Re: [SLUG] Hackers drop spyware into popular tool -> utility used by Unix, Linux and BSD

From: Timothy L. Jones (tim@timjones.com)
Date: Sat Aug 02 2003 - 01:49:01 EDT


El Vie 01 Ago 2003 10:31 PM, Frank Roberts - SOTL escribió:
>
> Well that is one point. Not the one I was trying to make.

Agreed, there are many good points that can be made out of this.

> e-mail spammers, advertisers, and other
> assorted unsavory marketing types who are are placing cookies, programs,
> and other tracking components into desktop computers.

This is just a symptom of control freaks who DEMAND that we spend our valuable
time watching their ads. Unfortunately, technology can be made to work in
their favor as well as ours.

> Admittedly most of
> this is happening to MS boxes but admittedly 95% of desktops are MS boxes
> too. What my referenced showed was that it was possible although harder to
> do the same to Linux boxes with out the owner user noticing.

The upside to using a minority-share OS is that we are not as big a target as
the Windoze crowd. I know that status will change one day, but when it does,
we'll benefit from our infrastructure being built on superior ground.

When the script kiddies finally mobilize all these millions of infected Win32
computers, however, it will choke the net to the detriment of all. We'll be
as 'unplugged' as everyone else at that point, through no fault of our own.

> The relevant point there is that it does happen and that it
> can trash Linux boxes and/or you are followed around the net.

My simple policy is not to use any software that I don't trust (which is
pretty much anything not distributed with major Linux distros or anything
else I can't get the source to, except VMware, which ROCKS!). In this day
and age, there is no excuse for any kind of on-line transaction not being
done safely and securely inside of a Java or Web context. Unsafe native code
is NEVER required anymore.

Here are three excellent examples of unnecessary native code: Where I work,
people are downloading and using HotBar (which is basically HTML-wizards &
email themes tacked on to MS-Outlook, with tons of mother-ship-reporting &
adverts, on recipients AND senders), and also Webshots, which delivers
beautiful outdoorsy wallpapers via a SysTray icon (also with
mother-ship-msgs-&-tracking), and Babylon (a program that provides
English/Spanish translation services). None of these tasks REQUIRE any Win32
binary code, as 1) in Outlook, you can choose any HTML editor to write your
email, 2) you can certainly Save-To-Disk any image you want to be wallpaper,
and 3) there are tons of HTTP-based online dictionaries (I have been studying
Spanish heavily for the past two years, and can tell you there are plenty of
great Spanish/English dictionaries online, and a dead-tree Merriam/Webster in
my pocket nearly every day). Hotbar, in particular, has this really ballsy
EULA that actually spells out and gains consent for the snooping that they
do! I notified the help desk of the privacy risks of these unnecessary
programs, but nobody there cares. Fine, I'll be the only one with a clean
Windows system at work.....(what am I thinking? they won't care then either!)

I got an internet-enabled cellphone recently - no JavaScript, no Java, no
cAptiveX, no Flash, just text, images and hyperlinks. My new
site-portability test is whether or not my phone can render it. I'm
reworking all my sites to work with it. I figure, if my phone can handle it,
then I know it's pure.HTML, nothing else. Ah, back to the basics. The first
T in http stands for 'text' not 'trash', not 'terabyte', and definitely not
'traitor' or 'turncoat'.

> You know the place at AOL where the
> have the complete files and dossiers on all Americans using the internet.

Absolutely, they do. What other asset can they possibly have to warrant the
high valuations they've had in the past?

> All this rambling brings me back to the point of how can one configure a
> box so that pop-up adds do not occur while allowing pop-up information web
> pages?
>
> I do know that it can be done in Mozelle sometimes but Mozelle is nothing
> more than the Linux sanitized version of Netscape so I am never sure that
> Mozelle is not secretly reporting to Net Central Command.

It's actually the other way around. Mozilla is the pure lizard built from
source (and you can build it yourself - I have on occassion, just to see what
it is like), while Netscape 6/7.x was always an old snapshot of Mozilla with
the spell-check, SHOP button, bundled AIM, and adware stapled on. Think of
Netscape as the lizard with gonnorhea or herpes.

> The other immediate possibility is Galeon but Galeon in Md 9.1 is not as
> good as Galeon in 9.0 for some reason. Don't know but I believe Genome went
> to a higher level and there is some more adjustments required for Galeon
> and Genome to function as well as it did.
>
> Konqueror which I like does not have filters for pop-ups.

I hope you'll be happy for me to contradict you there. On my KDE 3.1.2 (from
Debian's unstable tree), there is domain-specific allow/deny functionality,
AND a choice of Allow, Ask (with option to remember always), Deny and Smart
for how to handle popups. All GUI, not in an a .konquerorrc file.

> Then of course there is Opera. Now you may pay that bunch of fools money
> but not me. Besides this looks like it reeks of the Netscape disease -
> reporting in to Command Central.

In the case of Netscape 6/7, please remember to attribute this disease to AOL,
not Mozilla. It also happened recently that AOL set Mozilla aside with a $2M
starter gift. So you won't have to worry about the Netscape browser anymore
(MS paid them $750M to dump Mozilla, in case you're wondering) . Just keep
getting your Mozilla and Konqueror, direct from the sites themselves, or your
Linux distribution (Debian has been my favorite these past 3 years. I never
forgave RH for the rpm3->rpm4 mess - I lost several clients over it).

In the case of Opera, I don't like their ads either, but at least they're
upfront with why they are there, and they do make a good case for buying the
ad-free version. I use the ad version in testing my sites - their DOM model
is mostly complete and working.

I'm not sure I understand your beef with Mozilla either. Under
Edit/Preferences/Privacy-Security/Popup Windows, there is an option to
suppress popups. Going into that dialog box allows you to specify a list of
domains that you WANT popups to work for (like that bank that uses
"javascript:window.open('url');" instead of an old fashioned <A
TARGET='newwin' HREF='url'> tag.

> Lets regress back a bit to the part of pop-ups. How does one get rid of
> pop-up adds with out getting rid of pop-up information windows [since they
> are using the same code, only the information is different] using Mozelle
> and visiting general sites without doing more work than simply closing the
> offending pop-up is beyond me. I haven't figured out any way to filter out
> the adds which I don't want without filtering out content which I do want
> before the first visit to an unknown site.

In addition to the above methods, a filter-proxy like privoxy or junkbuster
will tip the balance of control to your side, in addition to the smarter
browsers' features. I can vouch for both of these, having used them at
separate times. I no longer use them, mostly because Mozilla and Konq now
provide most of the blocking that I need.

> Like I haven't figured out any
> way of setting up the filters without spending more effort to set up the
> filters than it takes to close the offending pop-up.

This problem is a twisted version of 'what the market will bear', perhaps?
Slow enough to annoy, but not annoying enough to create a filter?

Think of it in a criminal-justice light. Most crime is committed by repeat
offenders (recitivism I think it the right word here), so it follows that you
can lower crime MORE by locking up these particular individuals than by
locking up people who get in trouble less often. There is a huge percentage
of web traffic divvied up between like four or five companies, so I see a
similar pattern. I believe you'll also find this pattern with the pop-up
people. If you take the time to set up the filters against the worst
offenders, you'll find that it DOES pay off, especially in the beginning. It
is after a while that you'll find diminishing return in saved time after
setting up your 400th filter. (And I have learned from my wife that the
worst offenders can be different depending on your surfing habits... her
block list is wildly different than mine, because she does recipes & eBay and
I do most slashdot and newspaper sites through news.google.com).

tlj

-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:54:35 EDT