Invisible Malware Install 65MB Large 381
Paperghost writes "Words fail me with this one - don't have the .NET framework on your PC to utilise the adware maker's technology? No problem, they'll download it for you without you knowing. The problem is that it's a sixty-five megabyte install." From the article: "...the size of the .NET framework to download can vary drastically depending on what extras you have - don't forget the service packs, SP1 is an extra 10 or so MB in size. But I'm actually understating the amount of space used when installed, as .NET can total up to 100MB."
The bright side... (Score:5, Funny)
Symbiotic viruses (Score:5, Insightful)
Infact some models have shown its even in a species interest to play host to a disease causing entity that is more lethal to a competitor or predator. E.g. mice that carry diseases fatal to predetors.
In rare cases tolerance gives way ot full symbiosis where each helps the other. Perhaps a bacteria that helps deal with some more dread disease or an enteric digestive aid. Something that fixes nitrogen in your roots.
So anyhow maybe the course of virsuses are indeed ones that tune up your system, protect you from other viruses and make sure your computer is working optimally. Perhaps they will get out of your way when you are actually using it and just steal cylces and bandwidth when you wont miss it.
In that case 24 hour tech support is indeed on the way.
Re:Symbiotic viruses (Score:3, Informative)
Aaagh! (Score:5, Funny)
You slimy bastards!
Re:Aaagh! (Score:3, Insightful)
Re:Aaagh! (Score:5, Funny)
Re:Aaagh! (Score:5, Funny)
Re:Aaagh! (Score:5, Funny)
65 MB without the user knowing? (Score:5, Funny)
Re:65 MB without the user knowing? (Score:5, Insightful)
1. Point out that spyware is getting worse
2. Show that the
The latter point is simply trying to get people (especially anti-Microsoft people) fired up over nothing. The
Call me cynical (been on slashdot for many a year now) but parts of this article seem designed to enduce high emotion with a slashdot type crowd.
- JD
Re:65 MB without the user knowing? (Score:3, Funny)
Re:65 MB without the user knowing? (Score:5, Informative)
Re:65 MB without the user knowing? (Score:3, Interesting)
But the slashdot post was worded poorly, IMO. Install is often mistaken for Installer. I read it that way at first
Re:65 MB without the user knowing? (Score:3, Insightful)
That bit's a joke, right? The editors RTFA before posting?
slaps incredibly misleading title on top
The title is submitted along with the summary by the user. It may be that the editor has changed it, of course, but there's a good chance that it is as the submitter intended it to be.
Are we sure... (Score:2, Funny)
Re:Are we sure... (Score:5, Funny)
Re:Are we sure... (completely offtopic) (Score:5, Insightful)
Re:Are we sure... (completely offtopic) (Score:4, Informative)
Re:Are we sure... (completely offtopic) (Score:2, Informative)
Re:Are we sure... (completely offtopic) (Score:3, Insightful)
Re:Are we sure... (completely offtopic) (Score:2)
Yahoo is a directory? I thought all they provided was email, news, Java games and unreliable stock market messageboards.
I'm being sarcastic of course, but comparing today's Yahoo to the one that was hosted at akebono.stanford.edu 10 years ago, it's very difficult to see its directory roots these days.
Re:Are we sure... (Score:3, Informative)
Re:Are we sure... (Score:2, Informative)
It's *still* a problem (Score:2)
Some decisions were taken as to not sue ASP.Net for web apps, because "you have to isntall the
Re:Are we sure... (even more outrageously off top) (Score:5, Funny)
Mod parent down... -1: Incorrect (Score:3, Informative)
Public service (Score:4, Funny)
nhnFreespirit
Better Browser (Score:3, Insightful)
Ok, but... (Score:4, Insightful)
Or is this the child of something that must be user-run first?
Re:Ok, but... (Score:2, Interesting)
Excellent question. Is this a browser vulnerability? Or is the installer in question the one you get by going to the BroadcastPC download page [broadcastpc.tv] and clicking the big "Download BroadcastPC" link?
While it seems that the installer downloads the .net Framework redistributable without informing the user, I see nothing to suggest that *BroadcastPC* is installed without the user being aware.
Re:Ok, but... (Score:2)
Mono (Score:5, Funny)
Re:Mono (Score:5, Funny)
A Different Worm (Score:5, Funny)
I bet some people started working on it, but got into a religious argument over what distro to use and gave up.
I could also see a worm that would harvest someone's credit card number and use it to order a Mac Mini.
Re:Serious Idea: (Score:2)
And if you want it to really work correctly, you'd need to be able to monitor how a person uses that app, because different people use different programs for different things. For example, one MS Office user might be perfectly happy with OO.o or AbiWord, while another might use Office for a feature that is not provided (or no
Re:Serious Idea: (Score:2)
anyway, copy/paste (^C ^V) between gnome/kde apps has worked fine for ages now
Re:A Different Worm (Score:3, Insightful)
Now, for most GNU/Linux distros, there is a centralized packaging system which, by virtue of being centralized, cannot be added to by someone without root access. Therefore, a n
Re:A Different Worm (Score:3, Informative)
First of all, security features that exist on Windows that are never used by anyone don't contribute to Windows being architecturally more secure than anything else, because if you start making those arguments, we can start talking about capabilities and SELinux and all sorts of security features that exist for th
awesome (Score:5, Funny)
It's like apt-get for Windows, except you don't even have to ask for the software. Further proof Linux isn't ready for the desktop, I guess.
Re:awesome (Score:4, Interesting)
Re:awesome (Score:2, Insightful)
The only thing I'm trying to accomplish today is to make a single slashdot moderator recognize that his life is w
NewDotNet (Score:5, Interesting)
I remember uninstalling it from a bunch of machines because people asked, "Do I need this?" Yes....
Re:NewDotNet (Score:3, Informative)
Re:NewDotNet (Score:3, Informative)
http://new.net/ [new.net]
You can take your tinfoil hat off, now.
Re:NewDotNet (Score:2)
Just what is running on most websites that use those, anyway, I wonder?
Re:NewDotNet (Score:2)
Re:NewDotNet (Score:3, Interesting)
Do you always criticize things you don't know anything about? Although I can't say new.net was a shining example of alt.tld-ness.
But, to answer your question, no spam, for one thing. No malware, no viruses. Just people cooperating. And yes there is content that you can't see using the legacy root.
With djbdns and Bind-PE/Treewalk offering alt.dns optins there's now enough people using them that I'm seriously thinking about rejecting
Darn virtual machines ..... (Score:5, Funny)
Just think... (Score:5, Insightful)
Good! (Score:5, Interesting)
Not necessarily (Score:4, Interesting)
Just make sure you read every line of the agreement for whatever application installs the spyware. If they're being cautious, they probably have a line similar to "We might install the .NET framework on your behalf, and therefore you must read and agree with all of the Microsoft .NET framework terms of service outlined at [url]", right next to the statement about how they're going to install spyware on your PC.
This isn't to say that any of it would necessarily hold up if tested in court, and it doesn't mean that Microsoft wouldn't have "issues" with the spyware distributor for bypassing the display of their license to the user installing the software. But if you're the sort of person who cares about clicking 'I agree' at all, then you should probably consider this, too.
omfg (Score:2, Offtopic)
Re:omfg (Score:2, Interesting)
Great news! (Score:2, Funny)
Marc Lucovsky! (Score:5, Informative)
Consider the .NET framework for a second. Suppose you wrote something innocent like a screen saver, written in C# based on the .NET framework. How would you as an ISV "ship your software"? You can't. Not unless you sign up to ship Microsoft's software as well. You see, the .NET Framework isn't widely deployed. It is present on a small fraction of machines in the world. Microsoft built the software, tested it, released it to manufacturing. They "shipped it", but it will take years for it to be deployed widely enough for you, the ISV to be able to take advantage of it. If you want to use .NET, you need to ship Microsoft's software for them.
Who said Microsoft does not know how to ship software anymore?! Let the trojan authors take care of that!
Re:Marc Lucovsky! (Score:2)
Re:Marc Lucovsky! (Score:2)
Analogies (Score:2, Funny)
Re:Analogies (Score:3, Funny)
65MB is nothing! (Score:5, Interesting)
In all seriousness (Score:2)
Re:In all seriousness (Score:2)
You could ask the same question of any
Personally, after my most recent project at work has required me to get nice and comfy with
zerg (Score:2)
Re:zerg (Score:4, Interesting)
Running the Windows Installer in the system context is the only way that the directory can manage software on the client.
Kudos to MS for another brilliant design!
Re:zerg (Score:4, Informative)
Any normal user account in windows cannot write into the Windows folder where
Re:zerg (Score:2)
Figured this would happen... (Score:2, Informative)
The fact tha
Oops... (Score:5, Funny)
Progress 1% (2/690MB downloaded)
Unprecedented.... (Score:5, Funny)
That's why 9 out of 10 Malware authors now choose
A testamonial:
"I finally switched after being pwned by other Malware authors. All my other hack buddies laughed at me!" said 1337HaxX0r, author of AllYURComp.exe, "But now that I'm using
Re:Unprecedented.... (Score:2)
If they can't even understand THAT, I'm not at all worried about their craplets.
the problem is the malware (Score:5, Informative)
The real problem here is that somehow these machines installed malware. The problem could be that they are running IE, it could be that the malware is exploiting a bug, etc.
There is a simple solution: run Linux instead. That will protect you from both malware and
does anyone understand the original story? (Score:2, Informative)
Re:does anyone understand the original story? (Score:4, Insightful)
My take was that he works in an office with a quantity of computers Q where Q is large and that the bandwidth reports showed a huge spike in traffic. 65Mb * Q = gigabytes of data, easily possible if you have 30-50 machines inhouse and they all picked up the malware.
cross platform? (Score:2)
Warez installing virus (Score:2)
Between these things, and open wifi, its going to be hard to prove intent.
whoever wrote this article (Score:2, Interesting)
1.
In what way does the malware use the VM? Can it collect data from within the VM (thus making it a security hole in
2.
Is this possible to happen behind a firewall, of say, SP2? I've heard of malware that slips through it, though I haven't encountered it (I run slack 10
Re:whoever wrote this article (Score:2, Insightful)
1. Managed environment (like Sun JRE or MS CRT) has nothing to do with access security in your system. If you think Java programs can do you no harm you're in big trouble - standalone Java programs have as much access to your system as any other programs you may run (it's browser applets that live in sandboxes and more or less safe).
Managed code programs written by novice programmers are presumably harder to be break themselves than
This is how Clustering Edition is being tested (Score:2, Funny)
At least the next version... (Score:2, Funny)
Re:Is it just me.. (Score:5, Funny)
Re:Is it just me.. (Score:2, Funny)
I sure as hell can't.
Re:Is it just me.. (Score:2, Funny)
Re:Is it just me.. (Score:5, Funny)
Re:Is it just me.. (Score:2)
Re:Is it just me.. (Score:2)
Re:Is it just me.. (Score:2)
Re:Is it just me.. (Score:2)
When I restarted it, the standard "open-or-save" dialog popped up, suggesting to run some Windows binary through
Of course,
Re:dialup (Score:3, Informative)
Re:a lot of space (Score:3, Insightful)
Ever notice how small most
Back in the day, we had to distribute Paradox runtimes with our applications, and it was a whopping 2MB file. But that also meant Paradox applications were absolu
Re:a lot of space (Score:2)
As a
Re:a lot of space (Score:2)
Re:An exception? (Score:2)
Re:a lot of space (Score:5, Informative)
the actual size of the
So once it's done its thing and installed
Re:a lot of space (Score:2)
Re:Tell your DSL company you want a bandwidth cap (Score:3, Funny)
Re:A simple solution (Score:3, Informative)
I've found that I need administrative access to do a lot of the things that I need to as a developer. I do these things many times a day. On linux I would just sudo when I needed it. I think you can run commands as a different user on windows too, I did try it once but kept hitting problems. There's no 'man' command! DOS documentation sucks. I haven't found the equival
Re:A simple solution (Score:3, Insightful)
Ill give you that. MSDN rocks if you need
Re:Still complaints about Java JRE size? (Score:3, Informative)
Your point does remain that the JRE is smaller than the
Re:This just in! (Score:4, Insightful)
p
Re:How is this happening? (Score:3, Insightful)
I thought windows was supposed to be LOWER TCO?
smash.