[SecurityRatty] tag: toolbar

The Stigma Enigma, Revisited

Wed, 27 Aug 2008 10:58:56 +0000

Recently my pal Bill Pytlovany (of WinPatrol fame) wrote an article on his blog asking "What's Wrong With Toolbars"?

I wrote something along similar lines way back in 2005, and it's vaguely depressing to see how little has apparently changed. I'm not going to quote myself, but rather compare and contrast Bills experiences (and those of his commentators) with the person who posted a comment to my entry, which I quote below in full:

"Unfortunately, the few 'honest' toolbars have indeed taken the wrath of users as a result of the spyware, parasite, adware and other creepy applications of an otherwise good technology.

What's interesting is that, as far as my own toolbar system goes, I've had offers from clients all over the world to develop different kinds of toolbars -- and without fail -- it is the US-based companies that seem most willing to cross the line and request applications that I simply refuse to develop.

We're talking about features like:

- Forced Install
- Hidden Install
- Report all URLs back
- Report all searches back
- Forcibly and hidden set home page
- Forcibly and hidden set default search engine
- Forcibly generate un-blockable pop-ups
- Install and run hidden executables
- Bypass all security and anti-virus tools
- The list goes on...

What's sad is that I'm able to generate the most powerful and incredibly useful toolbars imaginable. Ones that can save countless hours of time and effort. Ones that can be customized on a per-user basis to make the Internet and use of ones's own computer a pleasure.

However, there will always be people around who's sole motivation is the almighty dollar -- and who will do ANYTHING to get it.

These people don't care about you, your wants, your needs, your security or safety -- as long as they can line their pockets with your money, or by taking advantage of actions you perform (even one lousy click!).

They'll infect your machine, using whatever means necessary, and they won't stop -- EVER."

The "industry" has certainly cleaned up since then, but the insistence on wanting to cram a toolbar on every PC, ever, remains. I must admit to being kind of disturbed that none of these companies seemingly want to take "No" for an answer - instead of leaving alone, they keep coming back every month or so. Of course, given the potential for mass moneymaking that's on offer I can't say I'm entirely surprised...

Mac users are advised not to use Safari by Consumer Reports

Wed, 06 Aug 2008 18:26:29 +0000

According to this year’s State of the Net survey, Mac users fall prey to phishing scams at about the same rate as Windows users, yet far fewer of them protect themselves with an anti-phishing toolbar. To make matters worse, the browser of choice for most Mac users, Apple’s Safari, has no phishing protection. Consumer Reports [...]

Grayware?

Wed, 07 Mar 2007 04:11:45 +0000

Very interesting definitions that I found on www.dqchannels.com which I would like to highlight:

'Grayware' is a term that regularly appears on IT and security professionals' radar screens today. An umbrella term applied to a wide range of applications that are installed on a user's computer to track and/or report certain information back to some external source, these applications are usually installed and run without the permission of the user.

Grayware categories

Adware: Adware is usually embedded in freeware applications that users can download and install at no cost. Adware programs are used to load pop-up browser windows to deliver advertisements when the application is open or run.

Dialers: Dialers are grayware applications that are used to control the PC's modem. These applications are generally used to make long distance calls or call premium 900 numbers to create revenue for the thief.

Gaming: Gaming grayware applications are usually installed to provide jokes or nuisance games.

Joke: Joke grayware are applications that are used to change system settings, but do no damage to the system. Examples include changing the system cursor or Windows' background image.

Peer-to-Peer: P2P grayware are applications that are installed to perform file exchanges. (P2P) While P2P is a legitimate protocol that can be used for business purposes, the grayware applications are often used to illegally swap music, movies, and other files.

Spyware: Spyware applications are usually included with freeware. Spyware is designed to track and analyze a user's activity, such a user's web browsing habits. The tracked information is sent back to the originator's Web site where it may be recorded and analyzed. Spyware can be responsible for performance related issues on the user's PC.

Key logger: Key loggers are perhaps one of the most dangerous grayware applications. These programs are installed to capture the keystrokes made on a keyboard. These applications can be designed to capture user and password information, credit card numbers, email, chat, instant messages, and more.

Hijacker: Hijackers are grayware applications that manipulate the Web browser or other settings to change the user's favorite or bookmarked sites, start pages, or menu options. Some hijackers have the ability to manipulate DNS settings to reroute DNS requests to a malicious DNS server.

Plugins: Plugin grayware applications are designed to add additional programs or features to an existing application in an attempt to control, record, and send browsing preferences or other information back to an external destination.

Network management: Network management tools are grayware applications that are designed to be installed to for malicious purposes. These applications are used to change Tools network settings, disrupt network security, or cause other forms of network disruption.

Remote administration tools: These tools are grayware applications that allow an external user to remotely gain access, change, or monitor a computer on a network.

BHO: BHO grayware applications are DLL files that are often installed as part of a software application to allow the program to control the behavior of Internet Explorer. Not all BHOs are malicious, but the potential exists to track surfing habits and gather other information stored on the host.

Toolbar: Toolbar grayware applications are installed to modify the computer's existing toolbar features. These programs can be used to monitor web habits, send information back to the developer, or change the functionality of the host.

Download: Downloaders are grayware applications that are installed to allow other software to be downloaded and installed without the user's knowledge. These applications are usually run during the startup process and can be used to install advertising, dial software, or other malicious code.