GoodGuy -> RE: My two cents worth (7/6/2007 6:35:36 AM)
|
quote:
ORIGINAL: LarryP http://www.matrixgames.com/forums/tm.asp?m=1432812 Steam... huh. [:@] A friend who had to use steam (HL2 i think) installed a sniffer tool to analyze the content of the data transferred to/from the steam server. He studied computer science and has a very well paid job in the IT sector, so he knows how to display and track such data transmissions. He found out that Steam counted/listed all mp3s on his hardrive and that it sent the infos to the Steam server. I don't know if Steam is still doing it, but it happened. Wherever these infos end up, the fact that Steam collected these infos on his machine is kinda hair-raising and this procedure would violate vital laws regarding privacy in quite a few countries. Some Copy-Protection Mechanisms (St*rf*rce for example) can be equipped with additional spyware, since they have a modular design. Most companies who license these use to decactivate them or even order them without the spyware atm, though. Games like BF2142 incorporate a complete adware engine (ads can be seen on displays ingame) already. Trojans, like the one u were talking about in the general forum, are used to "pull" the actual adware/spyware on your computer and install it. These trojans can't do much, if you are using a very good firewall (Tiny, Kerio and the like), since these control/track applications and services and their online access, and would come up everytime a trojan tried to place an "outbound call". Hardware routers with built-in firewalls and weak software firewalls only track port access, but would not object to applications using let's say port 80 (http port u need for surfing), for example. Older ZoneAlarm versions used to fail if malicious code was being executed on the machine by unsuspecting users (the weakest link here , hehe), means if malicious programs were trying to make outbound "calls". It has been fixed in newer versions, but it shows that even software firewalls feature different approaches or weaknesses. If you watch your tasklist (the taskmanager does not do the job, as it doesn't display all services/tasks) by using additional programs, if you get familiar with what kind of tasks are part of the system ( www.answersthatwork.com --> check the tasklist, not complete, but a good basis for additional research) and if you use "hosts"-files to block ads, ad-serving IPs and sites that are known to install malicious programs on pageview, you're relatively safe. If you check knowledge databases (trendmicro.com, and others) and if you find the virus listed, you will find a complete instruction how to remove remnants in the registry, or a list of dlls that have to be deleted. Damaged or infected system dlls can be downloaded from trustworthy sites on the net. Given, this process can take up to several days, even if you use tools like "hijackthis" to track down viruses, so a reformat may be less complicated. First rule: Even if you have a hardware-firewall, turn off Windows' firewall, then get a serious software firewall, and disable net access for Mediaplayer (or permit access manually each time, without applying rules). Disable/uninstall the VB scripting host, and have an eye on tasks and scheduled tasks on your machine (disable the taskplaner). Take a look at the "Run" section in the registry once in a while, along with a look at the administration tool displaying all the services running on your machine, have an AV-shield running in the background, and use several AV-scanners regularly - since one scanner won't catch each and every Virus, and you'll be fine. Ah you might want to use SHIELDS UP (google) to check your security and scan your port. I got a trojan 3 weeks ago, but the poor tool couldn't pull the actual malware as it got blocked when it tried to connect to the remote site. It kept coming back and masquerading itself as a vital system service, but once I tracked things down, using a removal instruction for registry entries, I got rid of it. Involved some thinking and work, but it saved me a reinstall. Even if there are still rests of the tool/reg entries, they can't do much, as I have like 3 or 4 rules (to permit access) only in my firewall, IE is only allowed to transfer on 2 ports. I'm using an old (puristic) firewall that hasn't been a target of "ship-around"-hacks yet, as too few ppl are using it, and it has no bells and whistles. My 2 cents.
|
|
|
|