Spyware Weekly Newsletter :· December 10, 2003

The Spyware Weekly Newsletter is distributed every week to 20,000 subscribers and read online by hundreds of thousands of visitors. Click here to subscribe. Please read our Terms of Use for quoting guidelines.This edition of the Spyware Weekly Newsletter is archived permanently at http://www.spywareinfo.net/dec10,2003.

Permlink | Top

Dell seems to have listened to the criticism handed to them last week, after their decision to forbid tech support persons from providing assistance to spyware-infected customers became public knowledge. They have partnered with PestPatrol, Inc. to sell Pest Patrol's spyware removal software to Dell customers.

Read this message board thread for more information.

There are free solutions that would do the job just as well or better. However, as long as customers are no longer being denied the tech support promised to them with their PC purchases, that is fine. Dell is in business to make money after all. All that matters is that customers have access to information that can help them remove the parasite.

I do have an issue with this statement by Dell.

Dell does not endorse any specific Freeware or Shareware utilities designed to remove spyware applications because we cannot test these open source utilities reliably.

In fact, they can test them reliably if they choose to do so. The price of a piece of software has no bearing on how you test it. Dell should be honest and state simply that they chose not to test them, not state that they cannot. To say that free software cannot be tested reliably is dishonest and an insult to the consumers' intelligence.

Links:

http://www.spywareinfo.net/dec2,2003#dell :· Dell Policy Forbids Spyware Removal Support
http://forums.us.dell.com/supportforums/board/message?board.id=si_sysperf&message.id=752 :: Dell announcement

Permlink | Top

Program: Window Washer
Author: Webroot
Platform: Windows 98, 2000, ME, XP or NT4
License: $39.95 (30% off when you use coupon code SAVE30)
More Information

Window Washer is a very cool, very useful program. You could spend an hour rummaging through your computer, deleting your browser cache, cookies, temp files, address bar history and even those nearly impossible to delete index.dat files. With Windows Washer, you don't have to waste all that time and energy. Window Washer makes doing these tasks quick and easy.

If you have any doubt how much garbage Windows can build up over time, take a look at this picture. That is about 2 months worth of cleaning. The amount of junk it has cleaned out in that time would fill a small hard drive. How much storage on your hard drive is nothing but junk?

Window Washer can be set to overwrite deleted files with gibberish to keep data recovery methods from restoring the files. You even can set custom washes to clean up folders and registry keys not cleaned up by default. I have been using it to clean up the browser cache from Mozilla, Firebird and Opera as well as Internet Explorer.

This is a program that sells normally for $39.95. SpywareInfo readers can subtract 30% off that price and receive a free copy of Webroot's "My Personal Favorites". If you want to buy more than six copies for friends and family, the discount is 42%. Please contact us and we will arrange that.

Links:

http://www.spywareinfo.com/rd/webroot/ :· More information on Window Washer

Permlink | Top

Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

• MD5 hash compare
• Look for default files used by rootkits
• Wrong file permissions for binaries
• Look for suspected strings in LKM and KLD modules
• Look for hidden files
• Optional scan within plaintext and binary files

System requirements:

• Compatible operating system (see 'Supported operating systems')
• Bourne Again Shell (BASH)

Supported operating systems
Tested on:

• Red Hat Linux 7.2
• FreeBSD 4.3/4.4/4.7/4.8
• FreeBSD 5.0/5.1

Please note that I have not tested Rootkit Hunter. I don't have any linux or BSD distros installed currently. If you should have a bad experience with this software, please let me know.

Links:

http://www.rootkit.nl/projects/rootkit_hunter.html :: RootKit Hunter Project

Permlink | Top

Heads up for those who link to or recommend HijackThis, CWShredder, the Coolwebsearch Chronicles, or to any other file at http://www.spywareinfo.com/~merijn/. Merijn has his own web site now, located at http://www.merijn.org/. All of his files can now be found there.

Here are the most common files accessed on his site.

http://www.merijn.org/files/hijackthis.zip
http://www.merijn.org/files/cwshredder.zip
http://www.merijn.org/cwschronicles.html
http://www.merijn.org/htlogtutorial.html

I'll set up a redirect for the old addresses if possible. If I can't do that, I'll keep copies of them in their old locations for a while. Please change any links on web sites, forum sigs or any other place where you link to the files.

Permlink | Top

A reader sent an email to show me this article. It is an in-depth discussion of spyware and other online pests.

The article is not entirely accurate. For instance, the author states that all Internet Explorer toolbars, such as Google's toolbar, are spyware. That is not true, but for the most part this is an interesting piece, especially if you are new to the whole idea of software parasites such as spyware and browser hijackers.

http://www.intranetjournal.com/spyware/ :· Inside Spyware: A Guide to Finding, Removing and Preventing Online Pests

Permlink | Top

It looks like Diebold's CEO may not be delivering Ohio's votes to the president in next year's election after all, despite his promise to do so. Ohio officials have ordered counties to halt the deployment of touch screen voting machines until more testing can be done to make sure they cannot be subject to tampering.

More on this from Wired.com:

The state's top elections official said Tuesday that security problems found in new touch-screen voting systems mean they won't be in place statewide in time for the November 2004 presidential election.

Secretary of State Kenneth Blackwell said some of the new voting machines would be installed in August, some in November and the rest in 2005.

Read the rest of this article at Wired.com

Links:

http://www.wired.com/news/business/0,1367,61467,00.html :· ohio suspends touch-screen voting machines.

Permlink | Top

Some time ago, I posted to a message board topic where some idiot was arguing that people shouldn't worry about their privacy if they have nothing to hide. It was an angry post because I can't stand it when someone says that. It is an ignorant and simpleminded argument to bring into a debate about privacy.

Most people have nothing to hide and they would still require a search warrant before allowing the police to search their home. Wanting privacy to be respected has absolutely nothing to do with whether or not you have something to hide.

I decided to start a topic on this at SpywareInfo's forums to see how other people deal with that argument. The topic has been going strong for several months.

The latest response was a really interesting one and I've decided to show it here:

"When someone gives you the old "I have nothing to hide" argument, what do you usually say in return?"

When I hear this my blood boils, I feel my hackles rise and I want to reach through my monitor and inflict serious bodily harm upon their sheepish, emasculated, brainwashed arses!

Then, after I have calmed down, I patiently explain to them how such a statement is based upon empty rhetoric and not logic. I explain to them that in order for people to be truly free and enjoy the so called democratic rights our protective politicians claim we have, people must feel free. They must feel free of suspicion and they must feel a sense of trust, that people must be respected and not to be watched over their shoulder all the time. That society advances by the unfettered actions of truly free people, not those huddled in a corner, fearfully grasping their meager material possessions to their chests and calling the police to hunt down any person that displays the least bit of individuality. Creativity and progress come from those that are free of fear and distrust. But then I just sigh and walk away, knowing that the true spirit of humanity is actually lost to the vast majority of people on this dismal planet.

It turns out that some of those who say they don't worry about their privacy because they have nothing to hide sometimes are lying. When these people's privacy is invaded unfairly, they squawk just as loudly as anyone else. Read this story at the Willamette Week Online and you'll see what I mean.

Links:

http://forums.spywareinfo.com/index.php?showtopic=4561 :· Discuss this at the forums
http://www.wweek.com/flatfiles/allstories.lasso?xxin=3485 :: Rubbish!

Permlink | Top

Do you remember the article I wrote a few weeks ago about a Virginia man whose insurance company canceled his insurance, after he had filed a large damage claim? The adjuster claimed the man, Steve Wells, owned a "Pit Bull" and his insurance company tried to cancel his insurance based on that. The man does not own a Pit Bull and was outraged at what the company was trying to get away with.

I was just as outraged and wrote an article about it for DogReader.com. At least one radio station also discussed the situation.

Steve says that the Virginia State Corporation Commission has written a letter to that insurance company about the situation. The company has written to Steve saying that if his veterinarian will sign a letter stating that the dog is not a Pit Bull or mixed with certain other breeds, they will not cancel his insurance.

Steve says he happily will provide that letter just to have it on record, but that August Mutual can take a hike. He has found another insurance company and has no desire to spend his money with a company that would treat a customer in good standing with such disrespect.

Chalk one up for the good guys.

Links:

http://www.dogreader.com/archives/000125.php :· Get Rid of Your Dog or Lose Your Insurance

Permlink | Top

Paul Collins, creator and maintainer of "Pacman's Startup List", is seeking employment in hardware engineering and design near Cambridge, England. If anyone can help him in that regard, please contact him. His contact information is published at http://www.pacs-portal.co.uk/About/about_index.htm.

Links:

http://www.pacs-portal.co.uk/startup_index.htm :· Pacman's Startup Tips

Permlink | Top

Have you ever had one of those days? Well, I've had about seven of them in a row. Murphy's Law has been kicking my butt all week.

Last week, the fun started when I used the wrong coupon code for that Aluria discount. Normally that link would have led to a redirect page at spywareinfo.com, but since I was planning to move the server, I decided just to link directly to Aluria. That meant that I had to send a second newsletter out to update people on the link.

Remember the letter to Dell and its mention in this newsletter last week? Well, someone posted that to Slashdot right after the newsletter went out the first time. Slashdot posted it on their front page while I was sending the updated mailing; and it killed my server.

If you never have heard the phrase "slashdot effect" before, let me explain. The "slashdot effect" is when 100,000 geeks visit the same web site within the space of a couple of hours and stomp it into the mud. This is what my poor server looked like afterward (kidding). (Picture taken from http://www.ixtreme.com/)

At the time, SpywareInfo was on its old server. I was up all night setting up redirects from the old server to the new to try to keep the slashdotters from killing the server. We also moved the message board from the old server directly to the new and got it running.

I went to bed about 6 AM. At 10 AM, I was awakened to deal with an emergency here at home. I spent all day dealing with that on four hours of sleep.

A few days later, Lockergnome linked to the letter to Dell and that nearly brought the new server down. Lockergnome doesn't have as many readers as Slashdot, but they still have two or three hundred thousand.

I have an area on the server where I store spyware, viruses, trojans, browser hijackers and other nasty stuff for distribution to the people who write antispyware, antivirus, antitrojan and anti(insert term) software. Since uploading files over satellite is a lost cause, my friend Catherine moved all of my web sites for me. She has a nice, fast cable connection.

The day after we moved the spyware files, I woke up to discover that somehow one or more of those files had infected her computer. Our theory is that a PE virus started spreading through her .exe files. One by one, all of her programs stopped working. Eventually she had to format her hard drives and restore a backup image created a few days before the disaster.

As we put all of the web sites I host (except for one) on the new server and had them running, it became clear that my brand new dedicated server doesn't have enough horsepower to deal with my site, especially the forums. Twenty or thirty thousand people visit the site each day, over eight thousand of whom go to the message board.

Since the server was struggling to deal with the load, I had my web host install more RAM in the server. The extra RAM helped a little bit, but it turns out the problem was with the hard drives. They simply weren't fast enough to deal with serving a half dozen web sites and three message boards. I also host TomCoyote.org, DogReader.com, Mikehealan.com, Merijn.org, and some other web sites.

To deal with this, we stuck the MySQL database on a separate server that sees very little use. The entire server sped up tremendously after that. Unfortunately, the server still is struggling a bit to deal with the load at peak time. It wasn't too bad, but the load is enormous and the amount of traffic is unbelievable. If this keeps up, I might well have to move up to an even larger server.

As if all this weren't bad enough, as I write this, someone is launching a denial of service attack against the site. It was caught right away and the host is filtering most of it out. However, it still is slowing the server.

I have been working on this mess non-stop all week. I am more than a week behind on most of my email and it continues to pile up. I haven't had a whole lot of sleep in the past week.

All of this has cost me several hundred dollars so far; and I may have to spend several hundred more if I have to order a bigger server. If you'd like to donate a few bucks to help me pay for all this, I sure won't say no.

I'd like to thank my awesome web host and their awesome techs for holding my hand and babysitting me during this week. I don't think many other hosts would have put up with all of this. I honestly don't think these guys sleep. If they do, they don't do it often enough. I couldn't ask for better service than what I've received here.

Of course, it's not all bad. There is the occasional funny moment that makes up for a lot of bad things. Take this for example. We now have documented proof that spammers really are bloody stupid. :D

See you next week (assuming nothing else goes wrong).

Links:

http://www.dixiesys.com/ · SpywareInfo's Hosting Company
http://www.hostpc.com/ :· One of Dixiesys's support techs
http://slashdot.org/~Alien54 :· The Slashdot Poster
http://www.spywareinfo.com/support.php :· SpywareInfo Paypal Page
http://slashdot.org/article.pl?sid=03/12/03/0257238 :· Dell To Techs: Don't Help Customers Remove Spyware
http://forums.spywareinfo.com/index.php?showtopic=19779 :· Proof that spammers are stupid
http://www.spywareinfo.com/images/stuff/meltedcomputer.jpg :· Dead Puter