• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Eric in CA

Is there really such a thing as drive-by?

6 posts in this topic

On a couple of occasions I've read that merely by visiting certain web sites, spyware may be installed on your computer.

 

Is this just an urban legend?

 

If not, why do so many spyware apps install based on trickery ("click here to exit" which installs the spyware)? I would think they'd all just install automatically.

 

Or is there a limit to what a web page script can do, and to really do bad stuff they have to get your consent, informed or otherwise?

 

If there are web sites that automatically install spyware, shouldn't there be a list of sites that do such evil?

 

- Eric

Share this post


Link to post
Share on other sites

Yes.

 

CoolWebSearch is the biggest of these.

 

There can be no list without a huge number of tests, and at the moment, we don't have the resources to do that.

 

There is a limit, but it's unknown at this time (only if you use IE. Firefox is _FAR_. _FAR_ safer - there's a link in my signature if you want it).

Share this post


Link to post
Share on other sites

Just to be absolutely clear: If I merely visit coolwebsearch.com, my Internet Explorer will be hijacked?

 

 

If so, yikes! I realize it's getting into speculation, but why do the spyware folks even bother with all the tricky "You've won a free prize! Click here to claim it!" stuff? Is it just because it hasn't occurred to them, or they still have some shred of ethics?

 

Thanks for your replies.

 

- Eric

Share this post


Link to post
Share on other sites

No, no, no. CWS is too clever to have it on their pages. There are many, many of their affiliates who use that dubious, nay, illegal, method to distribute their Trojan horses and virii.

 

You may want to read Merijn Bellekrom's CWS Chronicles for more information on this.

 

http://spywareinfo.com/~merijn/cwschronicles.html

 

Firefox and Linux, as usual, are immune to browser hijackers.

Share this post


Link to post
Share on other sites

Keep in mind also that much of what you see for spyware / malware related problems are keen exercises in human engineering. Many of the lesser known spyware providers use the "Click Here if the Monkey is waving at you" type ploys to get you.

 

Every one of these companies and the rinky-dink software developers that they employ need to be punched in the nuts.

Share this post


Link to post
Share on other sites
On a couple of occasions I've read that merely by visiting certain web sites, spyware may be installed on your computer.

Is this just an urban legend?

 

Nope, in fact there are several ways of falling victim to this.

Remember that your browser supplies the webpage you visit with several pieces of information, including your IP adress and browser version...

 

Vulnerabilities in Internet Explorer ActiveX scripting used to allow driveby installs, and more such vulnerabilities are discovered all the time, even if you patched against the latest one.

 

With your IP adress, anyone can attempt to exploit a number of vulnerabilities pesent on an unprotected system. (unpatched and/or no firewall.)

 

With security settings that are too low, any webpage can install anything on your system without your approval, regardless of how wellpatched you are.

 

 

Sun Tzu once said: "The best strategy is to be very strong."

 

In computing this means two things.

1. Think before you act. (Something Liv Tyler is incapable of, but I digress...)

2. Secure your system, and keep your security up to date. (Falls under 1., but I thought I'd mention it anyway...)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0