site for their customer. Cowboy Neal (being the astute person he is) notes the anti-virus virus writers name and writes it down. Cowboy Neal then realizes that Microsoft has posted a $134 Gazillion dollar reward for the capture and mutilation of the anti-virus virus writer and quickly shoots off an email to Bill.

Bill calls the BSA Death Squad and they march on St. Petersburg, finding the anti-virus virus writer sitting at a local Burger King with a laptop. They drag him outside and mercilessly beat him with rubber hoses until, lying in a pool of his own blood the anti-virus writer dies.

Bill, in his infinite gratitude sends Cowboy Neal a check for $134 Gazillion dollars which Cowboy Neal uses to flee the country with his mistress.

Despite all of the drama here a couple of lessons will be learned.

1. Slashdot STILL doesn't cache sites.

2. Microsoft isn't the target because it's big. It's the target because it's EASY!

3. Cowboy Neal can not be trusted with large amounts of cash.

4. I haven't seen my wife since he got paid.....

Not Worried.

A trojan has targeted Microsoft's AntiSpyware program, deleting all files within the C:\Program Files\AntiSpyware folder...

Good thing I installed it in C:\Program Files\Microsoft\AntiSpyware.

Viruses

Now some people say that Microsoft software is has more trojans, etc. because it is more popular. But - MS antispyware is a lot less popular than other spyware products, yet it is the only one that is really easily disabled by a trojan, so that makes the "Microsoft is more popular" argument invalid! Well... this wasn't surprising considering Micrsoft's security track record.

Can't even post a bug for the beta

Public download, but can't provide feedback without becoming a MVP. Sigh.

I have my taskbar on the left edge of the screen, and any "toast" windows that popup in the bottom right corner just quickly scroll up and off the screen.

But, I guess someone else will have to report it.

That didn't take long.

M$ when you want software really bad, we have really bad software.

I've always wondered why nobody tries _this_...

A virus or malware, which cripples, but does not actually disable any security tools which may be on the system so that the user is still compelled to believe that their antivirus and antispyware tools are functioning normally, but in fact the tools have been altered slightly to simply behave as though the one particular piece of malware in question wasn't actually present, and meanwhile the malware performs exactly as normal.

Ah, So What

Don't trust your PC to this Microsoft micro-trash. My crack team of security experts (my pet cat and a 5-year-old nephew who mentioned something about bug squashing at a Christmas gettogether) and I have developed malware detection and removal software that will kick any other anti-crap's hindquarters. Spending unheard of manhours (many of which were used to make late-night caffeine runs and failed attempts to get laid) over a span of nearly a week, my team and I developed a program that will secure your information technology from those evil evil hackers out on the big bad Internet. Now if your current ad removal system or firewall says my program is keylogging to send your credit card information to me, this is only because it's jealous. I suggest you remove other spyware removal tools and anti-virus programs as soon as possible!

I'd like to proffer the URL for my program now, but it would seem my host has mistakenly taken the site down for the moment. I intend to call them soon and have this terribly injust mistake rectified immediately.

Nonsense..

1) If Windows had protected the antispyware program in some special way, we were now all complaining about antispyware being considered "special" by the OS and thus being in unfair competition with other spyware programs.

2) On any Unix machine you have to be root to install most of the software (you usually have to be root before rpm or make install) : a simple trojan relying on *stupid* user behaviour can be written for any platform and this is not a security problem of the platform, is a security problem of the user's brain.

3) From 2, even if the default user was not administrator, most people would simply try to install this new porn-lemmings game they received and they would "run as" it (just like you su - make install on linux).

4) It's not even only a problem in the user brain. I wonder how much would it take to discover 5 malicious lines inserted in some big open source project. This *is* a possible evet, it could be an angry sourceforge employer, a security hole somewhere, a

5) It seems to me whatever the choice of MS is in any particular matter, there is always someone who takes it to bash it down. When the fact is ridiculous like in this example, this kind of behaviour is detrimental to the whole community. Do you live to make Linux great ? Than use your time to make it the perfect OS, not to make Windows appear the worst OS ever - 90% of users have chosen it as the best product for them and they will not change their mind because you are bashing it down, they will change their mind when they'll see something better *for them*. ..Go and flame me now.

Antispyware now has an expiration date

Apparently, Microsoft now has offical plans to begin charging for Antispyware (like they didn't before). This morning I noticed this new message: This version expires in 170 day(s). This version of Microsoft Antispyware expires on July 31, 2005. Please contact Microsoft for an updated version.

Wachovia too

Talked to my father-in-law on the phone yesterday... Wachovia was targeted too. The support guy had no ideas about it other than "it's your computer". Of course but this just shows the big companies are in no way prepared for what is starting to happen: an all-out crippling of computer systems by hackers.

Our profession will not take off with commodity computing due to hackers! We have to fix them.

BTW, anyone know what can fix the Wachovia keylogger?

Press any key to boot from CD...

I guess this just goes to show exactly how well they know their own product!

Hold on..

THIS THING KILLS MS ANTI-SPYWARE (oh, btw, it logs key presses too.. kthxbye)

Re:Are you surpised?

I know it's immature but...

Let me be the first to say, PWN3D!!!1one!!1

Re:Are you surpised?

not surprising since their "focus on security" similarly led them to release a firewall that didn't activate until after the internet connection was established and could be remotely disabled anyway.

forgot link on MPAA site

http://www.mpaa.org/CurrentReleases/2005_02_10_Bit Torrent_Lokitorrent_FINAL.doc

Re:how long before patch?

A patch? Its a Trojan Horse. You can't patch against this, there's no bug. If I gave you a binary that erases your hard drive...
what the heck can the OS do to stop it?

Re:Old news

I didn't know about it.

Re:**THREADJACK - LokiTorrent now owned by MPAA**

you're going to have to cut and paste man, im too drunk to mess about with html. and oddly they seemed to work in the story preview when i submitted it. perhaps plain old text formatting works better for story submissions

You sir,

are an ass....

Re:Old news

Slashdot is not here to break news.
Slashdot is here to point us to interesting things on sites which we would not normally visit.

As a result of that, it is a _requirement_ for other sites to have covered the issue first.

Don't complain just because you don't understand how slashdot works - by your UID you've been here enough years that you should have figured it out by now.

Can't have it both ways.

When Microsoft released their Antispyware, everyone said, "Oh, well, Microsoft didn't do anything, they just bought the software from Giant.". Now that there's a problem, "Whoa, Microsoft's software really sucks. It's sure is all their fault."

Pick a side, people.

Re:MS Software crap? Really?

Windows runs in root. That means that by default all user accounts are created will full administrative access.

OSX and Linux (and nearly every other OS under the sun) creates user accounts with limited rights. That means things cannot happen without your specific permission.

In Suse 9.2, for example, when I need to do something like that requires root access, I'm asked to supply a password.

A similar thing happens in OSX. When you install software you're asked for a password.

Accordingly, by default Windows is less secure as programs can install and system settings can change behind your back and without your permission.

I admit that Windows gets a lot of attacks because it's a big target. However, everyone has to realise that a lot of the attacks occur simply because Windows is insecure by default.

Re:Trojan MAAAANN

I have long remained curious about the reason for calling a condom 'Trojan'. Do a bunch of soldiers jump out of it when you open the packet? Or, worse still, *while you're having sex*? Perhaps they only fit (wooden) horses?

Re:Pretty Stupid

I applaud your awesome troll. You should catch like 4 different slashdot cults with varying lacks of a sense of humor. I sorrow for your Karma, though.

Re:Pretty Stupid

Try writing in multiple sentances with paragraphs.

OS X is not immune either. It only takes one line in the terminal to delete your home directory, and it can a really small script file, or you can be tricked into typing it yourself, if you aren't smart.

Unfortunately, apple shares this with M$: the first user is an admin. Luckily root is diabled by default.