October 07, 2004

House passes 2nd anti-spyware bill

Adds penalties of up to five years in prison

WASHINGTON - The House on Thursday passed the second bill in three days that would outlaw “spyware,” irritating software that quietly monitors the activities of Internet users.

It would add penalties of up to five years in prison for people convicted of installing such programs without a computer user’s permission.

The bill, known as the “Internet Spyware Prevention Act,” passed 415-0. It would give the Justice Department $10 million to crack down on companies and others that secretly install spyware and those who attempt to trick victims into disclosing personal details and financial information in e-mail scams popularly known as “phishing.”

[ Full Story @ MSNBC.com ]

Source: MSNBC.com © 2004 MSNBC.com

Posted by akvalley at October 7, 2004 05:52 PM | TrackBack
Comments

Disgusting Spyware Methods! Disgusting Anti-spyware Methods!

DiamondCS is a reputable software firm that developed one of the best Anti-tojan applications I have seen, TDS-3. Unfortunately, DCS employs a hardcode technique that redirects the user to its site with numeric IP 64.91.255.87 upon pressing the F5 function key. Of course there is nothing wrong with this process. This fact could have remained unnoticed had it not been for a spate of really nasty IGN/CWS infections that showed the DCS redirects along with the nasties in hijacked Host files and shown below:
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch
O1 - Hosts: 69.20.16.183 ieautosearch
O1 - Hosts: 69.20.16.183 ieautosearch
O1 - Hosts: 69.20.16.183 ieautosearch
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O1 - Hosts: 69.20.16.183 ieautosearch
O1 - Hosts: 69.20.16.183 ieautosearch

A quick google search of “O1 - Hosts: 64.91.255.87 www.dcsresearch.com” will provide at least 1,500 links (Yup! that many!). It should be noted that an HJT 01 entry will only appear if a Hostfile hijack is involved. Redirecting to the local host to will not appear in the HJT log. When asked about this, representatives of DCS at Wilders Security Forum replied that this is perfectly normal since it simply redirects from an alleged “bad site” to the legitimate DCS IP.

If such were the intention, a simple redirect to the local host would have sufficed as this blocking technique is acceptable. However, redirecting to a preferred website is in any laguage, a hijack. This type of redirect is the method used by hijackers with the same objectives: redirecting to the chosen website. DCS cannot claim that since they are reputable, a redirect to their site is acceptable. No one has nor can given them that status. A hijack is a hijack is a hijack…. The method is absolutely wrong!

Now comes an interesting scenario.

Quote:
“It’s becoming such a sizeable problem in the US that the Government voted unanimously in Spring 2004 to approve the first-ever anti-spyware bill. The Securely Protect Yourself Against Cyber Trespass (Spy Act), approved by the US House of Representatives, would levy fines up to $3 million for those who illegally collect personal information, change a browser’s default home page or bookmarks, log keystrokes, or steal identities “

Posted by: True Orient at December 8, 2004 12:58 AM
Post a comment









On-topic comments, complaints, and criticisms are welcome, but off-topic or inappropriate comments will be deleted without notice to the commentor. If you include your URL below it will be linked (and subsequently indexed by Google and the like...possibly).

Since ALL of the message text is displayed online, please maintain your personal privacy by not posting personal information.

Remember personal info?






Please enter the code as seen in the image above to post your comment.