Saturday, November 12, 2005

Victory! I beat a 2kb piece of code into submission: Or Wrestling se.dll to the ground and DESTROYING IT!

Heroes of the internet: The folks at Major Geeks, Annoyances.org (especially Mr. Charlie for this post )

Extra special thanks to the creators of SpSeHjfix. (http://derbilk.de/malware/index.php) I don't speak Germany but I think they speak English, so THANK YOU! They were part of the epic struggle to remove the piece of shit virus from a friend's old computer.) Also thanks to the diligent people at CW-Shredder http://cwshredder.net/

Other players in the assist? The creators of AVG anti-virus software.
Players who tried in the effort, but failed? Norton Anti-virus.(It's inability to install or offer a method to remove the software from either a CD or online especially pissed me off. McAfee Anti-Virus? To paraphrase the folks over at Fark.com "The tools, They DO NOTHING!"

THE PATH TO VICTORY
The battle involved a nasty virus that hijacked the homepage and sent it to a "search website". It does this by renaming the Internet Explorer default start page "about:blank", to THEIR webpage which they evilly named "about:blank". BASTARDS! Because it lives on your computer and doesn't let you delete it easily, it keeps restarting itself. It also messes with the Active-X controls so that all the great ActiveX programs that could have found and removed it were rendered useless. I went to the website www.bitdefender.com and the online anti-virus program started to load then BAM! I get a message box telling me my active-X controls won't let the program run. ARRRRRRGGGGGG!!!! Sneaky bastards! They won't let me load tools like Norton to remove it (part of the fun of this process was installing and uninstalling Norton like 3 Brazilian times (that's a call back to a joke, folks). Finally I abandoned it and used AVG. It barely runs on the old machine, but it did the trick, but only partly. Based on the info from the good folks at Annoyances.org (bless you Mr.Charlie!) the program would keep reinstalling itself if I didn't get into the registry. That is where the program SpSeHjfix came in. That program in conjunction with CW-Shredder proved the virus was finally GONE!!!! I WON! IN YOUR FACE STARTPAGE.19.J!!!

BAD HUMANS? The creators and funders of the Trojan horse Startpage.19.J.

I think their punishment should be to go around the world and remove the software from every computer they infected. What kind of person revels in the disruption of other's tools? People who don't SEE the damage it does. They only see the stats "Oh! I made it into the list of viruses that the anti-virus makers look for!" Those are the kids. Now if they worked with the makers of the start page search engine to actually make money, then they are a different level of punk. This is the level that should be found and sued into oblivion. These are not some 17 year olds living with their parents who can't empathise with the people whose computers they destroy (and by the way, it is 93% boys who do this stuff). This is not some 16 year old who is angry at the world and says "Screw you computer owners who use Microsoft! I'm l33t! u r pwn3d!"
This is someone where money changes hands in the course of commerce. And illegal commerce. There is a reason we have laws and regulation. It is for the GOOD of the people AND the business community, and when the business community keeps saying, "No regulation! And says, "This is too small to pay attention too." they are hurting their customers and themselves. For example, because spyware makers hide under the cover of outrageously extensive EULAs (end user licence agreements, those things you click when it asks if you agree to this program) they are providing cover for the assholes who will use it for crap like the about:blank homepage hijackers and the 180SearchAssistant jerks.

WHAT IS BEHIND THIS?
EULAs. My buddy Ed Forster's of the Gripeline talks about this with passion, and it feels like it comes down on deaf ears. But all the people who have been infected and spent hours fixing their computers COST something. There is a price to pay for the corporations because they give these people cover or ignore them. So when your business spends millions cleaning computers look to the software companies that forgive outrageous EULAs because they don't want THEIR EULAs to be questioned. If they want to keep using EULAs then you need to hunt down the radicals who use the EULAs for spyware and other programs that damage users computers.

Maybe because the press have been hobbled by right-wing nuts and the corporate media can't go after real corporate criminals, I think that the legal community is our last hope. The technical community works hard, but I think they need backing from the legal community. Where are the corporate lawyers for a big company that says, "This is bullshit. These people are messing up our people's computers. I don't give a shit if they "gave the spyware permission" by clicking on an EULA. And I especially don't care if they used an even sneakier method. We are going after these bastards."

AOL and Microsoft FINALLY went after the spammers and some are in jail now and some had their assets seized. We need the same kind of effort for the spyware makers and the virus makers who are making money off of their evil works.

Hey Lawyers! You want money? Five Words: Class Action against Spyware Makers
When a lawyer somewhere hears a story like, "Virus caused 20 billion dollars of lost time!" Their eyes don't light up because they don't see any deep pockets. There are only a handful of Net police to go after these lawbreakers. But what if the people doing the damage aren't kids living in basements? What if someone made some money on the spyware and viruses? Doesn't THAT make the lawyers eyes light up? And why DON'T we have lots of Internet police? The AGs office is going after PORN makers for God's sake. I know a lot of people who happily pay for PORN delivered over the intenet. I don't know ANYONE who WANTS virus and spyware. Why are they going after PORN in the AGs office? Because the Fundie Xtians scream about it. If people screamed about spyware and viruses maybe something would happen. I can't imagine there is a huge lobbying group who want to protect the virus makers (although there are people protecting the spyware makers, which should tell the lawyers something about who has the deep pockets).

Clinton. Sex. Bush. Money. Who's hurt?
Now the bizarre thing is that, like the Clinton sex scandle, going after sex on the internet seems more exciting and makes for juicy headlines, whereas going after virus and spyware makers isn't as "sexy". But just like the Bush financial scandels where BILLIONS are missing in Iraq, money goes into the hands of the bad people and people's lives are impacted. Maybe what it will take is to combine the spyware maker or virus maker with some kind of porn or sex scandle to get the AG to go after them. Now do I want the AG to drop everything and go after this instead of terrorists? No. But they could go after this instead of porn. And what about the states' AGs? Why can't they be like Elliot Spitzer? He is one of my heros. He is doing what so many AGs could and should be doing.

I know that the police have gotten SOME people, but seriously, this is a weak effort. AOL took the proceeds of a spammer and raffled it off to members. If you seize the assets of these people, put it into law enforcement to catch more of them and pay for the ones that DON'T have assets, but do a lot of damage anyway.

Well this was a rant that I didn't expect to write and it is, as usual, too long, but after I did my victory dance my analytical brain takes over and asks, "Why? What can we do to fix this? And who benefits, who loses? Where can justice be served? What is the route to the good of the many, vs. the good of the few? How can I help?"

In conclusion: the maker of se.dll is a small boy with no empathy for others. This is a black spot on your soul kid. Grow up, turn away from the dark and to the light. Use your powers for good. Pull a David Brock and help the side of creation, not destruction.

Stop harming individual computer users and small business owners everywhere. Offer yourself up to a class action suit lawyer going after the people who paid you to send the traffic to their site. Turn states evidence and convict the jerks making money off of your knowledge of computers. Feel okay to look at your self in the mirror in the morning. Be a man.

UPDATE:
Sadly my efforts were practically for naught. Today I found out that another home page hijacker has sprung up on the machine. Sigh. I should have put counterspy pro on it, but it the machine didn't really have enough memory on it to run both the AVG Anti-virus and the anti-spyware in active mode. The owner said, "Forget it, I won't LET you spend any more time working on it." I understand. At least the machine isn't crashing like it did before, she can still use a few of her applications until she saves up for a new one. And for everyone who thinks computers are cheap, yes they are but they aren't free and the effort to keep one out of the land fill was a worthy one in my mind.

IN OTHER IRONIC NEWS
While I was working on that computer, MY computer caught a homepage hijacker! And I HAD the active mode on Counterspy pro. I did some research on this one. It is new, it uses Java and it is designed to escape the notice of the anti-spyware products!
BASTARDS! I'll keep pushing for a lawsuit at the same time I work on technology solutions to keep them at bay.

6 Comments:

Anonymous said...

GradeSchoolTeach<-----Once again, happy she has a Mac G5!

7:18 PM  
Anonymous said...

GradeSchoolTeach<-----Once again, happy she has a Mac G5!

7:18 PM  
spocko said...

Oh GradeSchoolTeach you are the lucky one, but I got to spend the day solving a puzzle that had stumped brazilions! You just got to use your computer for fun and games. And what fun is That?

11:56 PM  
Jim said...

Spocko, good job with the malware. Porn BTW is the number one malware producer/conduit (with gambling a close second)

http://www.networkworld.com/news/2005/110705widernet.html

8:34 PM  
Anonymous said...

You got rid of the cretinous code. That's the main thing. AND you were trying to keep another computer out of the landfill. I'm amazed that that was part of your plan. Who even thinks of that?!

Be proud, Green Geek!

9:12 PM  
pseudolus said...

Damn, man! What are y'all using for browsers? Get Opera, it is now completely free. I fall back on Firefox when a website won't work right in Opera, then fallback on an IE variant when Firefox fails to render OK. But it is very rare that I have to fire up IE these days. I stay away from porn and gambling sites, but I have friends who won't and since I turned them on to Opera I haven't had to fix their damn computers.

Of course I also have a slew of tools running to watch the registry and whatnot, but Opera is the key for much of my calm browser days. Plus being able to open a bunch of webpages at work then bring that session home and continue here is a big advantage to me.

5:42 PM  

Post a Comment

<< Home