Invisible Malware Install 65MB Large 381
Paperghost writes "Words fail me with this one - don't have the .NET framework on your PC to utilise the adware maker's technology? No problem, they'll download it for you without you knowing. The problem is that it's a sixty-five megabyte install." From the article: "...the size of the .NET framework to download can vary drastically depending on what extras you have - don't forget the service packs, SP1 is an extra 10 or so MB in size. But I'm actually understating the amount of space used when installed, as .NET can total up to 100MB."
NewDotNet (Score:5, Interesting)
I remember uninstalling it from a bunch of machines because people asked, "Do I need this?" Yes....
dialup (Score:1, Interesting)
Good! (Score:5, Interesting)
Re:Ok, but... (Score:2, Interesting)
Excellent question. Is this a browser vulnerability? Or is the installer in question the one you get by going to the BroadcastPC download page [broadcastpc.tv] and clicking the big "Download BroadcastPC" link?
While it seems that the installer downloads the .net Framework redistributable without informing the user, I see nothing to suggest that *BroadcastPC* is installed without the user being aware.
65MB is nothing! (Score:5, Interesting)
Re:omfg (Score:2, Interesting)
Re:zerg (Score:4, Interesting)
Running the Windows Installer in the system context is the only way that the directory can manage software on the client.
Kudos to MS for another brilliant design!
Re:awesome (Score:4, Interesting)
Not necessarily (Score:4, Interesting)
Just make sure you read every line of the agreement for whatever application installs the spyware. If they're being cautious, they probably have a line similar to "We might install the .NET framework on your behalf, and therefore you must read and agree with all of the Microsoft .NET framework terms of service outlined at [url]", right next to the statement about how they're going to install spyware on your PC.
This isn't to say that any of it would necessarily hold up if tested in court, and it doesn't mean that Microsoft wouldn't have "issues" with the spyware distributor for bypassing the display of their license to the user installing the software. But if you're the sort of person who cares about clicking 'I agree' at all, then you should probably consider this, too.
whoever wrote this article (Score:2, Interesting)
1.
In what way does the malware use the VM? Can it collect data from within the VM (thus making it a security hole in
2.
Is this possible to happen behind a firewall, of say, SP2? I've heard of malware that slips through it, though I haven't encountered it (I run slack 10
Cheers
Re:.NET security (Score:1, Interesting)
It's funny how the zealots are ranting about FUD and lies, when you see (not only about this article) on
Re:Symbiotic viruses (Score:2, Interesting)
Re:NewDotNet (Score:3, Interesting)
Do you always criticize things you don't know anything about? Although I can't say new.net was a shining example of alt.tld-ness.
But, to answer your question, no spam, for one thing. No malware, no viruses. Just people cooperating. And yes there is content that you can't see using the legacy root.
With djbdns and Bind-PE/Treewalk offering alt.dns optins there's now enough people using them that I'm seriously thinking about rejecting all mail not from alt.tlds. It'e been a slice, but I'm sick of the crap. You want to talk to me? Here's how you do that. Your choice.
At one point 2 of the ICANN board members used alternate roots. Now they're all lawyers and other slime, the techies didn't last.
Re:65 MB without the user knowing? (Score:3, Interesting)
But the slashdot post was worded poorly, IMO. Install is often mistaken for Installer. I read it that way at first and then wondered why the article said that 23 Meg was downloaded. Gave me a moment of confusion.
Re:NewDotNet (Score:1, Interesting)