Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security Software

Spyware More Common in Popular Software? 71

Posted by Cliff from the watch-what-you-install dept.
Keith Young asks: "Over the past month, we have seen a 1500% increase of spyware denials on our firewall primarily due to WildTangent 'spyware' installed with AOL IM 5.5 and adware installed with Weatherbug. Since many of these widely-installed types of applications have an automatic upgrade feature, how can these be tested for license agreements, spyware, and security 'irregularities'? Is this another reason to approach management to choose only open source alternatives?"
This discussion has been archived. No new comments can be posted.

Spyware More Common in Popular Software? More

Spyware More Common in Popular Software?

Comments Filter:

  • Opensource is good but... (Score:3, Insightful)

    by dj015 ( 680676 ) <darryl@sailingaway.co . u k> on Monday April 12, 2004 @12:56PM (#8838805) Homepage
    You have to bare in mind that alot of companies have invested alot of money into there Microsoft Windows Network with all there fancy graphics packages and what not. If you have just finished signing a checking for nearly the value of the company on software licenses for your machines would you want to go to an open source operating system because some guy who works for you is moaning about spyware being stopped by the firewall. in my opinion the best way to scare somebody into changing to open source software is to tell them about the spyware that is NOT being stopped by the firewall

  • free apps aren't free (Score:5, Insightful)

    by Sammich ( 623527 ) on Monday April 12, 2004 @12:59PM (#8838833)
    I know everything you can download for free isn't really that, but on the same hand as many people want to know if they have drm-crippled CDs that they purchase, wouldn't one also want to know what 'extras' get installed with a program and not just an [install] button to start and an [ok] button when finished?

  • GAIM (Score:5, Informative)

    by Schezar ( 249629 ) on Monday April 12, 2004 @01:02PM (#8838873) Homepage Journal
    Gaim [sourceforge.net]

    Just a friendly reminder in case there's anyone out there in slashdot land who still doesn't know about it. Works perfectly with AIM/ICQ and Jabber (and those other services no one actually uses ^_~) Even has a Win32 installer.
    • I use GAIM on my home computer, and it works great, except for one problem: file transfer. For some reason, AIM's file transfer doesn't seem to work reliably. Maybe it's just that I'm trying to send files to people who have no idea if they have a firewall or not.
      • Neither Gaim under FreeBSD (haven't tried it under Win32) nor even Trillian under Win98 work reliably with file transfers for me. They work for chatting, and for SENDING files to people, I can pop them onto my server, but receiving files is more difficult if they're too large for my e-mail box. (I don't seem to have inbound SMTP available through Cogeco, so my own e-mail server isn't an option.)

    • Re:GAIM (Score:4, Interesting)

      by zhiwenchong ( 155773 ) on Monday April 12, 2004 @01:32PM (#8839179)
      Also, GAIM doesn't have AIM Talk. I use AIM Talk regularly to talk to someone who is running AIM on a Mac OS 9.0.4 machine. (her machine can't run OS X, and OS 9.0.4 is the last stable version)

      You'd be surprised how few VoIP proggies exist for OS 9 machines, and even rarer still, proggies that also have Windows clients...

      Apart from MSN Messenger (which requires at least 9.2.2), AIM seems to be the only solution.

      • Re:GAIM (Score:2)

        by cei ( 107343 )
        Jaguar worked fine on my Beige G3, so doesn't that mean that any machine that can't run OS X must be at least 7 or 8 years old (pre-G3)? You can't necessarily fault developers for not maintaining support or making new innovations compatible with hardware that outdated.
        • No, you're right of course. There is no requirement for developers to support old hardware or old software.

          Unfortunately, some users out there still prefer to stick with OS 9 than to upgrade to OS X. They are of the opinion that Apple should have preserved their beloved old interface and way of doing things in OS X. You can't persuade these people to move to OS X... so you have to live with them.

          Incidentally, I'm surprised Jaguar runs okay on your beige G3. I'm guessing you maxed out your RAM. From most a
    • I prefer Psi [affinix.com] to GAIM or Kopete or anything else so far. Yes it's Jabber but it works the way the old ICQ client worked before they went hog-wild with "features". And it's multiplatform: Win32/Linux/Mac.
    • Gaim worked reasonably well from what I remember of my brief trial with it but the main problem I had with it was the size of the icons - they were fscking massive and it only took about five icons to fill my 1152x864 screen. Fine if you only have five contacts, but I have about 200. It was clunky in other respects as well, but I can't remember what now. So I went back to Trillian.
    • There are quite a few multi-protocol messengers.
      Did anyone compare them?

  • Use Gaim (Score:5, Informative)

    by KingOfBLASH ( 620432 ) on Monday April 12, 2004 @01:02PM (#8838874) Journal

    I use gaim [sourceforge.net] instead of AOL instant messenger. It's got just about every feature that AOL instant messenger has, plus a slew more (plus it can consolidate chat clients). It is easy enough to use for non techies that all my friends and family are on it instead of the AOL version. There are OpenSource projects out there for everything. Check out Sourceforge [sourceforge.net]. And, if you really like the product, and it saves you some money, donate some money to the project so it can get even better.

  • Weather *Bug* (Score:5, Funny)

    by jkujawa ( 56195 ) on Monday April 12, 2004 @01:07PM (#8838917) Homepage
    You know, if you install something called WeatherBug, you're kinda asking for spyware to be installed. It's practically in the name.

  • AIM/gaim video chat (Score:5, Interesting)

    by 2nd Post! ( 213333 ) <gundbear@pacbe l l .net> on Monday April 12, 2004 @01:12PM (#8838965) Homepage
    Unfortunately gaim doesn't support AIM's video chat.

    Is there something out there that does? I was looking forward to AIM 5.5 connecting with iChat to do video chat with my dad and friends; now I may have to avoid that if the AIM spyware is bad (sigh)

  • screensaver.com (Score:5, Interesting)

    by dtfinch ( 661405 ) * on Monday April 12, 2004 @01:21PM (#8839065) Journal
    I recently discovered that screensaver.com is distributing screensavers that I wrote with their own custom installer that includes several spyware programs, some of the worst I know of, hijacks their home page, puts advertisement links all over their computers, and requires them to agree to receive spam before they're finally allowed to install my screensaver. I've dropped their affiliate commission and demanded that they stop distribute my screensavers with spyware, particularly because it hurts my reputation and is responsible for some of my support email, but so far no response (I'll give them another day or so). Spyware bundling was not a problem I had anticipated when I wrote the EULA. Next I'll be contacting other authors I who's screensavers are being distributed in this fashion.

  • Weatherbug? (Score:3, Informative)

    by Asprin ( 545477 ) <gsarnoldNO@SPAMyahoo.com> on Monday April 12, 2004 @01:23PM (#8839075) Homepage Journal

    I know older versions of Weatherbug included Gator, but my understanding was that they had stopped bundling this garbage in favor of a more unintrusive ad-only revenue model. At least the last couple of versions I scanned with Spybot S&D and Ad-aware tested clean.

    Did I miss something?

    Oh, and more on-topic, YES. Spyware is a big reason why I use open-source software whenever possible.

    • Weatherbug now has (during install) a checkbox for WhenU.com. Last time that I tested it out, it was checked ON by default. Since most end-users don't know what WhenU is, they happily install the spyware.

      --Keith
  • Your company specifically allows people to play web games on company time? Make it against the rules to install WildTangent stuff. Why bother with an open alternative (if one even exists). Unless you're an entertainment software developer that needs to look at WildTangent based stuff there is *no* reason for it to be on a business computer.

    • You'd be surprised how many people hammer out a few games of solitaire or Zuma or whatever at lunch.
      • At lunch only? An ex-boss of mine developped an addiction to solitaire, litterally. He asked to have it removed from his computer, because he spent most of his day playing.
        Fortunately, he didn't know how to use a web browser. Else the lan would have been crawling with downloaded games (and the associated spyware) in no time.
      • That's not an excuse for the company to have to allow the software--especially if IT can prove it is causing an increase in support calls and/or abuse of network resources.

        It doesn't take a streaming web technology for 3D games to play solitaire. If people want to play a game at lunch then can always go to Yahoo! Games, Pogo, or some other web based game site that doesn't require non-session specific software to be installed on the end user's machine.

      • ... but why allow such installations on corporate pc's?

        why?

        because they up the productivity, make the day funner? if that's the case(and that's allowed) they can go play some browser based games that don't need crap installed on the pc.

    • It isn't allowed at my organization; if you look at my linked article, you would see that AOL IM 5.5 installs it *automatically*. At that point, it happily reports back to WildTangent.com... --Keith Young
      • I looked at your linked article. If WT is not allowed it shouldn't be dependant on whether or not the user has installed it specifically or if it was added as part of a different install.

        If WT is not allowed then it's not allowed, period. So a bulletin goes out that says, "AOL IM 5.5 installs WT, which is a no no, therefore AOL IM 5.5 is a no no. Don't install it."

        Is AOL based IM *required* at your organization? If not then there is no reason to even allow AOL IM. If IM is required then the company shou


  • I use some older 4.x version of AIM. Not at my desk so I couldn't tell you the exact version.

    It was one of the first ones that let you store your buddy list on the server, but it doesn't have any annoying features that suck up bandwith, along with memory/cpu cycles.

  • WinPatrol (Score:3, Interesting)

    by Sidlon ( 103096 ) on Monday April 12, 2004 @02:18PM (#8839702)
    I've recently become a fan of WinPatrol [winpatrol.com]. It's shareware, but will do pretty much all you need indefinitely in its trial version.

    Most spyware tend to set themselves to run automatically on startup, and WinPatrol's watchdog will bark at you whenever a program does that, and let you confirm or deny. (If you register, they'll give you information about tat program to help your decision).

    • Or, You could just go to http://www.sysinternals.com/ and then download Autoruns and do it yourself for free.
      • As far as I can tell, Autoruns works much like msconfig, just showing you what is currently set to startup (and letting you disable them).

        The difference w/ Winpatrol (the free version) is that it sits in your system tray and alerts you immediately whenever a program tries to add itself to that startup list. And for frequent offenders (how many times has qttask.exe appeared in your startup?), you can set a task to "disable" so that any time that program attempts to join the auto-start list, it will fail.

        I
  • Most managements are clueless idiots, the moment you walk in to a meeting board, with an argument that open source has no spy ware, some idiot will ask you, but isn't it true that open source code can be edited by anyone ?

    There is no easier way to fight the paranoia about open source s/w , if you work for PHB.

  • AOL advocates using Ad-Aware (Score:4, Interesting)

    by Fletch ( 6903 ) * <fletchNO@SPAMpobox.com> on Monday April 12, 2004 @02:51PM (#8840015) Homepage
    Funny that AOL's own AIM Virus/Trojan Help page [aim.com] instructs the user on installing and using Ad-Aware [lavasoftusa.com] (steps 5-8).

    Of course, that was probably posted long before Ad-Aware would actually remove parts of AIM itself.
  • Ok, I can dig it if someone wants to give me free software but require I allow them to install adware, spyware, trojan horses, or all my credit card numbers, etc. If I agree to these terms, then I'm stupid and deserve whatever bad things (tm) happen to me as a result. As long as it is SPELLED OUT in the EULA.

    HOWEVER, I've bought software only to get ticked off because it wants to installed crap like Gator or worse on my system. Many times, this isn't part of a EULA (if there is even one). That's one way to

  • It took me a while, but I finally found Weather Pulse [tropicdesigns.net]. It scrapes data from weather.com, displays a systray icon, and shows detailed forecasts. All without any spyware or ads.
  • If the Spyware and Adware software makers told the users what the software will be doing on their machine, the users most likely would not install it.

    I recall there was a plug-in for Kazaa that removed the Spyware/Adware and kept Kazaa working. Diet-K was the name I think.

    By my definitions, Spyware and Adware are malware and unethical to force the users to install with the free or shareware software.

    Many PHBs confuse free or shareware with open source software and claim that open source software contains

Slashdot Top Deals

Don't panic.

Close