[no subject]

["Scott D. Yelich" <scott () SPY ORG>]

On Mon, 11 Sep 2000, MJK wrote:
> Actually it is not in just those money making programs.  It is also in
> common shareware and commercial application.  I have seen it in other
> commercial applications.  It is usually embedded in programs.  You can
> download an ad-aware program (Ad-aware v3.61) from the freeware section of
> http://www.lavasoft.de/.  This program inspects your computer for this
> spyware programs.  AD-aware includes the detection and removal of Web3000,
> Gator, Cydoor, Radiate\Aureate, Flyswat, Conducent\TimeSink and CometCursor
> (1.0 and 2.0).  A list of known spyware can be downloaded that same place.

Would a program such as ...  zonealarm ... prevent these things from
working.  That is, would zone alarm provide you with a pop-up that says
something like "so-and-so.dll wants to connect to the internet?"  With
response options like allow, deny, probe with a red-hot-debugger and
"remember" this program?  Other than an ad-whacker program which would
have to be updated quite often almost like the virus checkers, or zone
alarm, is there another solution to this irritating issue?

One thing I have noticed about the PC, with winblows, is that it seems
that just about every single new program I run across wants to connect
back out to the internet.  To me, it's VERY scary to reboot my PC and
see zone alarm come up with (to me what seems like) random programs
wanting to connect out to the net.  I'm sure this has been mentioned
before,  but it seems like either IE or active-desktop or something
wants to  ping like the last 10 visited URLs upon start/launch.  It's
kind of silly to be able to write a script to monitor your web logs to
know when a friend/stalker has signed on.

Is anyone else growing alarmed by this seemingly new trend?

On a related note...

How do people feel about filling out those 1/2 dozen page "application"
forms to download trial software?  Is a person legally bound to provide
correct information?  I see two things things that come out of it -- (1)
I get electronic spam...  I had to provide an email address to get some
"free" clipart -- because I was looking for a single image -- I just
wanted to scan the collection... and, almost 30 days later to the day, I
started receiving spam from the company... who later claimed that I
"opted in" to their mailing list and who also provides a convoluted and
BROKEN method of "opting out" and/or (2) I receive what I call
"realworld" spam... wasted paper sent to the address that I used, and
then I notice that sometimes my address is even sold to different
companies.  It's really nice when some loser company gets the name of
your company wrong (ie: stupid data entry mistakes on their part) and
you start getting all these nice little pens and stuff with the WRONG
company name on it -- ya, sure, I'll *buy* your product... or you get
that annoying phone call -- ever try to evaluate ISS -- one of their
sales-dweebs will call you within the HOUR!

Anyway, the whole vuln-* twist of this is the issue of programs wanting
to access the net -- say on a reboot/login.  Does anyone have any
example of unix based programs wanting to do this?  Alternatively, does
anyone have an example of an mp3 player for winblows that doesn't turn
music into a RAP song because it can't play continuously? :->

Scott