From: Aron Roberts (aron@socrates.berkeley.edu)
Date: Thu Nov 07 2002 - 16:23:12 PST
At 15:34 -0800 2002-11-07, Bruce Satow wrote:
>I just wanted to point out to people the fact that even though you
>may have an anti-virus program installed, it doesn't mean that you
>are safe from being compromised via trojan or worm.
Good point. It should be noted that, despite their name, major
commercial "anti-virus" software packages also detect worms, as well
as a great many trojans. But it's entirely conceivable that a
specialized anti-trojan package may provide more comprehensive
detection of the latter.
>Also check out http://www.grc.com and look at the leak detector. Some
>trojans are 'one-way' doors just sending out information to some
>location....
Agreed. One potential issue is that commercial anti-virus packages
generally provide little or no protection against commercial
"spyware" products, some of which may "leak" information from your
computer back to various servers.
For instance, Symantec specifically notes this in an article on
their Web site:
"Does Norton AntiVirus detect Jokes, Adware, or Spyware?"
http://securityresponse.symantec.com/avcenter/venc/data/jokes.or.adware.html
>By design, Symantec Security Response does not provide virus
>definitions to detect joke, adware, or spyware programs. Such
>programs are not malicious, and detecting them only leads to
>unnecessary virus alerts, which could cause you to believe that you
>have run or received a dangerous program when you have not. If you
>have received or installed such a program, and you do not want to
>run it, we suggest that you uninstall or delete it. ...
>
>In general, if a suspicious program asks you to agree to an End User
>License Agreement (EULA) prior to installation, or if the program
>itself is copyrighted, then Symantec Security Response will not add
>a detection for the program in question. ...
>
>Spyware is a generic term for a class of software designed to either
>gather information for marketing purposes or to deliver
>advertisements to Web pages. ...
>
>The general purpose of spyware is to gather information about your
>Internet surfing habits and deliver that information to its
>customers. That information, in turn, is used to deliver advertising
>that you (based on your Web surfing demographic) are most likely to
>respond to. ...
>
>Although software of this type is legitimate, it can, in some cases,
>be installed on your computer without your knowledge. This poses
>privacy concerns for many people. ... Spyware programs, while they
>may be objectionable, are not malicious, and detecting them only
>leads to unnecessary virus alerts ...
Bruce Satow cited Steve Gibson's excellent Web site
<http://www.grc.com/>, above. One of this site's sections is devoted
to an extensive discussion of spyware:
Gibson's company offers a freeware utility for Microsoft Windows,
OptOut, which can detect one vendor's spyware, and his Web site
mentions a forthcoming commercial release of this product which will
detect additional products. There are also other utilities which
purport to do much the same thing ...
Aron Roberts
Workstation Software Support Group
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2b29 : Thu Nov 07 2002 - 16:28:00 PST