Spyware Sucks

Scott Richter - Spam King - files for bankruptcy protection

It seems legal fees are getting too heavy for Richter (link out of date)
http://www.denverpost.com/Stories/0,1413,36~32540~2786931,00.html

Details of papers filed (link not working - need to do manual search):
http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=ROK4930

But, the filing was/is deficient:

“It appears that the debtor has filed a petition which is not accompanied by the statement of financial affairs
and schedules required by 11 U.S.C. 521(1). Pursuant to Fed.R.Bankr.P. 1007(c), the debtor shall file said
statement and schedules within 15 days after filing the petition. The deficiency cure date appears below.
...
NOTICE IS HEREBY GIVEN that the required fee and/or omission(s) described above shall be
attached to a copy of this notice and received by the Clerk of Court by the Deficiency Cure Date
shown below or the pleading shall be stricken from the records of the Court or shall be referred to
the Court for further order.“

OptInRealBig have until 11 April to sort things out.

Some may remember Richter sued Spamcop, and won a temporary restraining order which was later dissolved. 

More info about Richter can be found here:
http://www.spamhaus.org/rokso/listing.lasso?-op=cn&spammer=Scott%20Richter%20-%20OptInRealBig

and here:
http://www.spamhaus.org/rokso/listing.lasso?-op=cn&spammer=Scott%20Richter%20-%20Wholesalebandwidth

Court ruling - anonymous internet poster successfully sued for libel

Yes, I know, it happened in the UK, not the USA, but it is still a warning to the wise...

“A LIBEL battle in London financial circles may have punctured the idea that posters to internet forums can remain anonymous“
http://australianit.news.com.au/articles/0,7204,12688849%5E15306%5E%5Enbv%5E,00.html

Sun Java vulnerabilities

When we install a newer version of software that has been patched to lock out vulnerabilities, we expect to be safe, yes?

When it comes to Sun's Java Runtime Environment, the answer is NO!!!!

Has your copy of Sun's Java Runtime been updated recently?  I strongly recommend that you go to Add/Remove Programs and see how many versions you have installed (at 100+meg per version!)

Did you know that old versions of Java's runtime are not overwritten when you update, and that malware designed to take advantage of java vulnerabilities can access those vulnerable older versions?  I ask you, what is the use of updating if the bad guys can come along and keep using the vulnerable old stuff anyway?  I can almost here them laughing.

Sun Java recommend in their FAQ that older versions of their JRE be kept on computers -   BAD ADVICE!!! 

Those of us who are lucky enough to have heard of http://sunsolve.sun.com, and know that Sun release Alert Notifications, and know how to find them, also know that Sun recommends that affected versions of the JRE be removed from a computer (see Docs 57707, 57740, 57708 and 57591)!

Bad advice - advice that is directly contradicted in the Alert Notifications - is being given to new users that are the primary audience and users of FAQs.  The FAQ needs to be rewritten to advise users to remove older versions of the JRE, unless there is a mission critical application that only runs on an older version.  If there is such a mission critical application, Sun should strongly recommend that said mission critical application be updated to be compatible with the latest version of the JRE.

Uninstall all those older versions of the Sun Java Runtime - go on- go and do it now.

Court ruling - websites are not protected by constitutional guarantees granted to journalists

A CALIFORNIA judge has ruled in favour of Apple Computer's bid to find the source of trade secrets posted online, saying that websites were not protected by constitutional guarantees granted to journalists.

Santa Clara County Superior Court Judge James Kleinberg ruled Apple was entitled to find out the identities of sources of the leaked information about an upcoming product code-named "Asteroid".

http://australianit.news.com.au/articles/0,7204,12538399%5E15306%5E%5Enbv%5E,00.html

Court ruling - Spyware Assassin given cease and desist order

A small win for betrayware (fake spyware removal software) victims was reported today on the Australian news channels:
http://australianit.news.com.au/articles/0,7204,12538391%5E15331%5E%5Enbv%5E15306%2D15318,00.html

“ ... The makers of Spyware Assassin tried to scare consumers into buying software through pop-up ads and email that warned their computers had been infected with malicious monitoring software, ... A US court has ordered the company and its owner, Thomas Delanoy, to suspend its activities until a court hearing on Tuesday. The company could be required to give back all the money it made from selling Spyware Assassin.  ...”

That's the way to do it! Hit them in their hip pockets!!

Firefox and spyware

I hate to say I told ya so, but I told ya so.

I think several people who know me will agree that I have been quite vocal about the common misconception that running FF is some sort of cure-all that will protect users from spyware. 

I have always believed that FF is a disaster waiting to happen, thanks to the misinformation being distributed by some FF supporters.  Too many people are switching to FF at their behest and believe  they are SAFE and they won't get INFECTED if they switch (their emphasis), and are now happily surfing with absolutely no idea that unless they change their browsing habits bad things will eventually happen to them.

Read 'n' weep:
http://www.vitalsecurity.org/2005/03/firefox-spyware-infects-ie.html

Here is an exact quote from one poor chap that I have been helping (anonymous to save said chap from embarrassment):

"..But, [they] told me that I am safe from spyware if I use FF, therefore it [crapware on offer for download] is safe to download 'cause if its spyware it won't work on FF anyway.."

What is the moral of this story?  NO BROWSER IS SAFE!!!  That's right - NO BROWSER.  Not Firefox, not Mozilla, not Deepnet, not Opera - not IE - NO BROWSER.  The only true protection is user education.  That means, don't just tell 'em to use a different browser - teach 'em how to be safe.