[ news_security_news ]
If It Acts Like Malware...
Dan Morrill
Contributing Writer
2007-04-23
 Insider Reports RSS Feed
Then it definitely is not an improvement and should be avoided by everyone who needs to use their PC.
We are testing some RSS readers; web 2.0 based RSS readers and ran across a reader that has a number of interesting side effects.
I will not name the reader until their tech support gets back to me if they ever do, in order to give them time to think about it, and keep everyone out of trouble.
However, be very careful of what any plug in social RSS reader does on your computer. In running into this one we installed it, and were happy starting to play around doing things you do with an RSS reader, set it up, worked with the social aspects of it when all the fans on the computer kicked on and CPU and RAM spiked full capacity on the PC.
We opened up windows task manager to look to find that the RSS reader had spawned five windows threads, plus the master running thread that kept on spawning new threads as we tried to kill them in task manager to get our computer back. When we were able to finally kill off the master controller, we were able to shut down the threads normally.
Then we tried to deinstall it.
The deinstall process that came with the program left behind two browser helper objects that have to be disabled to get control of either IE or Firefox. Otherwise the browser did not reset, the deinstall left the BHO's behind, as well as a non-human readable file in the software's directory. The purge of the registry was also difficult to clean it up. (Remind me to do a restore point before installing software).
Overall, the way it had to be ripped off the system, and the incompleteness of the deinstall routine, along with the behaviors that the software did to the system was remarkably like a malware toolbar or other malware embedded in IE.
Where we like and use toolbars like Google and Stumbled upon, they do not consume an extraordinary number of system resources, nor are they impossible to remove. Most malware leaves many tracks behind it, and working with this RSS reader, the similarity to malware is apparent.
Not all web 2.0 programs are friendly, not all of them are good for computer or human consumption. While this is the first one that we have found that has an unusual set of behaviors on the computer, I am sure that it will not be the first one that we will encounter. Buyer beware, not all things that are free are good, and not all things Web 2.0 are good either.
It will be interesting to see what their service desk says if they come back to me with an answer.
Comments
About the Author:
Dan Morrill has been in the information security field for 18 years, both
civilian and military, and is currently working on his Doctor of Management.
Dan shares his insights on the important security issues of today through
his blog, Managing
Intellectual Property & IT Security, and is an active participant in the
ITtoolbox blogging community.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
