Clif Notes Freeware and Website Reviews
[Back to the Review Archive]  [See the newsletter archives]

 Security Who Profits from Security Holes? - show me the money
Benjamin Edelman at Harvard University recently posted this article and accompanying video. They show how easily an unprotected PC can be overcome with spyware. He also details how the spyware can be tracked to it's sources. Just follow the money. What can we do with that information? Currently, very little. One of these days our laws may include protection from this type of software. Hopefully this will happen sooner and not too much later.
Eric says that the latest version of Internet Explorer, as patched by Windows XP Service Pack 2, is not vulnerable to the unwelcome installations shown. So, you know what you need to do ...

Website - Video - Tip

Quote from the website - How bad is this problem? How much junk can get installed on a user's PC by merely visiting a single site? I set out to see for myself -- by visiting a single web page taking advantage of a security hole (in an ordinary fresh copy of Windows XP), and by recording what programs that site caused to be installed on my PC. In the course of my testing, my test PC was brought to a virtual stand-still -- with at least 16 distinct programs installed. I was not shown licenses or other installation prompts for any of these programs, and I certainly didn't consent to their installation on my PC.

In my testing, at least the following programs were installed through the security hole exploit: 180solutions, BlazeFind, BookedSpace, CashBack by BargainBuddy, ClickSpring, CoolWebSearch, DyFuca, Hoost, IBIS Toolbar, ISTbar, Power Scan, SideFind, TIB Browser, WebRebates (a TopMoxie distributor), WinAD, and WindUpdates. (All programs are as detected by Ad-Aware.) I have reason to believe that numerous additional programs were also installed but were not detected by Ad-Aware.

 Clif Notes Freeware and Website Reviews