Monday, April 18, 2005

Spyware strikes again...

I'm getting really fed up with the idiots out there who think they can install spyware junk on my PC even _with_ my permission. There should be a way to set some obscure setting in IE that says, "I'm a computer geek, I'm not stupid, go away. Go bother someone else who is vulnerable to such nonsense."

Take, for instance:

http://www.lyricspy.com/

Running that site in FireFox makes it show up just fine. Now load it in IE (er, assuming you have all the latest security patches installed) and you get a face full of some annoying Flash animation telling you to install their ActiveX (spyware/virus/trojan) control (um...no way) and a dialog box telling you to install the ActiveX control (still no way) and a whole lot of junk (the text on the webpage is busted - still no way I'm installing it). This isn't the first time I've run into this and I'm just picking that page out as an example.

In FireFox, just about at the same location in the source (if you can map source code to page rendering in your head) appears a transparent layer that doesn't repaint. I assume that FireFox is trying to display the same thing as IE, but something gets busted in the process - making it impossible to read anything in that area of the page. Another thing to note is the text of the page - IE shows garbledygook while FireFox is plain ASCII...the server is doing something specific in this case.

Digging into the source code reveals:

http://www.yoursiteweb.com/

That site is the storefront of one of many eyesore organizations on the Internet. The real interesting issue is - when will there be sufficient critical mass (i.e. sales of spyware toolbars) to annoy enough people to start hunting for browser alternatives that conform to the way they are used to doing things. The scary part is that the spyware sites are specifically targetting IE6 SP2 (over 80% of the browser market)...which means critical mass could, alternatively, mean a critical disaster for the generally uneducated public (a more likely, and scarier, scenario). The humorous part of this is that lyricspy.com recommends FireFox. You would think that they would be more interested in spying on the IE users who actually install it since they get no revenue from the FireFox users.

The only reason this made a blog entry is that the number of sites I've run across in the past week that are participating in this unsavory business practice has got me concerned. I saw such sites appear within days of the IE6 SP2 release, but now the number has skyrocketed such that I've even run into them on _reputable_ software development websites (not just the occassional Chinese/Japanese sites with example Win32 source code). I suspect that before the year is up, someone will write some piece of spyware such that it opens a backdoor on the user's system and will be distributed using tactics like YourSiteWeb does (i.e. Spyware with a twist) - imagine 80% of all computer users out there with a backdoor trojan installed. Goodbye Internet.

I took a 2 hour nap this afternoon and had the weirdest dream: I dreamed that I took a prank phonecall at the downtown volunteer fire department for a ham and pepperoni pizza with some phone number ending in 9 and then made it completely backfire on the prank caller by making a pizza with anchovies. When the guy got back from the payphone he used, I set it before him with plenty of flair (including a red-and-white checkerboard tablecloth bib) and said something like, "Here's your 9'er slices of pizza". You should have seen his expressionless face (well, technically, he had no face). It was hilarious. Then I woke up. How I got to the fire department in my dream is a baffling mystery - shortly before that I was being chased by a big vat of expanding purple alien goo.

No comments:

Post a Comment