The Spyware Weekly Newsletter is distributed every week to 20,000 subscribers and read online by hundreds of thousands of visitors. Please read our Terms of Use for quoting guidelines. http://www.spywareinfoforum.info/newlsetter/jan23,2004.

Permalink | Top

From the spring of 2002 until at least April 2003, members of the GOP committee staff exploited a computer glitch that allowed them to access restricted Democratic communications without a password. Trolling through hundreds of memos, they were able to read talking points and accounts of private meetings discussing which judicial nominees Democrats would fight -- and with what tactics.

Judiciary Chairman Orrin Hatch, Republican of Utah, made a preliminary inquiry and described himself as "mortified that this improper, unethical and simply unacceptable breach of confidential files may have occurred on my watch."

[snip]

The computer glitch dates to 2001, when Democrats took control of the Senate after the defection from the GOP of Senator Jim Jeffords, Independent of Vermont.

A technician hired by the new judiciary chairman, Patrick Leahy, Democrat of Vermont, apparently made a mistake that allowed anyone to access newly created accounts on a Judiciary Committee server shared by both parties -- even though the accounts were supposed to restrict access only to those with the right password.

More: http://www.spywareinfoforum.info/newlsetter/rd/repshackdems

Wow! This could end up snowballing into a modern-day Watergate scandal.

This just goes to show that you should never EVER depend upon a single method of security for sensitive files. Use a password for your computer, scramble your sensitive files using encryption then hide those files using steganography so that no one even knows they are there to be accessed.

We featured a program called Invisible Secrets a while back that will encrypt files and then hide them inside innocent looking files. Only those who know exactly where to look would know how to discover the existence of protected files. Something like this probably would have prevented the situation just now being discovered in the Senate.

Permalink | Top

Program: X-Cleaner
Author: XBlock
Platform: Windows 9x, ME, NT 4.0, 2K, XP
License: $39.95 [10% off for SpywareInfo visitors]
Coupon code: SPYW-4XLP-INFO

Is your boss spying on you at work? Does the public internet terminal at Kinkos have a keylogger waiting in the background to steal your banking information? Did the e-card you just viewed install a spyware program? Find out with X-Cleaner antispyware.

X-Cleaner Spyware Remover is an award winning spyware detector that finds and removes commercial spyware programs. You can even put X-Cleaner on a floppy disk and carry it to work in an envelope or in your shirt pocket. Insert the floppy into your PC at work or at a public PC, scan, and zap any keyloggers found.

Features include:

• Remove traces of documents opened, pictures viewed.
• Detect and remove "spy" software that logs your activity.
• Find and remove forgotten pictures on your machine.
• Permanently erase files using the industrial shredder.
• Stop password theft! Know if people are snooping your keystrokes!
• Generate Secure Passwords that cannot be guessed by anybody.
• Portable! So small you can take it with you to public machines.
• No installation required - simply download and use.

Busts spyware like:
KeyKey, SubSeven, Stealth Keyboard Logger, Snapshotspy, Surf Spy, Net Spy, GhostKeylogger, PC Activity Monitor, PC Spy, STARR, Spector, eBlaster, Red Hand Pro, Hacker Whacker, FreeWhack, WinWhatWhere, BossEveryware, Conducent, Aureate and many more!

Please visit our X-Cleaner information page for more information.

Permalink | Top

The war against spyware is heating up. Antivirus companies and Internet Service Providers, no doubt dazzled by all the money being spent on antispyware defense, have entered the battle.

Antivirus vendors used to ignore spyware and adware; some still do. I was disgusted in late 2002 when the Friends Greeting email worm appeared. Most antivirus vendors ignored it because the worm's author included a click-through EULA. Thankfully the antispyware community stepped in to protect the users left helpless by the antivirus community.

Today, antivirus companies are no longer ignoring spyware and adware. Norton has started targeting some spyware and adware as of late 2003. McAfee today has released their own antispyware program (which I will be test driving for a review). Several other antivirus and antitrojan vendors quietly have been adding detection for various spyware programs. Most of them have been detecting browser hijackers for many months.

ISPs are joining the fray, although not with their own tools. Earthlink is providing what is actually a free trial version of Webroot's SpySweeper. AOL will be installing Aluria Spyware Eliminator in its version 9.0 Optimized. I predict that other large, national ISPs also will start offering antispyware defense as part of their service.

PC Makers and possibly even Microsoft might becoming active soon. Dell, after a nasty public tongue lashing, has switched from dishonoring their tech support agreement when it comes to spyware to now recommending Pest Patrol to infected customers. Rumor has it that Microsoft might include some kind of antispyware product with its operating system in the future.

All I can say is, "finally". Up to now, there has been only a relatively small group of web site owners, antispyware vendors and volunteers willing to fight back against spyware, browser hijackers and other software that invades privacy and hijacks settings. It is long past time that major players started referring the average computer user to spyware removal tools. I'm glad to see it is happening finally.

Permalink | Top

In a bizarre turn of events, a pro-security and antispam activist web site has found itself blacklisted by another antispam group. The Spam Early Warning System (SPEWS) has put the entire network used by BroadBandReports.com's (BBR) ISP on its blacklist.

The SPEWS blacklist is used by a large number of email server administrators to filter out spam email from IP addresses that are on the list. Unfortunately, most of the IP addresses on the SPEWS blacklist really are not used by spammers.

BBR obviously is not spamming. They host an extremely active message board with dozens of individual forums. There is a forum dedicated to security. There is a forum for firewalls. There is also a forum dedicated to fighting spam and tracking down spammers.

According to SPEWS, BBR's ISP hosts a couple of spammers and has not been responsive to abuse complaints. Because BBR's ISP has not terminated the users SPEWS say are spammers, they have decided to block 65,000+ IP addresses allocated to that ISP. That includes BBR's IP addresses.

There are a number of antispam radicals who believe the best way to fight spam is with organized extortion. Rather than list IP addresses in use by spammers so that people can filter out their spam, radicals such as SPEWS instead threaten ISPs with listing every IP address they own. Users of the blacklists become pawns in a game in which SPEWS tries to enforce its will upon an ISP.

As a newsletter editor, I am practically obligated to dislike blacklists. I have been blacklisted myself in the past because of a few bogus complaints submitted to Spamcop. However, even if I didn't have this newsletter, I still would dislike SPEWS and most other blacklists.

Not that I ever would use such a ridiculous method of filtering email, but if I were, I would want that blacklist to contain only IP addresses in active use by a spammer. When I am waiting for an important email from someone, I don't care if their email server is sitting in the rack right next to a spammer's email server. I don't care.

I use email filters in order to block spam. I do not use filters so that I can further someone else's agenda or political activism. If I don't receive an important email from someone and lose business because their ISP is blacklisted, that is far worse than receiving 100 spams from the next server in the rack. Blocking 100 or even 1,000 spams is not a fair exchange if it blocks that one email that's worth $1,000.

This is not a hypothetical situation. I nearly lost a sizeable consulting fee from a certain antispyware company because of a bad email filter. The filter ate a report that I emailed to the company president and neither of us realized it. Three weeks later I received a very angry email demanding I return the money they had paid me because he thought I hadn't done the report.

Think carefully before you use a blacklist such as SPEWS for yourself or your network. This is not a spammer versus antispammer game where you brag about the points you've scored. This is real life where missing an email might cost you a considerable amount of money. Do you want to filter spam? Or do you want to be a pawn in someone else's antispam chess game?

Permalink | Top

Our scumbag of the week this issue is Microsoft. Microsoft tried to extort a kid in Canada, Mike Rowe, into turning over ownership of his web site's name. The name of Mike Rowe's web site is mikerowesoft.com. Sound that out in the English language and phonetically it is identical to microsoft.com.

Microsoft, in its infinite stupidity, decided that its customers are all morons who would be confused by this name. This, Microsoft claims, makes mikerowesoft.com an infringement upon their registered name "Microsoft".

That is, of course, absurd. Mike Rowe does not make, sell or advertise software. Mike Rowe is a web designer. There is, and never would be, any possible way to confuse Microsoft.com with MikeRoweSoft.com.

Mike Rowe decided to fight back, managed to rally countless thousands of supporters online (with the help of several large news web sites) and even started a financial war chest with which to fight Microsoft in court. Microsoft, seeing the handwriting on the wall, now has admitted that they went too far. Microsoft is now likely either to drop this or offer cash to make Mike Rowe go away.

For more information, visit Microsoft.... errr... MikeRoweSoft.com.

Update

It just has been brought to my attention that Microsoft has tried to force another person into giving up his web site name. Mike Morris has owned MikeRoSoft.ca for two years now. The web site was a small, personal, nonprofit message board for "technogeeks".

As with the MikeRoweSoft site, there was never any possibility of confusion between MikeRoSoft.ca and Microsoft.com. The site has run for two years without causing the slightest damage to Microsoft or its copyrights. If someone can show me one single person who was confused into believing MikeRoweSoft.com or MikeRoSoft.ca were official Microsoft web sites, I will eat this can of compressed air sitting on my desk.

Microsoft, get a grip. We already know you are a group of greedy, money hoarding CENSORED. There is no need to go out of your way to prove it by acting like complete CENSORED. I'm sure this will come as quite a surprise, but your customers are not mental infants who are distracted by shiny objects. Stop acting as if they were.

Permalink | Top

Running SpywareInfo has become an expensive thing to do. Somewhere on the order of 300,000 visitors use about 150 gigs of bandwidth every month. This is not a cheap web site to host.

If you would like to help with the costs, there are two options. There is PayPal for those who have a Paypal account or don't mind signing up for one (it is free).

There is a snail mail address if you do not like Paypal or have no means of sending money online. Please make sure to make checks (in US Dollars) or money orders (in American currency) out to James Healan and not Mike Healan so I am not hassled at the bank. Please note that contributions to SpywareInfo are not tax deductible.

The address is:
James Healan
PO Box 2378
Reidsville, GA USA 30453

Thank you very much for your contributions.