Coffeehouse Thread

7 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

What is Microsoft doing about winsock hijacking by spyware?

Back to Forum: Coffeehouse
  • User profile image
    Shining Arcanine

    Sometimes spyware ties itself into Winsock and removing it will cut a computer from the internet. What is Microsoft doing about this in Longhorn or XP SP2?

  • User profile image
    jamie

    i have a friend for whom im defacto tech support
    - he uses his computer for 2 things: downloading porn, and downloading porn.

    His machine is always full of crap! that i have to remove and repair - SO...

    i loaded the beta of SP2 on his machine.
    i asked him to show me where he gets porn - and he said google

    I was suprised by this as google seems so do-goody.

    What he does is turn off safe search - or whatever its called - then types stuff in to find porn.

    so i said ok - do it now that you have SP2 installed - which he did.  after 5 min of "technical testing Wink i told him to stop and ran adaware and spybot ( which i had run before sp2 install)

    there were over 50 things - in five minutes - and i made sure he didnt "Agree" to any boxes that popped up.

    So basically - what good is SP2??
    just go out and buy adaware and spybot and put them in windows to run at startup

    otherwise all these "security" changes are doing nothing but inconvenience developers - as for users they dont seem to prevent even the most common of exploits : toolbars in ie, stuff loaded at start up, many tracking companies, etc etc etc.

    *Sorry if this is a bit off the winsock topic SA

  • User profile image
    jamie

    * One last comment regarding Auto - add toolbars in IE

    just as i think Full screen is great - i also like the ABILITY to add a toolbar if i CHOOSE

    in SP2 youve gone and removed the ABILITY to run fullscreen kiosk - yet &^&^% sites can still add MySearch and iSearch etc to IE.

    Why not just make SP2 not auto load toolbars and not allow auto fullscreen - but leave the functionality - if the user agrees to it

    sorry - still mad at the removal of fullscreen for LEGITIMATE - MARKED uses

    Just do it like this:





  • User profile image
    Shining Arcanine

    Jamie, your friend's computer isn't properly locked down, if I was to lock it down, the only spyware he might get is cookies and that would be severely limited. That is, judging by how I don't get spyware anymore...

    Also, "kiosk" (boy, do I dislike that word by now...) interfaces are a major security risk and should have never have been in IE.

    Edit: By the way, I wrote a post about how I would lock down a computer, check it out:

    http://www.vbulletin.com/forum/showthread.php?t=103635&highlight=security

    It is post #4 in that thread.

  • User profile image
    jamie

    Interesting

    thing is for his machine - its a slow old 400 ( although Xp runs pretty snappy on it)

    The only Virus program i have is Norton 2004 - which i find to be a resourse hog even on my 3ghtz - so there was no way i was loading or it would take him literally over 5 min to boot.

    I forgot about Zone Alarm - that would probably have done it - but again: I thought SP2 had this.. I know myself i had to allow IE and outlook and MSN to access the Internet connection..

    so .. this only works for MS programs?


    ** also - re- kiosk mode. I'm not arguing your right to dislike it, just for my right to still have access to it.

  • User profile image
    Shining Arcanine

    jamie wrote:
    Interesting

    thing is for his machine - its a slow old 400 ( although Xp runs pretty snappy on it)

    The only Virus program i have is Norton 2004 - which i find to be a resourse hog even on my 3ghtz - so there was no way i was loading or it would take him literally over 5 min to boot.

    I forgot about Zone Alarm - that would probably have done it - but again: I thought SP2 had this.. I know myself i had to allow IE and outlook and MSN to access the Internet connection..

    so .. this only works for MS programs?


    The guide was intended for Windows XP SP1.

    Anyway, maybe you can get him a corporate edition (with a license for a single computer). They are designed for speed.

    On SP2, here are the things that apply (assuming the firewall and popup blocker are on and are properly configured):

    -Install Ad-Aware
    -Setup Ad-Watch
    -Setup IE's privacy settings to Allow 1st party cookies and deny 3rd party cookies. Also, uncheck the session box
    -install Spybot S & D and lock down the home page, immunize the computer, and lock the hosts file.
    -Get IE-Spyad
    -Configure the antivirus software to auto update its definitions as often as possible and configure Auto Update

  • User profile image
    jamie

    that would definately do it..

    its probably not a good test case cause the machine probably couldnt handle all things starting up and running.. but im getting tired of fixing it so i actually printed that out. we'll see what it can handle Wink

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.