Spyware Weekly Newsletter :· October 20, 2005
The Spyware Weekly Newsletter is distributed every week to 20,000 subscribers and read online by hundreds of thousands of visitors. Please read our Terms of Use for quoting guidelines. http://www.spywareinfoforum.info/newlsetter/oct20,2005.
Wherever the term "adware" is used, it is referring to a category of software, not to any particular company or product.
The contents of this newsletter is commentary. It should not be mistaken for unbiased, objective journalism.
Table of Contents
- Two Major Spammers Out Of The Game
- Webroot Spy Sweeper
- What's The Deal With Spyware Bomber?
- Spyware Law Needs Civil Penalties
- Why I Now Block Ads
- Headlines
Two Major Spammers Out Of The Game
I DON'T LIKE SPAM! - Monty Python skit
I think we can all agree with that sentiment. Spammers have nearly ruined email. I cringe whenever I look at my own email. I actually find it easier to sort legitimate email into subfolders than sorting junk out of the inbox.
I do have some good news to report. Two of the worst spammers in the world are out of business.
The FBI raided the home of Alan Ralsky in September and seized all of his computer equipment. This effectively shut down his spamming operations, at least for now.
Ralsky is considered to be one of the worst spammers in the short history of the internet. At one point, he was sending over 100 million emails per day. According to Spamhaus, Ralsky is suspected of using numerous PC viruses to relay his spam. They also say that he has hacked into other people's mail servers in the past, in order to distribute his email.
As much as I criticize CAN-SPAM, I have to give it credit here. The FBI seized Ralsky's equipment to investigate whether he had violated that antispam law. It is believed that Ralsky hid the origin of the spam messages he sent, which is illegal under CAN-SPAM.
Another major spammer, Laura Betterly, seems to have thrown in the towel. The so-called "Spam Queen", once believed responsible for sending up to 60 million spam messages per month, says now that spamming is not worth the effort and no longer uses "email marketing". She announced this decision in an article entitled "It’s 2005 - Email is Dead.".
Well, email hasn't died yet, but spammers like Betterly and Ralsky have nearly suffocated it under trillions of junk messages. Between spammers, poorly-written spam filters and blacklist sites that don't care when they list an innocent server, it is a wonder that people still find the few legitimate messages sent to them. Is anyone reading this??
Spy Sweeper
 |
Author: Webroot Software
Platform: Windows 98, ME, NT, 2000, XP
Discount Options: Until Oct 27, you can buy Spy Sweeper with a one-year subscription to updates and receive a second year free OR receive $10.00 off a one-year subscription.
One Year Free: http://www.spywareinfoforum.info/rd/sstwoyear
$10.00 Discount: http://www.spywareinfoforum.info/rd/sstenbucksoff
"Spy Sweeper is the most effective standalone tool
for detecting, removing, and blocking spyware."
-PC Magazine, January 12, 2005
Spy Sweeper is an excellent antispyware program. I consider it to be one of the best antispyware programs available. Webroot has released version 4.5 and Spy Sweeper now is better than ever. Here are some of the new features:
Advanced Blocking and Detection
Using new FlexDef technology, Spy Sweeper can identify and eliminate
never-before-seen spyware on the fly - without the need for a specific
definition.
New Smart Shields
Four new Smart Shields (16 different shields in total) provide greater protection from new spyware installations.
- ActiveX Shield - prevents spyware from using ActiveX controls to install on your PC
- Spy Communication Shield - blocks incoming and outgoing communication to malicious Web sites known to host potential spyware threats
- BHO Shield - stops the installation of unwanted toolbars that track Web site activities or install other add-ons without your consent
- IE Trusted Sites Shield - prevents spyware from adding unwanted Internet Explorer Web site entries
Comprehensive Removal Technology (CRT)
Using new patent-pending removal technology, Spy Sweeper effectively
disables the most sophisticated spyware programs - ones that are
specifically designed to avoid detection and removal. This advanced
technology saves you time and effort by removing these vicious threats
in one sweep - with no need for multiple reboots.
Improved User Interface
The Spy Sweeper dashboard lets you quickly view all crucial information
about recent sweep results, as well as spy defense updates,
subscription status, and more. Plus, you now get a graphical display of
the risk level for each threat Spy Sweeper finds making it easier to
understand the danger spyware poses to your security.
Faster Automated Definition Downloads
Spy Sweeper now downloads only the new or modified definitions to
ensure you have the most up-to-date protection available -
instantaneously.
This new version of Spy Sweeper is extremely nice. It is easy to use. It is very thorough. The protective options are excellent - far better than the obligatory option of locking the Internet Explorer home page that many other programs provide. I definitely recommend this new version of Spy Sweeper.
If you have any problems with the ordering page, please email Catherine http://www.spywareinfoforum.info/email2.php.
Anyone buying as a corporate customer and needing many copies of this program, please contact Catherine.
What's The Deal With Spyware Bomber?
Over the past couple of weeks, I have received numerous emails from people demanding their Spyware Bomber registration key and threatening to cancel the charge on their credit card if they don't receive it. This left me completely baffled, of course, since I had never heard of Spyware Bomber before the first emails started to arrive. It is not something that can be bought at SpywareInfo.
Judging by all of these emails, people are paying for this program and then receiving invalid registration keys. What I can't figure out is why they write to me, demanding that I take care of it. I have written back to every person to explain that I have nothing to do with that program and to ask them why they wrote to me about it. None of them have answered. I am ~totally~ baffled.
After the fifth or sixth email, I asked Eric Howes if he knew anything about it. He publishes a list of antispyware programs considered to "rogue". Spyware Bomber was on that list, although the entry didn't say much. My question reached him at about the same time as a letter from the company behind Spyware Bomber demanding that the entry be removed.
Eric, along with Suzi Turner, started digging into Spyware Bomber that night and made a disturbing discovery. By following a convoluted chain of web sites, IP addresses and domain registrations, they found a possible link between the company selling Spyware Bomber and the company which makes Elitebar. The IP address used by Spyware Bomber belongs to Enternet Media, the company believed to be responsible for Elitebar.
Elitebar, also known as SearchMiracle and Yupsearch, is a nasty little spyware. Not only is it installed silently by other malware, it also employs rootkit technology to hide itself from the Windows API. It is suspected that Elitebar steals personal information, including credit card numbers, from people using their toolbar. I also strongly suspect that it was Elitebar which deleted my Google Toolbar a few months ago, when I let a test computer become infected by an ActiveX drive-by.
You have an Elitebar infection if this toolbar appears in Internet Explorer. SWI Expert Miekiemoes has developed a way to remove it easily. The removal instructions are below. Make sure you follow the instructions exactly.
Please download LQfix.exe from one of the following locations:
http://www.downloads.subratam.org/LQfix.exe
http://miekiemoes.geekstogo.com/tools/LQfix.exeSave it to your desktop.
- Double-Click LQfix.exe and click Next > Next > Install.
- Leave the default settings, if you change them, the fix will Fail!
- You need an active Internet connection, so make sure your connection is enabled.
- Now make sure the "Launch LQfix" box is checked.
- Click the Finish button, after clicking the Finish button the fix will start.
- Follow the on-screen prompts.
- Your system will reboot afterwards.
- Please be patient after the reboot, there is a script running in the background that needs to complete.
I want to know the reason for the complaints that I have received. I would like to know why people are writing to me about it, first of all. More importantly, I want to know why every email that I have received about Spyware Bomber complains of a registration key that doesn't work.
If people are being ripped off, I really want to know about it. That is exactly the sort of thing that would make the FTC perk up and take notice.
Those of you that have Spyware Bomber, I want to ask you a few questions. What sort of advertisement led you to buy the program? Did you receive a valid registration key? If you were going to write a complaint, what would lead you to write to spywareinfoforum.info about it?
If you have the answers to these questions, please write to me and let me know. Put "Spyware Bomber" in the subject line so that I can find it. Thank you for your help in solving this little mystery.
If I find out anything more, I'll be sure to include it in a future newsletter.
Spyware Law Needs Civil Penalties
Someone posted a very interesting response at the message board to a recent newsletter. In that newsletter, I called on Congress to outlaw the behavior of spyware, not the technology behind it.
The poster referred to the Computer Misuse Act, which recently came into force in the United Kingdom. It is very similar to the laws which I requested. He pointed out a problem with this law. The law will not be enforced unless a government computer is effected. If it is a small business or a home computer, the Crown Prosecution Service will not bring charges against whomever is responsible.
This led me to realize that I forgot to bring up an issue when I was talking about the spyware bills here in America. Every draft of every spyware bill that I have seen moving through the Congress makes it clear that citizens cannot bring action against a spyware peddler. Only the FTC, the US Attorney or the Attorney-General of a state may bring action against someone for violating the Federal antispyware law.
That is a significant failure of every one of those proposed bills and I can't believe that I forgot to mention it. What it means is that, if your computer becomes so infected by spyware that it must be reformatted to bring it back to a useable state, you cannot file a lawsuit against the people responsible, even if they clearly have violated the antispyware law. Instead, you must go to your state's Attorney-General, hat in hand, and humbly request that the law be enforced.
CAN-SPAM has had a few successes. I will, grudgingly, admit that. However, one of the reasons it is largely ineffective is that it doesn't allow people to sue spammers. An ISP can sue a spammer. The FTC or a state Attorney-General can sue a spammer. The poor shlobs who are forced to hammer the delete button every day cannot do that.
The best consumer protection laws, in my own humble opinion, are those that allow regular people to enforce them by providing for civil penalties. Imagine if you had to run to your Attorney-General every time someone broke a contract. Contracts work because individuals can sue those who violate them. That is why people tend to obey a contract. It is too risky not to do so.
This might very well be the reason why certain adware companies, including Claria and WhenU, are so supportive of the current antispyware bills. Not only can they claim to be legitimate by just barely squeaking past the letter of the law, they know that they would have to do something spectacularly stupid before someone hauled them into court to call them on it. The risk of being punished for violating the law would be low.
Now imagine if you could just walk into any federal court and hold a company accountable for forcing you to format your hard drive to remove their spyware. Imagine if your boss could send the company lawyers after those people and demand payment for all the hours you spend cleaning up your company's network. Imagine if the people who create these drive-by hijackers had to worry that any one of 200 million people could haul them before twelve outraged jurors.
Sadly, it is very unlikely that whatever antispyware law is passed will allow for that. Every bill that I have read makes it clear that only Attorneys-General or the FTC will be able to go after someone violating the law. This is what happens when the companies affected by a law have a hand in writing it.
Why I Now Block Ads
The following question appeared on Slashdot recently:
Why Do You Block Ads?
"With ad blocking becoming ever more popular among users, why do you block ads? And with what? Do you view internet ads as different from say, TV ads? What about in a magazine? Do you not buy a magazine because it has too many? I'm specifically talking about the ads in a webpage, but even popup blockers can cause problems with me using a site."
The question prompted a massive number of responses, even by Slashdot's standards. My own reply was so far down the list that I doubt anyone will ever read it.
This is something I have been meaning to write about. Everyone knows that I use Firefox to surf the web. Among the many extensions that I have installed, I now use the Adblock extension with filterset.g.
I have said, more than once, that I do not block advertisements on web sites. I understand how expensive it is to run a popular web site and donations will never cover that expense. Well, now I do block ads. The advertising industry and certain web site owners can blame themselves for changing my mind on that.
The reason that I now block most advertisements is because of pop-ups and sliders. On the issue of pop-up and slider ads, I freely admit to being a radical extremist. The people who first thought up the idea for the pop-up and the slider should be sent to the gallows - after being boiled in oil and before being drawn and quartered.
I won't explain why I have that attitude. If someone really needs for it to be explained to them, there would be no point in trying. They simply would not understand.
Over the last few months, pop-up ads managed repeatedly to sneak past Firefox's built-in pop-up blocker. I don't know if Mozilla's developers are falling behind or if another extension has weakened the filter. Whatever the cause, more and more ads were popping up while I surfed. And Firefox has no default filter to block slider ads. After a couple of months of this, I decided that I had had enough of it.
Mozilla recommends the Adblock extension with filterset.g for stronger pop-up blocking. So I installed it and, sure enough, the pop-up and slider ads have disappeared. An unintended consequence is that nearly all banner ads also have disappeared. Even Google's Adsense banners are gone.
I want the online advertising industry to take note of this. I know people working for some of the big ones read this newsletter. You people have made advertisements so intrusive and annoying that someone who does not support the blocking of web ads has been forced to block them himself.
I cannot imagine how you could have been so naive. Did you really think that the answer to pop-up blockers was to circumvent them? If someone closes their door on a salesman, do you honestly believe that the salesman should kick in the door and continue his sales pitch?
All you have accomplished by circumventing my pop-up blocker is to piss me off. Now all of your ads are blocked, not just the annoying ones. Congratulations. Well done.
Headlines
SpywareInfo has a new(ish) feature, listing news headlines relevant to spyware, privacy and safely using the computer. There is a saying that "all politics are local". It seems that this also applies to the internet. It is a close community in that problems can spread from anywhere. If you see a local story that you think deserves attention, please let us know. Use this mail form, tell us some details and we will follow the story.
This Spywareinfo News Section is updated every day - and several times during the day. It is a section of Spywareinfo that we hope will keep you informed on a daily basis - and keep your internet time a bit safer. Go have a look.
